online.americanexpress.com Open in urlscan Pro
104.96.138.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
Effective URL:
https://online.americanexpress.com/myca/cvp/action/reviewtxn
Submission: On February 22 via api (February 22nd 2023, 8:22:02 pm UTC) from CH — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 104.96.138.105, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is online.americanexpress.com. The Cisco Umbrella rank of the primary domain is 16858.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 15th 2022. Valid for: a year.

This is the only time online.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.96.138.105 104.96.138.105	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a02:26f0:11a... 2a02:26f0:11a:389::2b19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:dc:... 2a02:26f0:dc:181::2b19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	3

6 104.96.138.105 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-138-105.deploy.static.akamaitechnologies.com

online.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a:389::2b19 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

qwww.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:181::2b19 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

qicm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	americanexpress.com online.americanexpress.com — Cisco Umbrella Rank: 16858	22 KB
2	aexp-static.com 1 redirects qwww.aexp-static.com — Cisco Umbrella Rank: 246447 qicm.aexp-static.com — Cisco Umbrella Rank: 391257	1 KB
10	2

	Domain	Requested by
6	online.americanexpress.com	online.americanexpress.com
1	qicm.aexp-static.com	online.americanexpress.com
1	qwww.aexp-static.com	1 redirects online.americanexpress.com
10	3

This site contains no links.

Subject Issuer	Validity	Valid
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-09-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://online.americanexpress.com/myca/cvp/action/reviewtxn
Frame ID: CC6CCF73F7DB04CB836B6944EDF0E54A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFG... Page URL
https://online.americanexpress.com/myca/cvp/action/reviewtxn Page URL

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

60 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

23 kB
Transfer

85 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840 Page URL
https://online.americanexpress.com/myca/cvp/action/reviewtxn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://qwww.aexp-static.com/nav/ngn/css/amex-ui-kit-font.css HTTP 301
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/amex-ui-kit-font.css

10 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 action Show response
online.americanexpress.com/myca/cvp/ 4 KB
4 KB 650ms
310ms Document
text/html 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

88bbca7ed9f37adcec253aea415262d5a462cd6cac588ef3e863d94b9777ca03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, max-age=1677097312884
content-encoding: gzip
content-language: en-
content-length: 1678
content-type: text/html;charset=UTF-8
date: Wed, 22 Feb 2023 20:21:52 GMT
expires: Wed, 22 Feb 2023 20:21:52 GMT
lastmodified: Wed, 22 Feb 2023 20:21:52 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 3211 0 pmb=mTOE,2
x-frame-options: SAMEORIGIN

GET
H2 200 cvportal_lib_compress.css
online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/css/ 15 KB
4 KB 42ms
42ms Stylesheet
text/css 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/css/cvportal_lib_compress.css

Requested by

Host: online.americanexpress.com
URL: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5113b6c64e6b59d7734375988bc16e6ce1cd0031ffbb84df72b3e235bb68b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:21:53 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 22 Sep 2022 01:56:30 GMT
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3452

GET
H2

200

amex-ui-kit-font.css
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/
Redirect Chain

https://qwww.aexp-static.com/nav/ngn/css/amex-ui-kit-font.css
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/amex-ui-kit-font.css

5 KB
1 KB

707ms
224ms

Stylesheet
text/css

2a02:26f0:dc:181::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/amex-ui-kit-font.css
Requested by: Host: online.americanexpress.com
URL: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
Protocol: H2
Server: 2a02:26f0:dc:181::2b19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: e769fdb22698a7d31835e37365e21b76ee1f1871daf8f5fa0c76d5971d0d894c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:21:54 GMT
content-encoding: br
last-modified: Thu, 09 Feb 2023 06:31:32 GMT
server: Akamai Resource Optimizer
etag: "14b2-5cfb7cf8a7e5b-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 978

Redirect headers

location: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/amex-ui-kit-font.css
date: Wed, 22 Feb 2023 20:21:53 GMT
server: AkamaiGHost
content-length: 0

GET
H2 200 255dc853 Show response
online.americanexpress.com/akam/13/ 26 KB
9 KB 25ms
25ms Script
application/javascript 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.americanexpress.com/akam/13/255dc853

