secure03b.chase.com Open in urlscan Pro
159.53.232.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ultimaterewardstravel.chase.com/TravelDisclosures
Effective URL:
https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREAS...
Submission: On July 18 via manual (July 18th 2022, 6:53:06 pm UTC) from IN — Scanned from NL

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 42 HTTP transactions. The main IP is 159.53.232.23, located in United States and belongs to JPMORGAN-AS10934, US. The main domain is secure03b.chase.com. The Cisco Umbrella rank of the primary domain is 57290.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 25th 2022. Valid for: a year.

This is the only time secure03b.chase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	23.36.163.250 23.36.163.250	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2600:9000:225... 2600:9000:2251:de00:1b:a923:3d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	159.53.83.187 159.53.83.187	7743 (JPMORGAN-...) (JPMORGAN-AS7743)
1 1	159.53.232.13 159.53.232.13	10934 (JPMORGAN-...) (JPMORGAN-AS10934)
3	159.53.232.23 159.53.232.23	10934 (JPMORGAN-...) (JPMORGAN-AS10934)
1	34.199.13.111 34.199.13.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
14	23.36.163.249 23.36.163.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
42	9

11 23.36.163.250 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-250.deploy.static.akamaitechnologies.com

ultimaterewardstravel.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2251:de00:1b:a923:3d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

execution-360-cicolusp.cxtrvl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.83.187 (United States) 1 redirects

ASN7743 (JPMORGAN-AS7743, US)

ultimaterewardspoints.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.232.13 (United States) 1 redirects

ASN10934 (JPMORGAN-AS10934, US)

secure.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.53.232.23 (United States)

ASN10934 (JPMORGAN-AS10934, US)

secure03b.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.13.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-13-111.compute-1.amazonaws.com

bf63229jlf.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com

static.chasecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	chase.com 3 redirects ultimaterewardstravel.chase.com — Cisco Umbrella Rank: 138861 ultimaterewardspoints.chase.com — Cisco Umbrella Rank: 24842 secure.chase.com — Cisco Umbrella Rank: 49095 secure03b.chase.com — Cisco Umbrella Rank: 57290	1 MB
14	chasecdn.com static.chasecdn.com — Cisco Umbrella Rank: 8461	794 KB
8	cxtrvl.com execution-360-cicolusp.cxtrvl.com — Cisco Umbrella Rank: 126916	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	450 B
1	dynatrace.com bf63229jlf.bf.dynatrace.com — Cisco Umbrella Rank: 147138	484 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
42	7

	Domain	Requested by
14	static.chasecdn.com	secure03b.chase.com static.chasecdn.com
11	ultimaterewardstravel.chase.com	1 redirects ultimaterewardstravel.chase.com
8	execution-360-cicolusp.cxtrvl.com	ultimaterewardstravel.chase.com execution-360-cicolusp.cxtrvl.com
3	secure03b.chase.com	ultimaterewardstravel.chase.com secure03b.chase.com
2	www.google-analytics.com	ultimaterewardstravel.chase.com
1	stats.g.doubleclick.net	ultimaterewardstravel.chase.com
1	bf63229jlf.bf.dynatrace.com	ultimaterewardstravel.chase.com
1	secure.chase.com	1 redirects
1	ultimaterewardspoints.chase.com	1 redirects
1	fonts.googleapis.com	ultimaterewardstravel.chase.com
42	10

This site contains no links.

Subject Issuer	Validity	Valid
ultimaterewardstravel.chase.com Entrust Certification Authority - L1M	`2021-10-06` - `2022-10-06`	a year	crt.sh
execution-360-cicolusp.cxtrvl.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
secure03b.chase.com Entrust Certification Authority - L1M	`2022-03-25` - `2023-03-25`	a year	crt.sh
*.bf.dynatrace.com Amazon	`2022-01-08` - `2023-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
static.chasecdn.com Entrust Certification Authority - L1M	`2021-10-22` - `2022-10-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures
Frame ID: B63B3F21482604ECDFAA985F8E6F3D52
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chase Online

Page URL History Show full URLs

https://ultimaterewardstravel.chase.com/TravelDisclosures HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures Page URL
https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2F... HTTP 302
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625... HTTP 302
https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

42
Requests

95 %
HTTPS

40 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

2310 kB
Transfer

12126 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ultimaterewardstravel.chase.com/TravelDisclosures HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures Page URL
https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2FHandlers%2FReceptionDesk.ashx%3Fpage%3Dtraveldisclosures HTTP 302
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures HTTP 302
https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ultimaterewardstravel.chase.com/TravelDisclosures HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://ultimaterewardstravel.chase.com/TravelDisclosures
https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

