secure01b.chase.com Open in urlscan Pro
159.53.232.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ultimaterewardstravel.chase.com/
Effective URL:
https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREAS...
Submission: On March 11 via manual (March 11th 2022, 1:30:08 pm UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 68 HTTP transactions. The main IP is 159.53.232.21, located in United States and belongs to JPMORGAN-AS7743, US. The main domain is secure01b.chase.com. The Cisco Umbrella rank of the primary domain is 31021.
TLS certificate: Issued by Entrust Certification Authority - L1M on April 20th 2021. Valid for: a year.

This is the only time secure01b.chase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	159.53.77.25 159.53.77.25	7743 (JPMORGAN-...) (JPMORGAN-AS7743)
8	2600:9000:224... 2600:9000:224a:7c00:1b:a923:3d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	159.53.33.198 159.53.33.198	7743 (JPMORGAN-...) (JPMORGAN-AS7743)
1 1	159.53.232.13 159.53.232.13	10934 (JPMORGAN-...) (JPMORGAN-AS10934)
3	159.53.232.21 159.53.232.21	7743 (JPMORGAN-...) (JPMORGAN-AS7743)
1	18.205.71.26 18.205.71.26	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
30	2.16.186.163 2.16.186.163	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
68	9

12 159.53.77.25 (Poughkeepsie, United States) 2 redirects

ASN7743 (JPMORGAN-AS7743, US)

ultimaterewardstravel.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:224a:7c00:1b:a923:3d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

execution-360-cicolusp.cxtrvl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.33.198 (United States) 1 redirects

ASN7743 (JPMORGAN-AS7743, US)

ultimaterewardspoints.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.232.13 (United States) 1 redirects

ASN10934 (JPMORGAN-AS10934, US)

secure.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.53.232.21 (United States)

ASN7743 (JPMORGAN-AS7743, US)

secure01b.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.71.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-71-26.compute-1.amazonaws.com

bf63229jlf.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2.16.186.163 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com

static.chasecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	chasecdn.com static.chasecdn.com — Cisco Umbrella Rank: 7938	3 MB
17	chase.com 4 redirects ultimaterewardstravel.chase.com — Cisco Umbrella Rank: 146077 ultimaterewardspoints.chase.com — Cisco Umbrella Rank: 21324 secure.chase.com — Cisco Umbrella Rank: 50341 secure01b.chase.com — Cisco Umbrella Rank: 31021 securej.chase.com Failed	2 MB
8	cxtrvl.com execution-360-cicolusp.cxtrvl.com — Cisco Umbrella Rank: 127076	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	450 B
1	dynatrace.com bf63229jlf.bf.dynatrace.com — Cisco Umbrella Rank: 158704	480 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
68	7

	Domain	Requested by
30	static.chasecdn.com	secure01b.chase.com static.chasecdn.com
12	ultimaterewardstravel.chase.com	2 redirects ultimaterewardstravel.chase.com
8	execution-360-cicolusp.cxtrvl.com	ultimaterewardstravel.chase.com execution-360-cicolusp.cxtrvl.com
3	secure01b.chase.com	ultimaterewardstravel.chase.com secure01b.chase.com
2	www.google-analytics.com	ultimaterewardstravel.chase.com
1	stats.g.doubleclick.net	ultimaterewardstravel.chase.com
1	bf63229jlf.bf.dynatrace.com	ultimaterewardstravel.chase.com
1	secure.chase.com	1 redirects
1	ultimaterewardspoints.chase.com	1 redirects
1	fonts.googleapis.com	ultimaterewardstravel.chase.com
0	securej.chase.com Failed	secure01b.chase.com
68	11

This site contains no links.

Subject Issuer	Validity	Valid
www.ultimaterewardstravel.chase.com Entrust Certification Authority - L1M	`2021-05-03` - `2022-05-03`	a year	crt.sh
execution-360-cicolusp.cxtrvl.com Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
secure01b.chase.com Entrust Certification Authority - L1M	`2021-04-20` - `2022-04-20`	a year	crt.sh
*.bf.dynatrace.com Amazon	`2022-01-08` - `2023-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
static.chasecdn.com Entrust Certification Authority - L1M	`2021-10-22` - `2022-10-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault
Frame ID: D198738407B0E7A239068BB00D8C2F72
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chase Online

Page URL History Show full URLs

http://ultimaterewardstravel.chase.com/ HTTP 301
https://ultimaterewardstravel.chase.com/ HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/ Page URL
https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2F... HTTP 302
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625... HTTP 302
https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

68
Requests

82 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

4854 kB
Transfer

28067 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ultimaterewardstravel.chase.com/ HTTP 301
https://ultimaterewardstravel.chase.com/ HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/ Page URL
https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2FHandlers%2FReceptionDesk.ashx%3Fpage%3Ddefault HTTP 302
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault HTTP 302
https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ultimaterewardstravel.chase.com/ HTTP 301
https://ultimaterewardstravel.chase.com/ HTTP 302
https://ultimaterewardstravel.chase.com/login?returnUrl=/

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

http://ultimaterewardstravel.chase.com/
https://ultimaterewardstravel.chase.com/
https://ultimaterewardstravel.chase.com/login?returnUrl=/

8 KB
4 KB

168ms
168ms

Document
text/html

159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

c8e658841fb40f093ffabbe06207b2f96f79973c3be5d08b973b55bdb6f26a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
temp-Origin
X-UA-Compatible: IE=Edge
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1099539159"
Date: Fri, 11 Mar 2022 13:29:56 GMT
Strict-Transport-Security: max-age=15552001
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3285
Connection: Keep-Alive

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /login?returnUrl=/
X-UA-Compatible: IE=Edge
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1632035587"
Date: Fri, 11 Mar 2022 13:29:56 GMT
Strict-Transport-Security: max-age=15552001
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK ruxitagentjs_ICAVfghjux_10233220201140653.js Show response
ultimaterewardstravel.chase.com/ 222 KB
94 KB 99ms
98ms Script
text/javascript 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

