urlscan.io logo urlscan.io
SecurityTrails logo

uat.cbgrus.uatglobalrewards.com Open in urlscan Pro
159.127.185.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook
Effective URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Submission: On April 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 159.127.185.22, located in United States and belongs to EPSILON-INTERACTIVE, US. The main domain is uat.cbgrus.uatglobalrewards.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 19th 2018. Valid for: 2 years.
This is the only time uat.cbgrus.uatglobalrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 216.68.192.241 6181 (FUSE-NET)
2 4 159.127.185.22 19137 (EPSILON-I...)
11 163.171.128.148 54994 (QUANTILNE...)
7 18.197.253.20 16509 (AMAZON-02)
2 151.101.114.133 54113 (FASTLY)
1 151.101.113.175 54113 (FASTLY)
1 2 15.188.105.205 16509 (AMAZON-02)
1 35.241.45.82 15169 (GOOGLE)
25 7
2    216.68.192.241 (Cincinnati, United States)

ASN6181 (FUSE-NET, US)
PTR: affinion-group.static.fuse.net
gr-uatv1.cxtrvl.com
4    159.127.185.22 (United States)

ASN19137 (EPSILON-INTERACTIVE, US)
uat.cbgrus.uatglobalrewards.com
11    163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)
uat.cbgrus.staticcontent.uatglobalrewards.com
7    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
2    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
resources.digital-cloud-citi.medallia.com
1    151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
metrics1.citibank.com
1    35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Domain Requested by
11 uat.cbgrus.staticcontent.uatglobalrewards.com uat.cbgrus.uatglobalrewards.com
7 nexus.ensighten.com uat.cbgrus.uatglobalrewards.com
nexus.ensighten.com
4 uat.cbgrus.uatglobalrewards.com 2 redirects uat.cbgrus.uatglobalrewards.com
2 metrics1.citibank.com 1 redirects
2 resources.digital-cloud-citi.medallia.com nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
2 gr-uatv1.cxtrvl.com 2 redirects
1 udc-neb.kampyle.com
1 nebula-cdn.kampyle.com resources.digital-cloud-citi.medallia.com
25 8

This site contains no links.

Subject Issuer Validity Valid
*.cbgrus.uatglobalrewards.com
Entrust Certification Authority - L1K		 2018-10-19 -
2020-10-01		 2 years crt.sh
support5.cdnetworks.net
DigiCert SHA2 High Assurance Server CA		 2019-11-01 -
2020-07-02		 8 months crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
*.digital-cloud-citi.medallia.com
SSL.com DV CA		 2018-11-13 -
2020-11-12		 2 years crt.sh
j.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2020-02-28 -
2020-06-11		 3 months crt.sh
metrics1.citibank.com
DigiCert SHA2 High Assurance Server CA		 2020-01-20 -
2021-04-22		 a year crt.sh
*.kampyle.com
RapidSSL RSA CA 2018		 2020-02-11 -
2022-03-06		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Frame ID: 69D2F54AB62C160005FD21DFCFCD648E
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook HTTP 302
    https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr... HTTP 302
    http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

612 kB
Transfer

2278 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook HTTP 302
    https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529-0BF8A05E2DCD809F&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&pccr=true&vidn=2F4EE3340515BB71-600006BDF1C04FC1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529-0BF8A05E2DCD809F&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.htm
uat.cbgrus.uatglobalrewards.com/
Redirect Chain
  • https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook
  • https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx
  • https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx
  • http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
  • https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
50 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.185.22 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
/
Resource Hash
628747dcceee836c492f6dd94e1fd5e3a270c490776f9ae32ee10c42a7a2f960
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
uat.cbgrus.uatglobalrewards.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CSESSIONID=4a4a9cc3a0104f4f88017d8ab88ff5564dc78e544dce2cb30f8c!1241348613
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
X-FRAME-OPTIONS
SAMEORIGIN
Content-Language
co-SPA

Redirect headers

Location
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Server
BigIP
Connection
Keep-Alive
Content-Length
0
Ensighten_Bootstrap_GR.js
uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/ 		1 KB
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/Ensighten_Bootstrap_GR.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.185.22 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
/
Resource Hash
ec9f0dea1200b826bd8f8960cc9ecd5531f9d5215f3576b9cf579f825aaa46d5