9 KB
4 KB

251ms
251ms

Document
text/html

23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

3e1a52436cca0f0c1ffca9196f2bdd045bb665bf023aeffc3a061ad19d01b26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 3219
content-type: text/html; charset=utf-8
date: Mon, 18 Jul 2022 18:53:01 GMT
expires: -1
pragma: no-cache
server-timing: dtSInfo;desc="0", dtRpid;desc="1870726405"
strict-transport-security: max-age=15552001
temp-origin
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: DENY
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-type: text/html; charset=utf-8
date: Mon, 18 Jul 2022 18:53:01 GMT
location: /login?returnUrl=/TravelDisclosures
server-timing: dtSInfo;desc="0", dtRpid;desc="1369727438"
strict-transport-security: max-age=15552001
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H2 200 ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js Show response
ultimaterewardstravel.chase.com/ 239 KB
90 KB 97ms
96ms Script
text/javascript 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

551d6fdc92d330f73f7b1b18554fd619d72aa8e883f8192a05f6466049ae58b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
date: Mon, 18 Jul 2022 18:53:01 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
x-ua-compatible: IE=Edge
content-length: 91377
x-xss-protection: 1; mode=block
expires: Tue, 04 Jul 2023 13:38:09 GMT

GET
H2 200 main.LTR.zz-zz.css
ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/ 3 MB
246 KB 52ms
50ms Stylesheet
text/css 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/main.LTR.zz-zz.css?v=299000218

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f16879726a0be8383df95639b76c3ee9f4f468b031695e5ac96df8fd73e016e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Jun 2022 16:12:00 GMT
etag: "04866f96482d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Mon, 18 Jul 2022 18:53:01 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="2046688758"
temp-origin
accept-ranges: bytes
content-length: 250975
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 all.frameworks.min.js Show response
ultimaterewardstravel.chase.com/Widgets/Resources/Min/ 687 KB
197 KB 227ms
225ms Script
application/javascript 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.frameworks.min.js?v=299000218

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

12d14c3bd5afc082dfe97ff43b05e9e69c5dbbd3a02b97f74b2be37ecf7bd1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Jun 2022 16:12:58 GMT
etag: "061f81b6582d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=31536000
date: Mon, 18 Jul 2022 18:53:01 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1022705605"
temp-origin
accept-ranges: bytes
content-length: 200980
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 all.min.js Show response
ultimaterewardstravel.chase.com/Widgets/Resources/Min/ 2 MB
541 KB 119ms
118ms Script
application/javascript 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.min.js?v=299000218

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

294dc733fe7de0962396301ec308456dca45f2a77754f3050ba9006b405967f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Jun 2022 16:13:16 GMT
etag: "0f6b2266582d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=31536000
date: Mon, 18 Jul 2022 18:53:01 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="180537852"
temp-origin
accept-ranges: bytes
content-length: 552335
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 JavascriptInitialization.ashx
ultimaterewardstravel.chase.com/Handlers/ 97 KB
16 KB 357ms
356ms Script
application/javascript 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?v=145a3ada-65c0-4bbb-a80d-5bc78bfcb283&l=en-us

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
date: Mon, 18 Jul 2022 18:53:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private
server-timing: dtSInfo;desc="0", dtRpid;desc="1088359238"
x-ua-compatible: IE=Edge
temp-origin
content-length: 16488
x-xss-protection: 1; mode=block
expires: Mon, 18 Jul 2022 22:53:01 GMT

GET
H2 200 JavascriptInitialization.ashx
ultimaterewardstravel.chase.com/Handlers/ 16 KB
4 KB 291ms
290ms Script
application/javascript 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?id=664&v=145a3ada-65c0-4bbb-a80d-5bc78bfcb283&l=en-us

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
date: Mon, 18 Jul 2022 18:53:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private
server-timing: dtSInfo;desc="0", dtRpid;desc="1779423539"
x-ua-compatible: IE=Edge
temp-origin
content-length: 4154
x-xss-protection: 1; mode=block
expires: Mon, 18 Jul 2022 22:53:01 GMT

GET
H2 200 ot-all.min.js Show response
execution-360-cicolusp.cxtrvl.com/js/ 21 KB
9 KB 258ms
34ms Script
application/javascript 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a10d57dfe2a510a1a1b169dfd8f127a761dadb6c2b48da721cfbbbe5d99461b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:52:55 GMT
content-encoding: gzip
age: 6
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA60-P3
sas-service-response-flag: true
x-amz-cf-id: f8b4c81Ns6I8u5G72F3axhlsnI1eQPhlV50VOqs_Nr-gTspg1qznJw==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700&display=swap

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/main.LTR.zz-zz.css?v=299000218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:53:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Jul 2022 18:53:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Jul 2022 18:53:01 GMT

GET
H2 200 ot-min.js
execution-360-cicolusp.cxtrvl.com/js/ 172 KB
41 KB 40ms
40ms Script
application/javascript 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:42:17 GMT
content-encoding: gzip
age: 644
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA60-P3
sas-service-response-flag: true
x-amz-cf-id: zl3M2RMZvJ-V2YQGeXl5LFDtlyF9kqQxTJfdsQndJuxcwmzlKqfshA==