134e1d6219705bc90a5348914bf2aaa2b039000d8e69b7a6987d44b1ff163804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552001
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Age: 2236
Date: Fri, 11 Mar 2022 13:29:57 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
X-UA-Compatible: IE=Edge
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 96121
X-XSS-Protection: 1; mode=block
Expires: Sat, 11 Mar 2023 12:52:42 GMT

GET
H/1.1 200
OK main.LTR.zz-zz.css
ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/ 2 MB
312 KB 393ms
196ms Stylesheet
text/css 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/main.LTR.zz-zz.css?v=289742574

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

ba3fe7f6c34424cf6b446af3974d3d4ccd236bd7ed5b224ae083fcc0643a0e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552001
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1004
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1412171605"
Content-Length: 318887
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Feb 2022 17:27:46 GMT
Cache-Control: max-age=31536000
Date: Fri, 11 Mar 2022 13:29:57 GMT
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
ETag: "095ded7ec24d81:0"
temp-Origin
Accept-Ranges: bytes

GET
H/1.1 200
OK all.frameworks.min.js Show response
ultimaterewardstravel.chase.com/Widgets/Resources/Min/ 687 KB
231 KB 540ms
340ms Script
application/javascript 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.frameworks.min.js?v=289742574

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

c7631b5d8fa2853396a2a75b381920ad2b109b786f00f49f2ba16d416f7bd98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 13:29:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Feb 2022 17:36:50 GMT
ETag: "0651e1cee24d81:0"
Strict-Transport-Security: max-age=15552001
Content-Type: application/javascript
Cache-Control: private,max-age=31536000
Transfer-Encoding: chunked
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1773904291"
temp-Origin
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK all.min.js Show response
ultimaterewardstravel.chase.com/Widgets/Resources/Min/ 2 MB
697 KB 615ms
396ms Script
application/javascript 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.min.js?v=289742574

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

5afc75cace56c24f7df44b12fe79f302ac6508db498034ad3d6ae94782d7e4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 13:29:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Mar 2022 23:11:00 GMT
ETag: "05adf9b7832d81:0"
Strict-Transport-Security: max-age=15552001
Content-Type: application/javascript
Cache-Control: private,max-age=31536000
Transfer-Encoding: chunked
Server-Timing: dtSInfo;desc="0", dtRpid;desc="533645011"
temp-Origin
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK JavascriptInitialization.ashx Show response
ultimaterewardstravel.chase.com/Handlers/ 97 KB
20 KB 647ms
428ms Script
application/javascript 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?v=397b93ba-e00e-40cc-83d5-6728a26599ff&l=en-us

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

7e4e7a0cec44ae87a417dde4815b2d99342ebf0a31fe19a8fc031a4283cf83f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 13:29:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1321129078"
X-UA-Compatible: IE=Edge
temp-Origin
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 20238
X-XSS-Protection: 1; mode=block
Expires: Fri, 11 Mar 2022 17:29:57 GMT

GET
H/1.1 200
OK JavascriptInitialization.ashx Show response
ultimaterewardstravel.chase.com/Handlers/ 16 KB
5 KB 567ms
330ms Script
application/javascript 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?id=664&v=397b93ba-e00e-40cc-83d5-6728a26599ff&l=en-us

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

fe5d3fc44b87d72e4789b83919fea48446bcb915fe1527deb89ffc67993474c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 13:29:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1573515006"
X-UA-Compatible: IE=Edge
temp-Origin
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4356
X-XSS-Protection: 1; mode=block
Expires: Fri, 11 Mar 2022 17:29:57 GMT

GET
H2 200 ot-all.min.js Show response
execution-360-cicolusp.cxtrvl.com/js/ 21 KB
8 KB 653ms
10ms Script
application/javascript 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/login?returnUrl=/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1c6134f289a9898178c2a0d4869b96fb572af95b3668c2008e575f7ce9aaa47f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:44 GMT
content-encoding: gzip
age: 613
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: DUS51-P1
sas-service-response-flag: true
x-amz-cf-id: Ch7b837sWDOHuF6gbYU5B6-6SYtASe5K9ALHGG9vD1Jl37rmYmuXGQ==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700&display=swap

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/css/main.LTR.zz-zz.css?v=289742574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03af162507e24b5bf9fbe3007f047167d43f907ec70e08c814a9a10ecd590f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 13:29:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 13:29:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 13:29:58 GMT

GET
H2 200 ot-min.js
execution-360-cicolusp.cxtrvl.com/js/ 172 KB
41 KB 12ms
12ms Script
application/javascript 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:54 GMT
content-encoding: gzip
age: 609
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: DUS51-P1
sas-service-response-flag: true
x-amz-cf-id: 7E-SQYwZKcOJi-ry9lZEO7BVMOuomvAcGvJGXnYR0vjdSckU3ZjBZg==

GET
H/1.1 200
OK svg-sprite.en-us.svg
ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/images/ 100 KB
41 KB 110ms
109ms XHR
image/svg+xml 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Uploads/Sites/JPMorganChase/Themes/Chase/images/svg-sprite.en-us.svg?v=289742574

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-dtpc: 3$5397762_738h2vRWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0e0

Response headers

Strict-Transport-Security: max-age=15552001
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3066
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2080868467"
Content-Length: 40944
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 28 Jan 2022 20:08:22 GMT
Cache-Control: max-age=31536000
Date: Fri, 11 Mar 2022 13:30:03 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
ETag: "0bfb2cc8214d81:0"
temp-Origin
Accept-Ranges: bytes

POST
H/1.1 200
OK /
ultimaterewardstravel.chase.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/ 14 KB
3 KB 314ms
314ms XHR
application/json 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-dtpc: 3$5397762_738h3vRWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0e0