Requested by

Host: online.americanexpress.com
URL: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

b3e4d11443a3d63934054cc1d204d70cc36d4177479de9df14d2c7af1d7bbbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:21:53 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 09 Feb 2022 15:12:22 GMT
etag: "c3269c3fa070460b3bca2fa2e1740f5ca2f11d9bdd99914ef47a92882da1ca9f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8775
expires: Wed, 22 Feb 2023 20:21:53 GMT

GET
H2 200 loading.gif
online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/images/ 3 KB
4 KB 31ms
31ms Image
image/gif 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/images/loading.gif

Requested by

Host: online.americanexpress.com
URL: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

05dbef3494990afa333fd4aa90827f5bb3951b7c030d460e729fbce6a43f3e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:21:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 22 Sep 2022 01:56:30 GMT
accept-ranges: bytes
content-length: 3169
content-type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 Primary Request reviewtxn
online.americanexpress.com/myca/cvp/action/ 22 KB
0 8625ms
8624ms Document
text/html 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.americanexpress.com/myca/cvp/action/reviewtxn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://online.americanexpress.com
Referer: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alb-failover-nimval: 0
cache-control: no-store, max-age=1677097322505
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Wed, 22 Feb 2023 20:22:02 GMT
expires: Wed, 22 Feb 2023 20:22:02 GMT
lastmodified: Wed, 22 Feb 2023 20:22:02 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,2
x-frame-options: SAMEORIGIN

POST
H2 200 pixel_255dc853
online.americanexpress.com/akam/13/ 0
769 B 32ms
30ms XHR
text/html 104.96.138.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.americanexpress.com/akam/13/pixel_255dc853

Requested by

Host: online.americanexpress.com
URL: https://online.americanexpress.com/akam/13/255dc853

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.138.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-138-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://online.americanexpress.com/myca/cvp/action?g=349991398099853&x=007194425118068&o=e&r=1&c=HEIAB12ABCDEFGHIJKLMNOPQ24045840
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Feb 2023 20:21:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
alb-failover-nimval: 0
content-length: 0
content-type: text/html

GET cvportal_lib_compress.css
online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/css/ 0
0

GET amex-ui-kit-font.css
qwww.aexp-static.com/nav/ngn/css/ 0
0

GET 255dc853
online.americanexpress.com/akam/13/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.americanexpress.com
URL: https://online.americanexpress.com/myca/cvp/myca/shared/summary/dcv/cvportal/css/cvportal_lib_compress.css

Domain: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/nav/ngn/css/amex-ui-kit-font.css

Domain: online.americanexpress.com
URL: https://online.americanexpress.com/akam/13/255dc853