GET
H2 200 svg-sprite.en-us.svg
ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/images/ 100 KB
38 KB 237ms
236ms XHR
image/svg+xml 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/images/svg-sprite.en-us.svg?v=299000218

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-dtpc: 3$370381671_898h2vENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0e0

Response headers

strict-transport-security: max-age=15552001
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jan 2022 20:08:22 GMT
etag: "0bfb2cc8214d81:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 18 Jul 2022 18:53:02 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-1095274437"
temp-origin
accept-ranges: bytes
content-length: 38183
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

POST
H2 200 /
ultimaterewardstravel.chase.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/ 14 KB
2 KB 223ms
222ms XHR
application/json 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-dtpc: 3$370381671_898h3vENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0e0

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
server-timing: dtSInfo;desc="0", dtRpid;desc="-1943929781", dtTao;desc="1"
content-length: 1995
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
x-compressresponsestream: gzip
vary: Accept-Encoding
strict-transport-security: max-age=15552001
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: private
temp-origin: https://ultimaterewardstravel.chase.com
timing-allow-origin: *

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.min.js?v=299000218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6662
date: Mon, 18 Jul 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Jul 2022 19:02:00 GMT

POST
H2 200 /
ultimaterewardstravel.chase.com/Services/HelperServices/CltsSessionManagementService.svc/getitem/ 27 B
436 B 213ms
213ms XHR
application/json 23.36.163.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Services/HelperServices/CltsSessionManagementService.svc/getitem/

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.250 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-dtpc: 3$370381671_898h4vENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0e0

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
server-timing: dtSInfo;desc="0", dtRpid;desc="-326725306", dtTao;desc="1"
content-length: 46
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
x-compressresponsestream: gzip
vary: Accept-Encoding
strict-transport-security: max-age=15552001
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: private
temp-origin: https://ultimaterewardstravel.chase.com
timing-allow-origin: *

GET
H/1.1

200

Primary Request / Show response
secure03b.chase.com/web/auth/
Redirect Chain

https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2FHandlers%2FReceptionDesk.ashx%3Fpage%3Dtraveldisclosures
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe...
https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB...

392 KB
186 KB

1004ms
250ms

Document
text/html

159.53.232.23
JPMORGAN-AS10934

General

Check archive.org

Show headers Download Go to

Full URL

https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?id=664&v=145a3ada-65c0-4bbb-a80d-5bc78bfcb283&l=en-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.23 , United States, ASN10934 (JPMORGAN-AS10934, US),

Reverse DNS

Software

Resource Hash

09297f0cb28c046ee365c0ebfc12ff55321e31262a5b1e1fe6db8c37433f60cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/TravelDisclosures
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate,private
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Jul 2022 18:53:04 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-B3-TraceId: 369441dd120795a98e7335205f047aac
X-Content-Security-Policy: frame-ancestors 'none'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true
x-app-info: bv=DPS/dps-auth/release%2F2022.07.17-67; pd=c2p3
x-trace-id: YtWsEOCk4mouiFrIDTMC-wAAAFc

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 555
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Jul 2022 18:53:03 GMT
Keep-Alive: timeout=60, max=5000
Location: https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-trace-id: YtWsD_TlMTHJBtndd1xVfQAAAPs

POST
H2 200 bf
bf63229jlf.bf.dynatrace.com/ 208 B
484 B 324ms
102ms Ping
text/plain 34.199.13.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf63229jlf.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_3_sn_D051A329EAB91E0D4710ED8B09E9CF04_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1&svrid=3&flavor=cors&vi=ENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0&modifiedSince=1658151481943&rf=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2FTravelDisclosures&bp=3&app=a39a87d71c97b73a&crc=538293248&en=qip3pldm&end=1
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.13.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-13-111.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ultimaterewardstravel.chase.com
x-oneagent-js-injection: true
date: Mon, 18 Jul 2022 18:53:02 GMT
cache-control: no-cache
content-length: 208
content-type: text/plain;charset=utf-8

GET
H2 200 1658170381888
execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/ 75 KB
15 KB 150ms
150ms Script
application/javascript 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/1658170381888?version=1.1.0&domain=ultimaterewardstravel.chase.com&p=%2Flogin&params=returnUrl%3D%2FTravelDisclosures&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2FTravelDisclosures&requestedfile=%2Flogin&cts=1658170381888&tzo=0&platform=Win32&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=2435&bsz=1600x1200&tab_id=504675912204
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
content-encoding: gzip
sas-service-response-flag: true
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: LQS_TyigoIiklbKYdXKZ0RGMbF9aR6KkyinMj14kNjkl-KzuLGIUiQ==
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)