Response headers

Date: Fri, 11 Mar 2022 13:30:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ultimaterewardstravel.chase.com
Cache-Control: private
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-609973295", dtTao;desc="1"
temp-Origin: https://ultimaterewardstravel.chase.com
Connection: Keep-Alive
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 2246
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Widgets/Resources/Min/all.min.js?v=289742574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6910
date: Fri, 11 Mar 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Mar 2022 13:34:53 GMT

POST
H/1.1 200
OK /
ultimaterewardstravel.chase.com/Services/HelperServices/CltsSessionManagementService.svc/getitem/ 28 B
559 B 146ms
146ms XHR
application/json 159.53.77.25
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimaterewardstravel.chase.com/Services/HelperServices/CltsSessionManagementService.svc/getitem/

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.77.25 Poughkeepsie, United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-dtpc: 3$5397762_738h4vRWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0e0

Response headers

Date: Fri, 11 Mar 2022 13:30:03 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ultimaterewardstravel.chase.com
Cache-Control: private
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1055045817", dtTao;desc="1"
temp-Origin: https://ultimaterewardstravel.chase.com
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 28
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1

200

Primary Request / Show response
secure01b.chase.com/web/auth/
Redirect Chain

https://ultimaterewardspoints.chase.com/initialize-session?url=https%3A%2F%2Fultimaterewardstravel.chase.com%2FSH%2FHandlers%2FReceptionDesk.ashx%3Fpage%3Ddefault
https://secure.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bpp...
https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2...

388 KB
185 KB

1006ms
207ms

Document
text/html

159.53.232.21
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/Handlers/JavascriptInitialization.ashx?id=664&v=397b93ba-e00e-40cc-83d5-6728a26599ff&l=en-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.21 , United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

787ef50f0f234282b0dc8cc6f37bd91a5771ea3d9b2d9c97f7ab2e8e90395363

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/login?returnUrl=/

Response headers

Date: Fri, 11 Mar 2022 13:30:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Cache-Control: no-cache,no-store,must-revalidate,private
X-B3-TraceId: f52a29e93933a3977a1968b1ea11fb38
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: frame-ancestors 'none'
x-trace-id: YitO3qYE81Am3Y7CXMEJFwAAAKk
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Language: en-US
X-Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
x-app-info: bv=DPS/dps-auth/release%2F2022.02.13-85; pd=c2p1
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Date: Fri, 11 Mar 2022 13:30:05 GMT
x-trace-id: YitO3TZs0cxKUtt3ZqLh-wAAARc
Cache-Control: no-cache,no-store,must-revalidate,private
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Location: https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault
Keep-Alive: timeout=60, max=5000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 536

POST
H2 200 bf
bf63229jlf.bf.dynatrace.com/ 205 B
480 B 326ms
108ms Ping
text/plain 18.205.71.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf63229jlf.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_3_sn_9C6A56A4DB8244CFC2ED603B5F992B02_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1&svrid=3&flavor=cors&vi=RWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0&modifiedSince=1646942047488&rf=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2F&bp=3&app=a39a87d71c97b73a&crc=2375360088&en=qip3pldm&end=1
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.71.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-71-26.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ultimaterewardstravel.chase.com
x-oneagent-js-injection: true
date: Fri, 11 Mar 2022 13:30:03 GMT
cache-control: no-cache
content-length: 205
content-type: text/plain;charset=utf-8

GET
H2 200 1647005403520
execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/ 75 KB
15 KB 137ms
137ms Script
application/javascript 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/1647005403520?version=1.1.0&domain=ultimaterewardstravel.chase.com&p=%2Flogin&params=returnUrl%3D%2F&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2F&requestedfile=%2Flogin&cts=1647005403520&tzo=0&platform=Linux%20x86_64&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=2327&bsz=1600x1200&tab_id=25941644258
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:30:03 GMT
content-encoding: gzip
sas-service-response-flag: true
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: XDCOT_FcdOh9ITajDW-b3meSEEhkW3nlKoMZwgJtWsF4I3sP4-bELg==
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)

POST
H2 200 collect
www.google-analytics.com/j/ 4 B
220 B 14ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1589318777&t=pageview&_s=1&dl=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABCAAAAC~&jid=953630397&gjid=352910311&cid=1433639919.1647005404&tid=UA-50459656-5&_gid=919405948.1647005404&_r=1&_slc=1&z=1422079908

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimaterewardstravel.chase.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 13:30:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
450 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50459656-5&cid=1433639919.1647005404&jid=953630397&gjid=352910311&_gid=919405948.1647005404&_u=IEBAAAAACAAAAC~&z=1994900406

Requested by

Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimaterewardstravel.chase.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 13:30:03 GMT
content-type: text/plain
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/p/ 87 B
1 KB 111ms
111ms Script
application/javascript 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/p/b2a8ee90e0000138a2a5865c?version=1.1.0&domain=ultimaterewardstravel.chase.com&p=%2Flogin&params=returnUrl%3D%2F&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2F&requestedfile=%2Flogin&platform=Linux%20x86_64&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:30:03 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 87
x-amz-cf-id: 8PgKsLKFPoJoA9s0dxk12wpChz57sjHqZpsvA6_q7IW0l6pGpnFOuA==

POST
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 2 B
1 KB 115ms
115ms XHR
text/plain 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Mar 2022 13:30:03 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: gG6Z2iO9kPVaA5fdVxHp9m3nIVbIejj2mIaFjRBtDK6KhK2p8e36-g==

GET
H2 200 ot-api.min.js
execution-360-cicolusp.cxtrvl.com/js/ 61 KB
19 KB 11ms
11ms Script
application/javascript 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-api.min.js
Requested by: Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:55 GMT
content-encoding: gzip
age: 608
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: DUS51-P1
sas-service-response-flag: true
x-amz-cf-id: _YT_iQgY7tDS0mb0S_kw4EvnNc-QVjRDGBplpGMjJxDavaz6nXWd8g==

POST
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 2 B
1 KB 288ms
288ms XHR
text/plain 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ultimaterewardstravel.chase.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Mar 2022 13:30:04 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: iYex_zsLH2laBHJyO5CkR_AhM3DRCile28Ve7pefYR0k7hgYjCFZ9A==