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:52:38 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/javascript
main.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/ 		418 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-531
Content-Type
text/css
Via
1.1 PSdgflkfFRA1ox201:9 (W), 1.1 PSdgflkfFRA1gd96:15 (W)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
main_v2.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main_v2.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gi9_31451-51014
Content-Type
text/css
Via
1.1 PSdgflkfFRA1bc200:9 (W), 1.1 PSdgflkfFRA1gd96:5 (W)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
citi-logo-simple.png
uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/citi-logo-simple.png
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Via
1.1 PSdgflkfFRA1ox201:1 (W), 1.1 PSdgflkfFRA1je97:14 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-553
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4515
hero.jpg
uat.cbgrus.staticcontent.uatglobalrewards.com//images/country-selector/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/country-selector/hero.jpg
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Via
1.1 PSdgflkfFRA1hb199:10 (W), 1.1 PSdgflkfFRA1gi91:5 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
Age
631
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-558
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80010
citi-logo-small.jpg
uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/citi-logo-small.jpg
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:28 GMT
Via
1.1 PSdgflkfFRA1ox201:7 (W), 1.1 PSdgflkfFRA1yq93:13 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
Age
631
X-Ws-Request-Id
5e9dc668_PSdgflkfFRA1gd9_13387-562
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2046
main-epsilon.js
uat.cbgrus.staticcontent.uatglobalrewards.com//js/ 		1 MB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//js/main-epsilon.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 21:16:34 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-539
Content-Type
application/javascript
Via
1.1 PSdgflkfFRA1ox201:0 (W), 1.1 PSdgflkfFRA1vg90:0 (W)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
siteFunctions.js
uat.cbgrus.staticcontent.uatglobalrewards.com//cms/js/citirewards/ 		65 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//cms/js/citirewards/siteFunctions.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b166f4071e75041554157224633fb4e00cb1710fda4e7a5d5c0512fbcbebb130

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Via
1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1yq93:15 (W)
Last-Modified
Thu, 05 Sep 2019 14:42:06 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-547
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65
sonar.js
uat.cbgrus.staticcontent.uatglobalrewards.com//js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//js/sonar.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 21:16:34 GMT
Server
PWS/8.3.1.0.8
Age
630
X-Ws-Request-Id
5e9dc667_PSdgflkfFRA1gd9_13387-551
Content-Type
application/javascript
Via
1.1 PSdgflkfFRA1bc200:10 (W), 1.1 PSdgflkfFRA1je97:13 (W)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Bootstrap.js
nexus.ensighten.com/citi/grdev/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/Ensighten_Bootstrap_GR.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
05b58425ba7914a36bdbd5499edc51cb67943b340a74766b36141aac09191161

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:57:28 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 15:06:21 GMT
server
nginx
etag
W/"5da09a6d-d17e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
print.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/print.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
Age
631
X-Ws-Request-Id
5e9dc668_PSdgflkfFRA1gd9_13387-570
Content-Type
text/css
Via
1.1 PSdgflkfFRA1hb199:4 (W), 1.1 PSdgflkfFRA1gi91:10 (W)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
nav_arrow_right_blue.gif
uat.cbgrus.staticcontent.uatglobalrewards.com//css/images/ 		49 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/images/nav_arrow_right_blue.gif
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c

Request headers

Referer
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:57:28 GMT
Via
1.1 PSdgflkfFRA1bc200:9 (W), 1.1 PSdgflkfFRA1je97:8 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
Age
631
X-Ws-Request-Id
5e9dc668_PSdgflkfFRA1gi9_31451-51047
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
InterstateLight.woff
uat.cbgrus.staticcontent.uatglobalrewards.com//css/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/fonts/InterstateLight.woff
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
Origin
https://uat.cbgrus.uatglobalrewards.com

Response headers

Date
Mon, 20 Apr 2020 15:57:28 GMT
Via
1.1 PSdgflkfFRA1ox201:5 (W), 1.1 PSdgflkfFRA1yq93:14 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
Age
631
X-Ws-Request-Id
5e9dc668_PSdgflkfFRA1gd9_13307-16740
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54992
serverComponent.php
nexus.ensighten.com/citi/grdev/ 		379 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grdev/serverComponent.php?r=4686.073642598832&ClientID=1129&PageID=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
becc40f344c1e83e584471d7e36281293f9b10827acc66b3654224a89181fbe8