POST
H2 200 collect
www.google-analytics.com/j/ 4 B
220 B 38ms
38ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1162605254&t=pageview&_s=1&dl=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2FTravelDisclosures&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABCAAAAC~&jid=1665934372&gjid=1167939015&cid=442798080.1658170382&tid=UA-50459656-5&_gid=1011511936.1658170382&_r=1&_slc=1&z=1787172914

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimaterewardstravel.chase.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:53:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
450 B 98ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50459656-5&cid=442798080.1658170382&jid=1665934372&gjid=1167939015&_gid=1011511936.1658170382&_u=IEBAAAAACAAAAC~&z=954316604

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimaterewardstravel.chase.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Jul 2022 18:53:02 GMT
content-type: text/plain
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/p/ 87 B
1 KB 133ms
132ms Script
application/javascript 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/p/b2a8ee90e0000138a2a5865c?version=1.1.0&domain=ultimaterewardstravel.chase.com&p=%2Flogin&params=returnUrl%3D%2FTravelDisclosures&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2FTravelDisclosures&requestedfile=%2Flogin&platform=Win32&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 87
x-amz-cf-id: 27HXvhKT1VVajOMggXiauhMW1LLfFzRRiUiqjV6k4SYh_i0edqxzZA==

POST
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 2 B
1 KB 305ms
305ms XHR
text/plain 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: dEk2oegZFGeVM9dDfXGfuBF-sjxsYqZfUGW1YNUvpGuan0U-29LdRg==

GET
H2 200 ot-api.min.js
execution-360-cicolusp.cxtrvl.com/js/ 63 KB
20 KB 36ms
36ms Script
application/javascript 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-api.min.js
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:27:29 GMT
content-encoding: gzip
age: 1533
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA60-P3
sas-service-response-flag: true
x-amz-cf-id: MKyJEzt4tg3oTnpCgCU96clTp9KR2Abe8ip_mCOgQQJeqgWS_XmLPg==

GET
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/c/ 335 B
1 KB 138ms
137ms XHR
application/json 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c?domain=ultimaterewardstravel.chase.com&vid=0907160c08c4024a40f4fd9d&sid=fbcc14c0c46b23253d743a8c&hb=6&loadId=992489e240357e560a523e42&p=%2Flogin&params=returnUrl%3D%2FTravelDisclosures&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2FTravelDisclosures&cts=1658170382417&tzo=0&platform=Win32&port=&protocol=https&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=110004&bsz=1600x1200&tab_id=504675912204&java_enabled=false&flash_enabled=false
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 335
x-amz-cf-id: KAP3g0SUJg887ejf9wGOZEfOAfUAi9bfjNC5wjOWZNc8ZvTAHwzrmg==

POST
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 2 B
1 KB 306ms
306ms XHR
text/plain 2600:9000:2251:de00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Jul 2022 18:53:02 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: wHowbIGKyN6mIr-7Iu9_Chs4qRMdzGma_0NnH0z7qHidbtOrkuHAcA==

GET
H/1.1 200
OK ruxitagentjs_ICA2fhqru_10233220201140653.js Show response
secure03b.chase.com/events/ 180 KB
79 KB 230ms
230ms Script
text/javascript 159.53.232.23
JPMORGAN-AS10934

General

Check archive.org

Show headers Download Go to

Full URL

https://secure03b.chase.com/events/ruxitagentjs_ICA2fhqru_10233220201140653.js

Requested by

Host: secure03b.chase.com
URL: https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.23 , United States, ASN10934 (JPMORGAN-AS10934, US),

Reverse DNS

Software

Resource Hash

752a05d54ecdc6353aff41c94795fb382c68efd829319717f3fd77f7c5699c5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 18:53:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'none'
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-trace-id: YtWsEV4MlkvJNFykbf0UgAAAAJw
Pragma: no-cache
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'none'
Keep-Alive: timeout=60, max=4271
Expires: Tue, 18 Jul 2023 18:53:05 GMT

GET
H2 200 appConfig.js Show response
static.chasecdn.com/web/2022.07.17-189/logon/js/ 21 KB
6 KB 163ms
46ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.07.17-189/logon/js/appConfig.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

59484e7b8440bbec3ff9b7627d23fb5bccc4a76d8d78829c432b688a77a5a9ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 5308
x-xss-protection: 1; mode=block
x-trace-id: YtMnKIDmY_muZ13AjZMJ2gAAAZ4
last-modified: Sat, 16 Jul 2022 21:01:30 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "55fb-5e3dfe07c2dc0"
accept-ranges: bytes
expires: Sun, 16 Jul 2023 21:01:28 GMT

GET
H2 200 mds-chase-icons.css
static.chasecdn.com/web/library/@mds/chase-web-icons/7.4.0/dist/iconfont/ 24 KB
4 KB 33ms
33ms Stylesheet
text/css 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@mds/chase-web-icons/7.4.0/dist/iconfont/mds-chase-icons.css