GET
H2 200 b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/c/ 335 B
1 KB 126ms
126ms XHR
application/json 2600:9000:224a:7c00:1b:a923:3d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c?domain=ultimaterewardstravel.chase.com&vid=ee51c0e1c2e85948a968eab0&sid=fe346c6f0f477827d4e82da1&hb=6&loadId=0b54926081192554e3ce296f&p=%2Flogin&params=returnUrl%3D%2F&page_title=Login&referrer=&uri=https%3A%2F%2Fultimaterewardstravel.chase.com%2Flogin%3FreturnUrl%3D%2F&cts=1647005403967&tzo=0&platform=Linux%20x86_64&port=&protocol=https&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=109824&bsz=1600x1200&tab_id=25941644258&java_enabled=false&flash_enabled=false
Requested by: Host: ultimaterewardstravel.chase.com
URL: https://ultimaterewardstravel.chase.com/ruxitagentjs_ICAVfghjux_10233220201140653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimaterewardstravel.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:30:04 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://ultimaterewardstravel.chase.com
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 335
x-amz-cf-id: 1790HokQ5EDsk5aE_EzO1C4N57y7Klf4Qjt9jBruC-gDFa_HhChkLw==

GET
H/1.1 200
OK ruxitagentjs_ICA2fhqru_10229211201102017.js Show response
secure01b.chase.com/events/ 179 KB
77 KB 101ms
101ms Script
text/javascript 159.53.232.21
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://secure01b.chase.com/events/ruxitagentjs_ICA2fhqru_10229211201102017.js

Requested by

Host: secure01b.chase.com
URL: https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.21 , United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

b2acb694b4c98734d0006c8d648708e9d83d0bd61f0b7a894914541f9e351e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 13:30:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'none'
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-trace-id: YitO3uCB4hakr26TdeRhgwAAA54
Pragma: no-cache
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'none'
Keep-Alive: timeout=60, max=4426
Expires: Sat, 11 Mar 2023 13:30:06 GMT

GET
H2 200 apptel.collector.min.js Show response
static.chasecdn.com/web/library/apptel-js-collector/apptel-js-collector/ 17 KB
5 KB 89ms
19ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/apptel-js-collector/apptel-js-collector/apptel.collector.min.js?ver=19

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cdb492ca8cb53bc20253745f0c08e1dd9eb4c68b1be90ae0a05e7f5af904e659

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 4755
x-xss-protection: 1; mode=block
x-trace-id: Yh7OkzUdZ8bELNzUNQGU-AAAACU
last-modified: Tue, 01 Mar 2022 17:03:04 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:06 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
etag: "45e9-5d79a507f2ac0"
accept-ranges: bytes
expires: Tue, 01 Mar 2022 18:03:03 GMT

GET
H2 200 appConfig.js Show response
static.chasecdn.com/web/2022.02.13-788/logon/js/ 19 KB
5 KB 87ms
22ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.02.13-788/logon/js/appConfig.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

59a2eec1d737cd27fdac8269824a3a071e8a1a1d2d8875110e2e184b60b63e3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 4695
x-xss-protection: 1; mode=block
x-trace-id: Yinm0ViM9L4ZLcBRYjgEewAAAHw
last-modified: Thu, 10 Mar 2022 11:53:54 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:06 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "4c7e-5d9a512651940"
accept-ranges: bytes
expires: Fri, 10 Mar 2023 11:53:53 GMT

POST
H/1.1 200
OK rb_f080783c-7a3e-490c-84ba-346ef2d12e98 Show response
secure01b.chase.com/events/ 120 B
940 B 97ms
96ms XHR
text/plain 159.53.232.21
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL

https://secure01b.chase.com/events/rb_f080783c-7a3e-490c-84ba-346ef2d12e98?type=js3&sn=v_4_srv_4_sn_9C6A56A4DB8244CFC2ED603B5F992B02_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1_app-3A8e4c3cc543ee1dcb_1&svrid=4&flavor=post&vi=RWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0&modifiedSince=1646951415304&rf=https%3A%2F%2Fsecure01b.chase.com%2Fweb%2Fauth%2F%3Flogoff%26TYPE%3D33554433%26REALMOID%3D06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a%26GUID%3D%26SMAUTHREASON%3D0%26METHOD%3DGET%26SMAGENTNAME%3D-SM-ohNwyq%252bnNAEzW6tOegEI5J9IpumId2s4QzLav%252bppU%252fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy%26TARGET%3D-SM-HTTPS%253a%252f%252fultimaterewardspoints%252echase%252ecom%252finitialize--session%253furl%253dhttps-%253A-%252F-%252Fultimaterewardstravel%252echase%252ecom-%252FSH-%252FHandlers-%252FReceptionDesk%252eashx-%253Fpage-%253Ddefault&bp=3&app=8e4c3cc543ee1dcb&crc=4234881597&en=nsxooafs&end=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.53.232.21 , United States, ASN7743 (JPMORGAN-AS7743, US),

Reverse DNS

Software

Resource Hash

5815b28052513f9ae9a9a77c2767e953e04e15e42a62ad81c01f931ed7bf9dcd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure01b.chase.com/web/auth/?logoff&TYPE=33554433&REALMOID=06-000e6ca5-b42c-1bd0-b819-cce1a9625a5a&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ohNwyq%2bnNAEzW6tOegEI5J9IpumId2s4QzLav%2bppU%2fP0Du2AzqNgvTvIpoGfUOL6qChh0ACAyy7tjd25Tgs924X8xYpVEaBy&TARGET=-SM-HTTPS%3a%2f%2fultimaterewardspoints%2echase%2ecom%2finitialize--session%3furl%3dhttps-%3A-%2F-%2Fultimaterewardstravel%2echase%2ecom-%2FSH-%2FHandlers-%2FReceptionDesk%2eashx-%3Fpage-%3Ddefault
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 11 Mar 2022 13:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 120
X-XSS-Protection: 1; mode=block
x-trace-id: YitO39-2diLv_WzqrJBccQAAAUs
Pragma: no-cache
Access-Control-Allow-Headers: x-jpmc-csrf-token,Content-Type,origin
X-Frame-Options: DENY
Access-Control-Max-Age: 5
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure01b.chase.com
Cache-Control: no-cache,no-store,must-revalidate,private
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'none'
Keep-Alive: timeout=60, max=4360
X-Content-Security-Policy: frame-ancestors 'none'

