elanrewardsconnect.com

.com crawl

First seen 2026-05-10 · Last seen 2026-05-10 · ok HTTP/1.1 200 3421 ms crawled 2026-05-16

US · 170.135.104.254 · AS3147 U.S. BANCORP

Reputation 100/100

Classifying

HTML metadata

Title: Rewards Card | Card Studio
Language: en

Technology

CDN: Cloudflare

Registration

Registrar

MarkMonitor Inc.

Created

2016-08-22

Expires

2027-08-22 458 days left

Updated

2025-07-21

Name servers

ns2.usbank.com
ns4.usbank.com

DNS records live

NS

ns2.usbank.com
ns4.usbank.com

MX

10 mxa-00256501.gslb.pphosted.com
10 mxb-00256501.gslb.pphosted.com

Email authentication strong

SPF

v=spf1 include:spf.mtasv.net include:usbank.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;rua=mailto:us-bank@rua.agari.com;ruf=mailto:us-bank@ruf.agari.com;fo=1

policy: reject (enforced)

DKIM

s1: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSZJiiysoIslYciiM1+OXj7di6KcQ4k1mqKz0lxpAldydlvHAMQmSulZ4VJjdxOO8TTh6EWWi3WHAlVoTx3Y2…
s2: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1vT2UKT5n4mr84dRD9+L5OgzMx1jfMLjYqCd37XgMUBFE7wpDHBk1zAHTJrTXEblm/KCqNKUmySe5e8…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-02-02 to 2027-03-06

Expires in 289 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.elanrewardsconnect.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' https://cognito-idp.us-east-1.amazonaws.com https://tags.tiqcdn.com https://uat1-onlinebanking.usbank.com/ https://cdn.quantummetric.com/ https://usbank.demdex.net/ https://www.glancecdn.net/ https://storage.glancecdn.net/ https://cobrowse-demo-it.us.bank-dns.com/ https://ingest.quantummetric.com/ https://www.googletagmanager.com/ https://googleads.g.doubleclick.net/ https://snap.licdn.com/ https://*.siteintercept.qualtrics.com/ https://siteintercept.qualtrics.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cognito-idp.us-east-1.amazonaws.com https://tags.tiqcdn.com https://uat1-onlinebanking.usbank.com/ https://cdn.quantummetric.com/ https://usbank.demdex.net/ https://www.glancecdn.net/ https://storage.glancecdn.net/ https://cobrowse-demo-it.us.bank-dns.com/ https://www.googletagmanager.com/ https://ingest.quantummetric.com/ https://custom-mc-tenant-customisation-managed-component.cpi-card-group.workers.dev https://tenant-assets.cpica
strict-transport-security: max-age=15552000; includeSubDomains

Linked from (1)

elanfinancialservices.com×1