Requested by

Host: static.chasecdn.com
URL: https://static.chasecdn.com/web/2022.07.17-189/logon/js/appConfig.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2910270956080e41e623d0ac738bd541299c7e34f4806ef35e9fb63936084ff4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 3657
x-xss-protection: 1; mode=block
x-trace-id: Yr4Cj5Vcj7z2QAEijir8TwAAABQ
last-modified: Thu, 30 Jun 2022 20:07:43 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "5e98-5e2ad0f1de690"
accept-ranges: bytes
expires: Fri, 30 Jun 2023 20:07:43 GMT

GET
H2 200 blue-ui.css Show response
static.chasecdn.com/web/library/@seur/cxo-common-assets/1.0.4/dist/common/assets/ 616 KB
47 KB 131ms
38ms XHR
text/css 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-common-assets/1.0.4/dist/common/assets/blue-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

bb6dac59b83d7f30ef7baf939b909836c20092dd81fe5b1a7f8ac6dc1651f464

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 47796
x-xss-protection: 1; mode=block
x-trace-id: YiuSiCoJ4JBJYcETae_SRAAAACI
last-modified: Fri, 11 Mar 2022 18:18:51 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "9a1f2-5d8145ab04400"
accept-ranges: bytes
expires: Sat, 11 Mar 2023 18:18:48 GMT

GET
H2 200 logon.css
static.chasecdn.com/web/2022.07.17-189/logon/assets/ 159 KB
16 KB 251ms
159ms XHR
text/css 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.07.17-189/logon/assets/logon.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 16360
x-xss-protection: 1; mode=block
x-trace-id: YtMnKME0Ylk6PKtSnV_bSwAAAbU
last-modified: Sat, 16 Jul 2022 21:01:29 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "27c20-5e3dfcf51a5c0"
accept-ranges: bytes
expires: Sun, 16 Jul 2023 21:01:28 GMT

GET
H2 200 main-ver.js
static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/ 58 KB
13 KB 251ms
160ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 12969
x-xss-protection: 1; mode=block
x-trace-id: Yan7w@qJp@SoXT-fhbxmkwAAADs
last-modified: Fri, 03 Dec 2021 11:13:33 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "e640-5cba86d678b80"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 11:13:07 GMT

GET
H2 200 main.js
static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/ 346 KB
84 KB 236ms
146ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 85207
x-xss-protection: 1; mode=block
x-trace-id: YXdmE0HjfykPheDACCb2uAAAABQ
last-modified: Tue, 26 Oct 2021 02:21:32 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "56638-5c9256fba3340"
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:21:07 GMT

GET
H2 200 main.js
static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/ 134 KB
35 KB 248ms
159ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 34927
x-xss-protection: 1; mode=block
x-trace-id: YTt5cjNEVn1zIkw9GEYO@QAAAE4
last-modified: Fri, 10 Sep 2021 15:28:07 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "216f0-5c932db478b00"
accept-ranges: bytes
expires: Sat, 10 Sep 2022 15:27:46 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/ 114 KB
25 KB 162ms
74ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b0684f41f28ecfa0d4ec0096df19146ba3c19a4910765741c115645dd4b1fff5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 25501
x-xss-protection: 1; mode=block
x-trace-id: Yan@K0KRZ@jJh5hm8Oa4YAAAAMU
last-modified: Fri, 03 Dec 2021 11:23:50 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "1c752-5cba95693ed80"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 11:23:23 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/ 30 KB
9 KB 194ms
106ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

76744b23c078613353e0e3abf9b8a56fce1bf0b8cbebc0ec52baa7e2d0ed9ae7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 8909
x-xss-protection: 1; mode=block
x-trace-id: Yan4rg@zbP@hQlgecu264wAAACM
last-modified: Fri, 03 Dec 2021 11:00:06 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "7984-5cba9e32f6940"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 10:59:58 GMT

GET
H2 200 view.js Show response
static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/ 265 KB
66 KB 199ms
111ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/view.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4c9c1b27c9999fc30a7f9ab2863dcff48cc4c1ad948a1f598ca9784781290c3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 67261
x-xss-protection: 1; mode=block
x-trace-id: YXG0-9gJC7E0@H7J5F4kqgAAACQ
last-modified: Thu, 21 Oct 2021 18:45:03 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "42278-5c8d3e13bca80"
accept-ranges: bytes
expires: Fri, 21 Oct 2022 18:44:15 GMT

GET
H2 200 boot_bf405d39a3a42fb02fd365e64f5b2bff.js Show response
static.chasecdn.com/web/hash/logon/js/ 2 MB
239 KB 199ms
113ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/logon/js/boot_bf405d39a3a42fb02fd365e64f5b2bff.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8df70ddc10fb8af8def2d0435b0d865009114a3d1975ca8848d28c3b05f7cbcd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 243649
x-xss-protection: 1; mode=block
x-trace-id: YtBLtwpXlzPmnBM2mvw2ZwAAAJo
last-modified: Thu, 14 Jul 2022 17:00:59 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "1abcd2-5e3b43cf71f00"
accept-ranges: bytes
expires: Fri, 14 Jul 2023 17:00:39 GMT