GET
H2 200 blue-ui.css Show response
static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/assets/ 494 KB
44 KB 75ms
22ms XHR
text/css 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/assets/blue-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

52927c48d4988cde5658402a450edbc64e1b6a858da72013f50df8470cf5d3b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 44482
x-xss-protection: 1; mode=block
x-trace-id: Yf1wlLYbnLCOd6eLDwiJgAAAAOE
last-modified: Fri, 04 Feb 2022 18:29:43 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "7b664-5d734f737bb48"
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:29:40 GMT

GET
H2 200 logon.css Show response
static.chasecdn.com/web/2022.02.13-788/logon/assets/ 182 KB
20 KB 132ms
80ms XHR
text/css 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.02.13-788/logon/assets/logon.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

29dcf1084b70067249c4a6443c217b29966513e5e059440bc2f50f5b622fa682

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 19843
x-xss-protection: 1; mode=block
x-trace-id: YinlL1qCkFk9OZ2koq6vBQAAAFM
last-modified: Thu, 10 Mar 2022 11:46:56 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "2d602-5d9a4f98a2f00"
accept-ranges: bytes
expires: Fri, 10 Mar 2023 11:46:55 GMT

GET
H2 200 main-ver.js Show response
static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/ 58 KB
13 KB 111ms
60ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fb54a63013674316e3c94e784af1395dbfceb5d14abe3c54e9d97b77e6ececb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 12969
x-xss-protection: 1; mode=block
x-trace-id: Yan7w@qJp@SoXT-fhbxmkwAAADs
last-modified: Fri, 03 Dec 2021 11:13:33 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "e640-5cba86d678b80"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 11:13:07 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/ 346 KB
84 KB 126ms
75ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

bde3093b2ca35019b9a7347de32c6e96e973d36f41551aa7e8c1b02a66d29472

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 85207
x-xss-protection: 1; mode=block
x-trace-id: YXdmE0HjfykPheDACCb2uAAAABQ
last-modified: Tue, 26 Oct 2021 02:21:32 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "56638-5c9256fba3340"
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:21:07 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/ 134 KB
35 KB 108ms
57ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3413a33f759da5030ed7a733bc0b9db8f4809332d9751d298265571e3b6b0910

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 34927
x-xss-protection: 1; mode=block
x-trace-id: Ybi8j2859fp3MhN-sPEgiAAAAOA
last-modified: Tue, 14 Dec 2021 15:50:51 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "216f0-5c932db478b00"
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:47:27 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/ 114 KB
25 KB 129ms
80ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b0684f41f28ecfa0d4ec0096df19146ba3c19a4910765741c115645dd4b1fff5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 25501
x-xss-protection: 1; mode=block
x-trace-id: Yan@K0KRZ@jJh5hm8Oa4YAAAAMU
last-modified: Fri, 03 Dec 2021 11:23:50 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "1c752-5cba95693ed80"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 11:23:23 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/ 30 KB
9 KB 129ms
79ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

76744b23c078613353e0e3abf9b8a56fce1bf0b8cbebc0ec52baa7e2d0ed9ae7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 8909
x-xss-protection: 1; mode=block
x-trace-id: Yan4rg@zbP@hQlgecu264wAAACM
last-modified: Fri, 03 Dec 2021 11:00:06 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "7984-5cba9e32f6940"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 10:59:58 GMT

GET
H2 200 view.js Show response
static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/ 265 KB
66 KB 128ms
79ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/view.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4c9c1b27c9999fc30a7f9ab2863dcff48cc4c1ad948a1f598ca9784781290c3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 67261
x-xss-protection: 1; mode=block
x-trace-id: YXG0-9gJC7E0@H7J5F4kqgAAACQ
last-modified: Thu, 21 Oct 2021 18:45:03 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "42278-5c8d3e13bca80"
accept-ranges: bytes
expires: Fri, 21 Oct 2022 18:44:15 GMT

GET
H2 200 boot_c7f390b63c8cae8dc8b739184d99b663.js Show response
static.chasecdn.com/web/hash/logon/js/ 2 MB
221 KB 120ms
72ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/logon/js/boot_c7f390b63c8cae8dc8b739184d99b663.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a7b041ad1357dbbf3a36d4bb446818acc0bb3cc6200b6ccc64311c4c542260cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 224901
x-xss-protection: 1; mode=block
x-trace-id: YiEviYIy4_e2Vfj03vZhNgAAADs
last-modified: Thu, 03 Mar 2022 21:13:51 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "187578-5d92e738e9380"
accept-ranges: bytes
expires: Fri, 03 Mar 2023 21:13:45 GMT

GET
H2 200 main_ef5e84ec2aaba1ff0b3292bebd0aea74.js Show response
static.chasecdn.com/web/hash/appkit/js/ 264 KB
61 KB 93ms
45ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/appkit/js/main_ef5e84ec2aaba1ff0b3292bebd0aea74.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

45bbfec4c27f190896beb15175686f548ea4235cdec1b467c4e1d356020b0a3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 61892
x-xss-protection: 1; mode=block
x-trace-id: YgTzWtw5YmbOHSWPFkynnAAAADQ
last-modified: Thu, 10 Feb 2022 11:13:40 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "4204e-5d79b102f6ec0"
accept-ranges: bytes
expires: Fri, 10 Feb 2023 11:13:30 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/js/kit/ 640 KB
135 KB 92ms
45ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/js/kit/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