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online.americanexpress.com/myca/cvp/	1969-12-31 23:59:59	Name: JSESSIONID Value: fegcYU7yr02NwY2YuYAY673qB0xWY-YXfNONcCXQ.b-a-deployment-48-h9hdd
online.americanexpress.com/myca/cvp/	1969-12-31 23:59:59	Name: TS01b8bd80 Value: 0103f93e5c6567e3dbf6b54becd26a12e7d5def5481990f66a6871c9b9442ce03e251f9e34892c3f71919fffbd81d77f98f538138e49937449d50aeaa434f070ee9e8989b1
online.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0103f93e5cb8c9d6a90c854f042f5fc569a2e0f34e1990f66a6871c9b9442ce03e251f9e34627381d29c4da8905151a4dc53eb7778
.americanexpress.com/	1970-01-20 18:37:13	Name: agent-id Value: 0e4cc155-5366-4bde-8843-154973bd2d29
.americanexpress.com/	1970-01-20 18:37:13	Name: _abck Value: 62F803A51AC2469C2B4C4AD597A55A46~-1~YAAQdVtgaCJwxmuGAQAA0iLKegmzSRHthzmMdmzEDZ8cXLEP3539sOuxqJNsp135APnthPWjmP4ILbOk+AVoaEwJEEMp08uV35C1V8T2/pqQCR0cfKo8pkGXz33uZtVli5vAki7Bitq/Ai+gnRhIFKIs63/S0xTtEh4u4QUAF/7bIZcUq0Pk0tQceahRKhPTjA5CzINGes+a9SFOUfy0OO9An3VA0/1OdnlFeME2CakkD5c+9L5Ml+hunJ1vamwn9C9V0XSsHAq+ZI35V8A9o8YTrnCnm+s+GuKRyVLwgN4S7DWd+bLXmsEcRCpKjt2fWF3vW49NA8YyCfP7Fg9gpx3J+ccZebxnqT+xEAqBUYXgMtcb4UUQ3kJ0Tq0+scHVtJpKzkM=~-1~-1~-1
.americanexpress.com/	1970-01-20 09:51:51	Name: bm_sz Value: 97BA368E73E59974911ACB1D99583330~YAAQdVtgaCVwxmuGAQAA0iLKehLtgu6OKG29XmwUpYnDB2o+UpHA3Y9T1+OmTDBchhiXRJzrLaRxOKfBlxrJ/r4vEzr+3FtuWCi8Dh9fcmpi+N0rWqyiEyIxrPQQ8L1rY2+xbWvsH2ddoHyfsW5I1WHUjOY5ZFBZRWexDarl2WfMUkPlq3c63QhrVRZ+sK4EDOoo7vJqBBjkWIQOCk5fEw2vaS0Spdmwr9oL9VaJmV4M4wK1fydJm1lRYzM3oiidS5tdNK96gcyVBY+U5jwC5lMCxP47K2aL0XIghDwgzU0/rAsCdyiF5xvD0AI=~4343344~4534837
online.americanexpress.com/	1970-01-20 09:51:37	Name: akaalb_online Value: 1677097913~op=online_cvportalweb_LBM:cvportalweb-e3-epaas\|~rv=40~m=cvportalweb-e3-epaas:0\|~os=2e70727914d29b5f6fe52924ba46bd9f~id=a5e3d3154b7750c8e89e7dd1b3cbabe3
.americanexpress.com/	1970-01-20 09:51:44	Name: ak_bmsc Value: 74A77803CEC4C24CA574B951E065CB71~000000000000000000000000000000~YAAQdVtgaKVyxmuGAQAA2ynKehKtMFaxep4jyEHO19/EGZUbJ5wdUrzq6gI3ditMWwoyEfj0S5NLJeXtOh0794c43O2Cekc5rSHprZwUxbX22EFEQKXUbzbzihv8eDdfI9YqOqdoqt+9RHDi6PCp69gOHtXXLIPkj82di6QCnnLWbhwCsnw9ipzbN5N9GVnCYdTd1LqJdjN8p1jPHF93/vwW77T5U9NDNtwr8oa0nuqXkqrsNH012Evq4fABTGW5H3mYWHMoCR0Cb4YwEXPUSfJWaD7+VkAExHDPQN8g03jsEAJSrryimhfEMjuTpIWbDH1Q39WIk3Z303gKhxht2E59/Mvij7QM5pUKIgcGvFZ1NNtF3ioe88B++NTE/hq49onugKFKahIytJU1pxwguOFHP2fKVLNRW3vlWcuLH1u6v3KdGBCiEeoKQwylj91ikqVtkw7lS4lptH0wh/0FUKsO+Hlolg7cra7bEEVPkEdDh/swxpVVQNmoQ/kXyzE7I8NAEMc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.americanexpress.com
qicm.aexp-static.com
qwww.aexp-static.com
online.americanexpress.com
qwww.aexp-static.com
104.96.138.105
2a02:26f0:11a:389::2b19
2a02:26f0:dc:181::2b19
05dbef3494990afa333fd4aa90827f5bb3951b7c030d460e729fbce6a43f3e2f
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
88bbca7ed9f37adcec253aea415262d5a462cd6cac588ef3e863d94b9777ca03
b3e4d11443a3d63934054cc1d204d70cc36d4177479de9df14d2c7af1d7bbbfe
b5113b6c64e6b59d7734375988bc16e6ce1cd0031ffbb84df72b3e235bb68b0d
e769fdb22698a7d31835e37365e21b76ee1f1871daf8f5fa0c76d5971d0d894c

online.americanexpress.com Open in urlscan Pro 104.96.138.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

60 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

23 kBTransfer

85 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

online.americanexpress.com Open in urlscan Pro
104.96.138.105 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

60 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

23 kB
Transfer

85 kB
Size

8
Cookies

10 HTTP transactions
2 data transactions