GET
H2 200 main_bdda7613e57246464051837fe6e677df.js Show response
static.chasecdn.com/web/hash/appkit/js/ 267 KB
62 KB 210ms
124ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/appkit/js/main_bdda7613e57246464051837fe6e677df.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6a86a50b04aeba86a47b5f18a5728dfce02d6c27916350a0e51e47f5c24bc8bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 62472
x-xss-protection: 1; mode=block
x-trace-id: Yn5qI8AHBdtDDbjz35OiSQAAAJU
last-modified: Fri, 13 May 2022 14:24:36 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "42c48-5dec534c802c0"
accept-ranges: bytes
expires: Sat, 13 May 2023 14:24:35 GMT

GET
H2 200 main.js
static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.13.21/common/js/kit/ 676 KB
141 KB 218ms
133ms XHR
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.13.21/common/js/kit/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 143761
x-xss-protection: 1; mode=block
x-trace-id: Ys1pOEVV3MVTkSkp1sYq-AAAAZE
last-modified: Tue, 12 Jul 2022 17:40:48 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:05 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "a9031-5e3887c3d41c0"
accept-ranges: bytes
expires: Wed, 12 Jul 2023 12:29:44 GMT

POST
H/1.1 200
OK rb_f080783c-7a3e-490c-84ba-346ef2d12e98 Show response
secure03b.chase.com/events/ 120 B
940 B 108ms
108ms XHR
text/plain 159.53.232.23
JPMORGAN-AS10934

General

Check archive.org

Show headers Download Go to

Full URL

https://secure03b.chase.com/events/rb_f080783c-7a3e-490c-84ba-346ef2d12e98?type=js3&sn=v_4_srv_4_sn_D051A329EAB91E0D4710ED8B09E9CF04_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1_app-3A408c704037bea1da_1&svrid=4&flavor=post&vi=ENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0&modifiedSince=1657806639303&rf=https%3A%2F%2Fsecure03b.chase.com%2Fweb%2Fauth%2F%3Flogoff%26TYPE%3D33554433%26REALMOID%3D06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a%26GUID%3D%26SMAUTHREASON%3D0%26METHOD%3DGET%26SMAGENTNAME%3D-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%252bKUGU%252b3DP7%252f%252b4Ugtd1hZ8E%252bgjFwxDdAYoKVA6XSHpJmKebQTOJmL%26TARGET%3D-SM-HTTPS%253a%252f%252fultimaterewardspoints%252echase%252ecom%252finitialize--session%253furl%253dhttps-%253A-%252F-%252Fultimaterewardstravel%252echase%252ecom-%252FSH-%252FHandlers-%252FReceptionDesk%252eashx-%253Fpage-%253Dtraveldisclosures&bp=3&app=408c704037bea1da&crc=1538841002&en=nsxooafs&end=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.23 , United States, ASN10934 (JPMORGAN-AS10934, US),

Reverse DNS

Software

Resource Hash

791358f83251268c9e05585b5ea88a3032574f7ac8584138de696f7de5dff61a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure03b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-oGaiSECBzNLCwnS387KA80b5qOTasvG9QJ2jaJFaB2Pe%2bKUGU%2b3DP7%2f%2b4Ugtd1hZ8E%2bgjFwxDdAYoKVA6XSHpJmKebQTOJmL&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Dtraveldisclosures
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 Jul 2022 18:53:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 120
X-XSS-Protection: 1; mode=block
x-trace-id: YtWsEX_4lYm2TRFO_ystrAAAAko
Pragma: no-cache
Access-Control-Allow-Headers: x-jpmc-csrf-token,Content-Type,origin
X-Frame-Options: DENY
Access-Control-Max-Age: 5
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure03b.chase.com
Cache-Control: no-cache,no-store,must-revalidate,private
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'none'
Keep-Alive: timeout=60, max=4767
X-Content-Security-Policy: frame-ancestors 'none'

GET
H2 200 blue-ui.css
static.chasecdn.com/web/library/@seur/cxo-common-assets/1.0.4/dist/common/assets/ 616 KB
47 KB 34ms
33ms Stylesheet
text/css 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-common-assets/1.0.4/dist/common/assets/blue-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-249.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b3d664c913fe44edad00fee07b600c6f7f4440ae1c9981c0bfdd9f332bec3f0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure03b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 47796
x-xss-protection: 1; mode=block
x-trace-id: YiuSiCoJ4JBJYcETae_SRAAAACI
last-modified: Fri, 11 Mar 2022 18:18:51 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 18 Jul 2022 18:53:06 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "9a1f2-5d8145ab04400"
accept-ranges: bytes
expires: Sat, 11 Mar 2023 18:18:48 GMT