63e18657923f4b45dbcdcee28518adfb49ad10e1df9750e164d9f1acefb0a2b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 137534
x-xss-protection: 1; mode=block
x-trace-id: Yf1rKYlgCt41i8RSamkioQAAAQg
last-modified: Fri, 04 Feb 2022 18:07:26 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "a00a4-5d734f729867c"
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:06:33 GMT

GET
H2 200 blue-ui.css
static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/assets/ 494 KB
44 KB 27ms
27ms Stylesheet
text/css 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/assets/blue-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

52927c48d4988cde5658402a450edbc64e1b6a858da72013f50df8470cf5d3b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 44482
x-xss-protection: 1; mode=block
x-trace-id: Yf1wlLYbnLCOd6eLDwiJgAAAAOE
last-modified: Fri, 04 Feb 2022 18:29:43 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "7b664-5d734f737bb48"
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:29:40 GMT

GET
H2 200 main-ver.js Show response
static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/ 58 KB
13 KB 21ms
21ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fb54a63013674316e3c94e784af1395dbfceb5d14abe3c54e9d97b77e6ececb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 12969
x-xss-protection: 1; mode=block
x-trace-id: Yan7w@qJp@SoXT-fhbxmkwAAADs
last-modified: Fri, 03 Dec 2021 11:13:33 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "e640-5cba86d678b80"
accept-ranges: bytes
expires: Sat, 03 Dec 2022 11:13:07 GMT

GET
H2 200 logon.css
static.chasecdn.com/web/2022.02.13-788/logon/assets/ 182 KB
20 KB 20ms
20ms Stylesheet
text/css 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.02.13-788/logon/assets/logon.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

29dcf1084b70067249c4a6443c217b29966513e5e059440bc2f50f5b622fa682

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 19843
x-xss-protection: 1; mode=block
x-trace-id: YinlL1qCkFk9OZ2koq6vBQAAAFM
last-modified: Thu, 10 Mar 2022 11:46:56 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "2d602-5d9a4f98a2f00"
accept-ranges: bytes
expires: Fri, 10 Mar 2023 11:46:55 GMT

GET
H2 200 main_ef5e84ec2aaba1ff0b3292bebd0aea74.js Show response
static.chasecdn.com/web/hash/appkit/js/ 264 KB
61 KB 20ms
20ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/appkit/js/main_ef5e84ec2aaba1ff0b3292bebd0aea74.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

45bbfec4c27f190896beb15175686f548ea4235cdec1b467c4e1d356020b0a3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 61892
x-xss-protection: 1; mode=block
x-trace-id: YgTzWtw5YmbOHSWPFkynnAAAADQ
last-modified: Thu, 10 Feb 2022 11:13:40 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "4204e-5d79b102f6ec0"
accept-ranges: bytes
expires: Fri, 10 Feb 2023 11:13:30 GMT

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/js/kit/ 640 KB
135 KB 20ms
20ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/@seur/cxo-ui-common-utilities/12.8.18/common/js/kit/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

63e18657923f4b45dbcdcee28518adfb49ad10e1df9750e164d9f1acefb0a2b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 137534
x-xss-protection: 1; mode=block
x-trace-id: Yf1rKYlgCt41i8RSamkioQAAAQg
last-modified: Fri, 04 Feb 2022 18:07:26 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "a00a4-5d734f729867c"
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:06:33 GMT

GET
H2 200 app.json Show response
static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/ 400 KB
68 KB 21ms
21ms XHR
application/json 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/app.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

aab1affce38064287c3a2b199ecf871af7c41f398eab5976206a15d202998580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Mar 2022 11:55:49 GMT
server: Akamai Resource Optimizer
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 69015

GET
H2 200 convoDeck.json Show response
static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/ 38 KB
7 KB 20ms
20ms XHR
application/json 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/convoDeck.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7aceb88eaffe18a13e1887f0345e00f843a3464f9617acd83838ad0a485a9d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Mar 2022 12:23:53 GMT
server: Akamai Resource Optimizer
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 7301

GET
H2 200 accounts.json Show response
static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/ 136 KB
23 KB 24ms
24ms XHR
application/json 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/accounts.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e862084ddcd7a38b6e105fdaff1d0a36cf2143b181f1222265f619e6aa024158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Mar 2022 19:20:33 GMT
server: Akamai Resource Optimizer
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 23389

GET
H2 200 dashboard.css Show response
static.chasecdn.com/web/2022.02.13-788/dashboard/assets/ 1 MB
99 KB 27ms
27ms XHR
text/css 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.02.13-788/dashboard/assets/dashboard.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

152ae632e85f7f31cf62943c14fdd77e633eb339016d63c593642e597069fa08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 101194
x-xss-protection: 1; mode=block
x-trace-id: Yina6S1Aad_MYrUEgziUYwAAAJU
last-modified: Thu, 10 Mar 2022 11:03:19 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "109dfc-5d9a4f96baa80"
accept-ranges: bytes
expires: Fri, 10 Mar 2023 11:03:05 GMT

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/ 346 KB
84 KB 21ms
21ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-vendor/dist/2.19.1/blue-vendor/js/main.js

Requested by

Host: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

bde3093b2ca35019b9a7347de32c6e96e973d36f41551aa7e8c1b02a66d29472

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
content-length: 85207
x-xss-protection: 1; mode=block
x-trace-id: YXdmE0HjfykPheDACCb2uAAAABQ
last-modified: Tue, 26 Oct 2021 02:21:32 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "56638-5c9256fba3340"
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:21:07 GMT

GET
H2 200 main_36d3eb53b488f5511c5326fc31a05f66.js
static.chasecdn.com/web/hash/dashboard/js/ 5 MB
726 KB 20ms
20ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/dashboard/js/main_36d3eb53b488f5511c5326fc31a05f66.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 741327
x-xss-protection: 1; mode=block
x-trace-id: YiCxu9DXdo0rb9WGdddF8wAAANs
last-modified: Thu, 03 Mar 2022 12:17:54 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "54dbb1-5d92e7454f0c0"
accept-ranges: bytes
expires: Fri, 03 Mar 2023 12:16:59 GMT