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 15:57:28 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
379
expires
Mon, 20 Apr 2020 15:57:27 GMT
37143405083e8f6747f0f325d744066b.js
nexus.ensighten.com/citi/grdev/code/ 		80 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
19ecb2a16d665037dae6a321e264d558551a0b0835de2f2595af1dcda536d188

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:57:28 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 15:06:21 GMT
server
nginx
etag
W/"5da09a6d-13eca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
3c6e0a80523e24b4785b721026450880.js
nexus.ensighten.com/citi/grdev/code/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grdev/code/3c6e0a80523e24b4785b721026450880.js?conditionId0=4846617
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f540e1767050c7456562f845c85e9a8e78c3323591950bdaa17a95eee144fa37

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:57:28 GMT
content-encoding
gzip
last-modified
Tue, 16 Jul 2019 19:36:26 GMT
server
nginx
etag
W/"5d2e273a-13e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af4e6c3a8df812f2c36de0741ee51c74dbe3d42a40b27d4a1c783ddf1e93c01d

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
_r_VimBe.jbusaoGAKYTntxEddgt_u7F
content-encoding
gzip
etag
"e24a51f79d6f08609a5a54a694a7f228"
age
17
via
1.1 varnish
x-cache
HIT
status
200
content-length
675
x-amz-id-2
dhfPOOJZWVVyawK/WGGm4bRDYo57o/PLmQlLoWnOCjMCmMEQ8MkVGGFG6/GFFrB1VUQyyqmGwtY=
x-served-by
cache-hhn4079-HHN
last-modified
Tue, 25 Feb 2020 18:59:07 GMT
server
AmazonS3
x-timer
S1587398249.513350,VS0,VE1
date
Mon, 20 Apr 2020 15:57:28 GMT
vary
Accept-Encoding
x-amz-request-id
5BE6A8809DCF694D
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2741171&did=582791&errorName=ReferenceError
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:57:28 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:57:27 GMT
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2739729&did=582649&errorName=ReferenceError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:57:28 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:57:27 GMT
generic1582657146288.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/ 		359 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1582657146288.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
vkehEoLzIodAf2XNylO3xTvTWxzatS6j
content-encoding
gzip
etag
"8b02bd4d5ffa9b2895cf9f41494d15b0"
age
16
via
1.1 varnish
x-cache
HIT
status
200
content-length
61142
x-amz-id-2
m6GgjkuNgI+I57WPWK6wDdy6hRmtOxR5pXhaiE9qWzU32uA8fMSSUrR5LEOYJaKXMh/eQWaLyRs=
x-served-by
cache-hhn4079-HHN
last-modified
Tue, 25 Feb 2020 18:59:07 GMT
server
AmazonS3
x-timer
S1587398249.553781,VS0,VE1
date
Mon, 20 Apr 2020 15:57:28 GMT
vary
Accept-Encoding
x-amz-request-id
6C60C256F59D5B0B
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20tygr_products%2C%20ID%3A47342.&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2739729&did=582649&errorName=DataDefinitionException
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:57:28 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:57:27 GMT
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1582657146288.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:57:28 GMT
content-encoding
gzip
age
0
accept-ranges
bytes
x-cache
MISS, HIT
status
200
x-amz-request-id
9951A5F978E3F1C8
x-amz-id-2
XqVaKHOURU7MwBcpCCMUctvOEFoT/DWescBxrAjf4sZMYSxmxYYg9yZGPXef3JTIqggebmjHsaM=
x-served-by
cache-iad2139-IAD, cache-hhn4072-HHN
access-control-allow-origin
*
last-modified
Tue, 17 Mar 2020 11:10:17 GMT
server
AmazonS3
x-timer
S1587398249.739688,VS0,VE0
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
content-length
5197
x-cache-hits
0, 70991
s15998423709208
metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/
Redirect Chain
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529-0BF8A05E2DCD809F&ce=UTF-8&ns=citinaconsumer&page...
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&pccr=true&vidn=2F4EE3340515BB71-600006BDF1C04FC1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529...
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&pccr=true&vidn=2F4EE3340515BB71-600006BDF1C04FC1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529-0BF8A05E2DCD809F&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:57:28 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 21 Apr 2020 15:57:28 GMT
server
jag
xserver
anedge-65fb49f79-9v6sz
etag
3408911780529143808-4616061410357597242
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 19 Apr 2020 15:57:28 GMT