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET logon.css
static.chasecdn.com/web/2022.07.17-189/logon/assets/ 0
0

GET main-ver.js
static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/2022.07.17-189/logon/assets/logon.css

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ultimaterewardstravel.chase.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mcumhi24uizsyh2mlp212fdt
.chase.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 165817038167454O88NULGCGT8PI4NNS09DAHU82SNSRA
.ultimaterewardstravel.chase.com/	1970-01-20 22:07:22	Name: _ga Value: GA1.3.442798080.1658170382
.ultimaterewardstravel.chase.com/	1970-01-20 04:37:36	Name: _gid Value: GA1.3.1011511936.1658170382
.ultimaterewardstravel.chase.com/	1970-01-20 04:36:10	Name: _gat_clts0 Value: 1
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_VS_3.b2a8ee90e0000138a2a5865c Value: fbcc14c0c46b23253d743a8c
execution-360-cicolusp.cxtrvl.com/	1970-01-20 22:07:22	Name: _SI_VID_3.b2a8ee90e0000138a2a5865c Value: 0907160c08c4024a40f4fd9d
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_DID_3.b2a8ee90e0000138a2a5865c Value: 24ba8950-4f07-3baa-ac0a-dbfd0819bc1a
.chase.com/	1970-01-20 22:07:22	Name: _SI_VID_1.b2a8ee90e0000138a2a5865c Value: 0907160c08c4024a40f4fd9d
.chase.com/	1969-12-31 23:59:59	Name: _SI_DID_1.b2a8ee90e0000138a2a5865c Value: 24ba8950-4f07-3baa-ac0a-dbfd0819bc1a
.ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ULTREWTRACKCOOKIE Value: ULTREWCDC1WEB12
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: t2cdc1_3577 Value: !tupE2fRukD8P4aoi+fMLYsfqDzgRFSsYCX4+dAZHXvv5w9jzKxHBhQ1zHABZM5U3i51WOiAMsfThpvI=
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ppwaf_3577 Value: !8Jd2uUrpdS88y9ppkMZrsWi/K1IqXo7osfOywpUbkkPA6fDUWkfBQw5Pk+QIrZ0JY5rjSYOBzkf3nl4=
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: TS013478ad Value: 0199a628fe2828cb2587b07d6643f5be2b6398a49f6edc78081dbee63a3f33a8b1999ff2b77e56224c83a62bc648f80b1bc000a666
.ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: TS0141f74b Value: 0199a628fe2828cb2587b07d6643f5be2b6398a49f6edc78081dbee63a3f33a8b1999ff2b77e56224c83a62bc648f80b1bc000a666
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ppnet_3577 Value: !RUWVt8D0liWiEKckOJ17U902blzX9kG4xau+lNkyNm8Hwnuo/OcE9HdondvXsZodQJ2Ff7i0boPIeA==
execution-360-cicolusp.cxtrvl.com/	1970-01-20 04:46:15	Name: AWSALBCORS Value: Pmx0C5SqF9FyHPTgILqcygikaPnp0LnANp08wK6R+CjuIOOIjtpUacUJ5pUvYPVskS9Fq0ktrbY5DJcRWhq7fwQ468EiVbaLN3MYQUiUpaHYMhUK9Yr/M48D2UP4xT6/iQtB3x3ECoGW7LRLYinu3r/4YAzhLSX1UEYT7L5ur5m7sOvnisbXpisGXHDKLQ==
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_SID_3.b2a8ee90e0000138a2a5865c Value: fbcc14c0c46b23253d743a8c.1658170382799.438
.chase.com/	1970-01-20 13:21:46	Name: PC_1_0 Value: locale%3Den_us%7Cpfid%3D%7Csegment%3D%7CAOC%3D%7Cpm%3D%7Capc%3D%7C
.chase.com/	1969-12-31 23:59:59	Name: preredirect Value: HTTPS%3A%2F%2Fultimaterewardspoints.chase.com%2Finitialize-session%3Furl%3Dhttps%253A%252F%252Fultimaterewardstravel.chase.com%252FSH%252FHandlers%252FReceptionDesk.ashx%253Fpage%253Dtraveldisclosures
.chase.com/	1969-12-31 23:59:59	Name: dps-pod-id Value: B03
.chase.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_4_sn_D051A329EAB91E0D4710ED8B09E9CF04_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1_app-3A408c704037bea1da_1
.chase.com/	1970-01-20 13:22:07	Name: d8Gbsq7y Value: AIogqBKCAQAAYnQMyVvytdDr1vhKxaCeYn-ZHW6sTPWJnrxB1ktMk_9c2DqD\|1\|0\|94ad42cbce3006c2a0cc243a24b73823fe82f750
secure03b.chase.com/	1969-12-31 23:59:59	Name: TS0148602f Value: 0174783928bde9931694e52d59fd8534aeb130264e392f3fe8cf25f7bbc63034c90d3157f746254b06b7df993f97d54a0ed09d4c06
.chase.com/	1969-12-31 23:59:59	Name: TS013a2c79 Value: 0174783928e4946d7047d641efb97db717e0d47e33392f3fe8cf25f7bbc63034c90d3157f746aaaf95c3ba341b729b75747a387917e962b83e5a388452717fede75e9d913d3a427b31bfe2038152f90a88a2ce440d83c1f14b8845845b3a84860049cec59c7079a0b86d537f0cc0d6a85002481798674a990df91712c8ec5a635a512d14a42699ced785c0651736d71e4738ac0a88cca58e7ef8b40567e56f4408d99ff5a6
.chase.com/	1969-12-31 23:59:59	Name: TS01243d90 Value: 0174783928c1e55afe78d9889cfeeef42cc49501cd392f3fe8cf25f7bbc63034c90d3157f7beab4abacf71eda1d47ba4fbddd0f6b200b8f41e33ceffb7f1db67913193485a
.chase.com/	1969-12-31 23:59:59	Name: _SI_SID_1.b2a8ee90e0000138a2a5865c Value: fbcc14c0c46b23253d743a8c.1658170384719.2157
.chase.com/	1969-12-31 23:59:59	Name: dtPC Value: 4$370385736_961h1vENONSHJJPTESTPFIRNRTHMCSDCRWQFAP-0e0
.chase.com/	1969-12-31 23:59:59	Name: dtLatC Value: 1266
.chase.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.chase.com/	1969-12-31 23:59:59	Name: rxvt Value: 1658172185745\|1658170381675