GET
H2 200 area_209820b378e5d962fda246338a4b1620.js Show response
static.chasecdn.com/web/hash/dashboard/payMultipleBills/js/ 1 MB
200 KB 31ms
30ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/dashboard/payMultipleBills/js/area_209820b378e5d962fda246338a4b1620.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e5323e1149f623bc98d3fd648ef5aa76e8fa3e5cdf910b344606de068559e757

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 203868
x-xss-protection: 1; mode=block
x-trace-id: YgT8UlTM4rl7FDx7dMXtoAAAAEg
last-modified: Thu, 10 Feb 2022 11:52:56 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "159c40-5d79b12bf8f80"
accept-ranges: bytes
expires: Fri, 10 Feb 2023 11:51:46 GMT

GET
H2 200 payMultipleBills.json Show response
static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/ 267 KB
35 KB 33ms
32ms XHR
application/json 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/payMultipleBills.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

703a259e6a6481e6c1cc39c6d5990e707121cb123584904e68eff2e7394e966e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Mar 2022 19:34:07 GMT
server: Akamai Resource Optimizer
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 36059

GET
H2 200 main.js Show response
static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/ 134 KB
35 KB 21ms
21ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/library/blue-core/dist/2.37.1/blue/js/main.js

Requested by

Host: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3413a33f759da5030ed7a733bc0b9db8f4809332d9751d298265571e3b6b0910

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 34927
x-xss-protection: 1; mode=block
x-trace-id: Ybi8j2859fp3MhN-sPEgiAAAAOA
last-modified: Tue, 14 Dec 2021 15:50:51 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "216f0-5c932db478b00"
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:47:27 GMT

GET
H2 200 main_3d363f28cee8fc97c0e043a287741207.js Show response
static.chasecdn.com/web/hash/dashboard/profile/js/ 4 MB
480 KB 22ms
22ms XHR
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/hash/dashboard/profile/js/main_3d363f28cee8fc97c0e043a287741207.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

82cec78e76861879c6961d6668d866615c6a35b31396a2c9246d3230870ba3ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 490505
x-xss-protection: 1; mode=block
x-trace-id: YgUFv7DKmrQ-gD3ip6NdDAAAAEg
last-modified: Thu, 10 Feb 2022 12:33:14 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "3bf0ad-5d79b13e17a40"
accept-ranges: bytes
expires: Fri, 10 Feb 2023 12:31:59 GMT

GET
H2 200 profile.json Show response
static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/ 681 KB
100 KB 25ms
25ms XHR
application/json 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/resource-bundles/digital-ui/3-2-7-13/en/bundles.json/profile.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d6f6c2a0e6317bb924d60db49b2203b0be9ca0d81b756c4f76b656ca6bcfc0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Mar 2022 23:00:08 GMT
server: Akamai Resource Optimizer
date: Fri, 11 Mar 2022 13:30:07 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 101881

GET
H2 200 boot.js
static.chasecdn.com/web/2022.02.13-788/logon/js/ 2 MB
221 KB 20ms
20ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/web/2022.02.13-788/logon/js/boot.js

Requested by

Host: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-boot/dist/2.50.0/blue-boot/js/main-ver.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-163.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31556952
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure01b.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
content-length: 224901
x-xss-protection: 1; mode=block
x-trace-id: YinbAdUWZXmEcO_UQ0DauQAAAHk
last-modified: Thu, 10 Mar 2022 11:03:48 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Fri, 11 Mar 2022 13:30:07 GMT
strict-transport-security: max-age=31556952
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
etag: "187578-5d9a5131c3440"
accept-ranges: bytes
expires: Fri, 10 Mar 2023 11:03:29 GMT

POST dip
securej.chase.com/__imp_apg__/api/dip/v1/ 0
0

GET locationAPI.js
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/with/ 0
0

GET settings.js
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/ 0
0

GET ZIP_CODE_REGEX.js
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/validate/var/ 0
0

GET web.js
static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/page/ 0
0

GET bridge.js
static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/ 0
0

GET view.js
static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/ 0
0

GET jquery.min.js
static.chasecdn.com/web/2022.02.13-788/jquery/dist/ 0
0

GET main.js
static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/ 0
0

GET main.js
static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/ 0
0

GET elements-core.js
static.chasecdn.com/web/2022.02.13-788/@mds/web/bundle/ 0
0

GET d3.js
static.chasecdn.com/web/2022.02.13-788/@mds/resources-web/dist/vendor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securej.chase.com
URL: https://securej.chase.com/__imp_apg__/api/dip/v1/dip

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/with/locationAPI.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/settings.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/validate/var/ZIP_CODE_REGEX.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/page/web.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/bridge.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-view-ractive/dist/1.15.0/blue-view-ractive/js/view.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/2022.02.13-788/jquery/dist/jquery.min.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-app/dist/2.32.0/blue-app/js/main.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/library/blue-view/dist/2.25.0/blue-view/js/main.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/2022.02.13-788/@mds/web/bundle/elements-core.js