Redirect headers

date
Mon, 20 Apr 2020 15:57:28 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
302
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 21 Apr 2020 15:57:28 GMT
server
jag
xserver
anedge-65fb49f79-m8vvv
content-type
text/plain;charset=utf-8
location
https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s15998423709208?AQB=1&pccr=true&vidn=2F4EE3340515BB71-600006BDF1C04FC1&ndh=1&t=20%2F3%2F2020%2017%3A57%3A28%201%20-120&fid=20E70899EE553529-0BF8A05E2DCD809F&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 19 Apr 2020 15:57:28 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE1ODczOTgyNDg3NjMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE3MTk4NGYwOTM5Mjk2LTA2NTc3ODAwODI2ZDY2LTM3NjQ3ZTAzLTFkNGMwMC0xNzE5ODRmMDkzYTg5ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL3VhdC5jYmdydXMudWF0Z2xvYmFscmV3YXJkcy5jb20vbG9naW4uaHRtP2F1dG9Mb2dpblBvc3NpYmxlPWZhbHNlIiwid2Vic2l0ZUlkIjogNjgsImZlZWRiYWNrX3V1aWQiOiBudWxsLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI2ZWU0LTZiZjktMzc1YS0zYjYxLWYzZWQtNmZkNy04NTJlLTllNGYiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTU4NzM5ODI0ODYzOCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxODIsImthbXB5bGVfdmVyc2lvbiI6ICIwLjAuMC4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNTg3Mzk4MjQ4NjQyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-tc2h
date
Mon, 20 Apr 2020 15:57:28 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
status
200
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| currentURL object| prodURLs object| script function| countrySelect object| JavascriptProperties object| CMGR object| Utils function| Sonar function| replaceAll string| currentEmail string| sourceCode string| country string| loginStatus string| memberId string| contextPath string| staticContentPath object| pointsExchangeSliderArgs object| transferFeeArgs undefined| snr undefined| snr1 function| callHomePageSonarZones function| callPointsTransferZones function| callIntroRewardsSonarZones function| callOffersPrivilegesSonarZones function| callWaysToEarnSonarZones function| callSecondarySonarZones function| callTertiarySonarZones function| callPointsTransfer function| callIntroRewards function| callOffersPrivileges function| callWaysToEarn function| callSonarZone function| isValid object| vendorSpace object| ensBootstraps object| Bootstrapper object| javaScriptErrors string| sName string| omtr_points string| tloc object| s_hosts number| counter string| s_account string| Currenthost string| host string| accountType object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| omtr_internalDomain string| omtr_charSet string| omtr_timezone string| omtr_currency string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| KAMPYLE_EMBED object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata object| whiteLabelSites number| d object| eo number| y string| j object| s_i_0_citinaconsumer

1 Cookies

Domain/Path Name / Value
uat.cbgrus.uatglobalrewards.com/ Name: CSESSIONID
Value: 4a4a9cc3a0104f4f88017d8ab88ff5564dc78e544dce2cb30f8c!1241348613

1 Console Messages

Source Level URL
Text
console-api log URL: https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908(Line 3)
Message:
searching for products...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gr-uatv1.cxtrvl.com
metrics1.citibank.com
nebula-cdn.kampyle.com
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
uat.cbgrus.staticcontent.uatglobalrewards.com
uat.cbgrus.uatglobalrewards.com
udc-neb.kampyle.com
15.188.105.205
151.101.113.175
151.101.114.133
159.127.185.22
163.171.128.148
18.197.253.20
216.68.192.241
35.241.45.82
05b58425ba7914a36bdbd5499edc51cb67943b340a74766b36141aac09191161
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370
19ecb2a16d665037dae6a321e264d558551a0b0835de2f2595af1dcda536d188
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
628747dcceee836c492f6dd94e1fd5e3a270c490776f9ae32ee10c42a7a2f960
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30
af4e6c3a8df812f2c36de0741ee51c74dbe3d42a40b27d4a1c783ddf1e93c01d
b166f4071e75041554157224633fb4e00cb1710fda4e7a5d5c0512fbcbebb130
becc40f344c1e83e584471d7e36281293f9b10827acc66b3654224a89181fbe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9f0dea1200b826bd8f8960cc9ecd5531f9d5215f3576b9cf579f825aaa46d5
f540e1767050c7456562f845c85e9a8e78c3323591950bdaa17a95eee144fa37
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191