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bf63229jlf.bf.dynatrace.com
execution-360-cicolusp.cxtrvl.com
fonts.googleapis.com
secure.chase.com
secure03b.chase.com
static.chasecdn.com
stats.g.doubleclick.net
ultimaterewardspoints.chase.com
ultimaterewardstravel.chase.com
www.google-analytics.com
static.chasecdn.com
159.53.232.13
159.53.232.23
159.53.83.187
23.36.163.249
23.36.163.250
2600:9000:2251:de00:1b:a923:3d80:93a1
2a00:1450:4001:80e::200e
2a00:1450:400c:c0c::9b
2a00:1450:400e:80f::200a
34.199.13.111
09297f0cb28c046ee365c0ebfc12ff55321e31262a5b1e1fe6db8c37433f60cc
12d14c3bd5afc082dfe97ff43b05e9e69c5dbbd3a02b97f74b2be37ecf7bd1ef
2910270956080e41e623d0ac738bd541299c7e34f4806ef35e9fb63936084ff4
294dc733fe7de0962396301ec308456dca45f2a77754f3050ba9006b405967f5
3e1a52436cca0f0c1ffca9196f2bdd045bb665bf023aeffc3a061ad19d01b26d
4c9c1b27c9999fc30a7f9ab2863dcff48cc4c1ad948a1f598ca9784781290c3c
551d6fdc92d330f73f7b1b18554fd619d72aa8e883f8192a05f6466049ae58b9
59484e7b8440bbec3ff9b7627d23fb5bccc4a76d8d78829c432b688a77a5a9ed
6a86a50b04aeba86a47b5f18a5728dfce02d6c27916350a0e51e47f5c24bc8bd
752a05d54ecdc6353aff41c94795fb382c68efd829319717f3fd77f7c5699c5c
76744b23c078613353e0e3abf9b8a56fce1bf0b8cbebc0ec52baa7e2d0ed9ae7
791358f83251268c9e05585b5ea88a3032574f7ac8584138de696f7de5dff61a
8df70ddc10fb8af8def2d0435b0d865009114a3d1975ca8848d28c3b05f7cbcd
8f16879726a0be8383df95639b76c3ee9f4f468b031695e5ac96df8fd73e016e
8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949
a10d57dfe2a510a1a1b169dfd8f127a761dadb6c2b48da721cfbbbe5d99461b2
b0684f41f28ecfa0d4ec0096df19146ba3c19a4910765741c115645dd4b1fff5
b3d664c913fe44edad00fee07b600c6f7f4440ae1c9981c0bfdd9f332bec3f0d
bb6dac59b83d7f30ef7baf939b909836c20092dd81fe5b1a7f8ac6dc1651f464

secure03b.chase.com Open in urlscan Pro 159.53.232.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

40 %IPv6

7 Domains

10 Subdomains

9 IPs

4 Countries

2310 kBTransfer

12126 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure03b.chase.com Open in urlscan Pro
159.53.232.23 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

40 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

2310 kB
Transfer

12126 kB
Size

31
Cookies

42 HTTP transactions
1 data transactions