Domain: static.chasecdn.com
URL: https://static.chasecdn.com/web/2022.02.13-788/@mds/resources-web/dist/vendor/d3.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ultimaterewardstravel.chase.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ep0wgv0tik3ya550gtybthvd
ultimaterewardstravel.chase.com/	1969-12-31 23:59:59	Name: TS01c71f40 Value: 01de3a32f53cde7a36aa14eb7140d50204ab391b7af8ed7b9a6b3c875ff267bb30282831c04a5a28665fbf3757c052dcf9862ad2dd
.chase.com/	1969-12-31 23:59:59	Name: TS01b55316 Value: 01de3a32f53cde7a36aa14eb7140d50204ab391b7af8ed7b9a6b3c875ff267bb30282831c04a5a28665fbf3757c052dcf9862ad2dd
ultimaterewardstravel.chase.com/	1969-12-31 23:59:59	Name: ppnet_3759 Value: !bFq493jfODXMr+2sghDzVCdMwVzA1szUJoiz5W8VaIsVR9pATgxVBKlUG9LMpJbSjJR46XPP6G+nIL8=
.chase.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 16470053977657R83S94NIOPE6OHKPOCV3LBHN5J1NUB0
.ultimaterewardstravel.chase.com/	1970-01-20 19:01:17	Name: _ga Value: GA1.3.1433639919.1647005404
.ultimaterewardstravel.chase.com/	1970-01-20 01:31:31	Name: _gid Value: GA1.3.919405948.1647005404
.ultimaterewardstravel.chase.com/	1970-01-20 01:30:05	Name: _gat_clts0 Value: 1
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_VS_3.b2a8ee90e0000138a2a5865c Value: fe346c6f0f477827d4e82da1
execution-360-cicolusp.cxtrvl.com/	1970-01-20 19:01:17	Name: _SI_VID_3.b2a8ee90e0000138a2a5865c Value: ee51c0e1c2e85948a968eab0
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_DID_3.b2a8ee90e0000138a2a5865c Value: ca2b83ad-1792-38ad-9e89-033cad30bdae
.chase.com/	1970-01-20 19:01:17	Name: _SI_VID_1.b2a8ee90e0000138a2a5865c Value: ee51c0e1c2e85948a968eab0
.chase.com/	1969-12-31 23:59:59	Name: _SI_DID_1.b2a8ee90e0000138a2a5865c Value: ca2b83ad-1792-38ad-9e89-033cad30bdae
execution-360-cicolusp.cxtrvl.com/	1970-01-20 01:40:10	Name: AWSALBCORS Value: TL7m/egXfDIu80+NJrtsBkOfMSQHVkuTVSHuKHY+ci34eU5Q9DW37WUOJhSXmAr9zUSW/kfEwsP1Yuot6TgZ58ZkQkUA/PZoQ5DDnqBKvxk/qPTqu61cKCy/MEBwcdKXD4evL5+jUMmzCvysnj4ntwCPU3EywJ77LKBUNzAPyMO5Q7nqMJhHCFHErS4DnQ==
execution-360-cicolusp.cxtrvl.com/	1969-12-31 23:59:59	Name: _SI_SID_3.b2a8ee90e0000138a2a5865c Value: fe346c6f0f477827d4e82da1.1647005404191.291
.ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ULTREWTRACKCOOKIE Value: ULTREWCDC1WEB13
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: t2cdc1_3577 Value: !cQTHUikZ71l2uFoi+fMLYsfqDzgRFcayNiChF2//gjGGv2YjBLx+v3t5ORIg0uXZihUU8zsNxF2Mrss=
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ppwaf_3577 Value: !txNyM2oIQmvAASM75dNTmcNwPSW0UN5NSBi0yoFAYsgpE961ILaTGZpGbRR2bG5XkRPvd9Nm8dZ6Pb4=
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: TS013478ad Value: 01bafcdf8673676c1f2a44153b7b1a0f6602a20ca0031b596f54758426c71f51d43a04016be0d87d568b45cdd4bc82d434df266e55
.ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: TS0141f74b Value: 01bafcdf8673676c1f2a44153b7b1a0f6602a20ca0031b596f54758426c71f51d43a04016be0d87d568b45cdd4bc82d434df266e55
ultimaterewardspoints.chase.com/	1969-12-31 23:59:59	Name: ppnet_3577 Value: !Uj9bzNiyQCZS79G37jPKLaILDvk9wlMrQeiQY3mYTho9CjR84Hh/aJtAlKzng3j3iVDGNlxLr8XS6w==
.chase.com/	1970-01-20 10:15:41	Name: PC_1_0 Value: locale%3Den_us%7Cpfid%3D%7Csegment%3D%7CAOC%3D%7Cpm%3D%7Capc%3D%7C
.chase.com/	1969-12-31 23:59:59	Name: preredirect Value: HTTPS%3A%2F%2Fultimaterewardspoints.chase.com%2Finitialize-session%3Furl%3Dhttps%253A%252F%252Fultimaterewardstravel.chase.com%252FSH%252FHandlers%252FReceptionDesk.ashx%253Fpage%253Ddefault
.chase.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_4_sn_9C6A56A4DB8244CFC2ED603B5F992B02_perc_100000_ol_0_mul_1_app-3Aa39a87d71c97b73a_1_app-3A8e4c3cc543ee1dcb_1
.chase.com/	1970-01-20 10:16:02	Name: d8Gbsq7y Value: AI4TLHl_AQAAxS7XxOhRRMTcJXpBVTy4mzz5aTLxZtT8x5WIHeZLWklTeztj\|1\|0\|b76122d844b5a0483919cc10255fcec33cf4d261
secure01b.chase.com/	1969-12-31 23:59:59	Name: TS0148602f Value: 0174783928a0b865e43fffca034b72ee7d5bdc1ba2cf95384b809cc0e27843393e87c0518a102875eab6eaa4e0453fe5f3da3c087e
.chase.com/	1969-12-31 23:59:59	Name: TS013a2c79 Value: 0174783928eab0ab2c8569ea6e7f78f57a565c38a4cf95384b809cc0e27843393e87c0518a57b8d857701b378b8f2bb3ed0ad2289befd7b38a076c6ad5a89173f6ed2b15900bf54d17a020f0d4a82490789a6a4ef3b7c9ae3273e6b494a208543aec0fd320b98097bac6775c7a89acae9f3a1f5dba54469e018b908b8dd51110a326a50d8fe33c9a4aaba5328478f4e55920c4cd5c
.chase.com/	1969-12-31 23:59:59	Name: TS01243d90 Value: 0174783928570cb72aa7cee4fc337c65caa7c1fbd2cf95384b809cc0e27843393e87c0518a5ba105ec4f2643f38e0356d92e358524b9b6baec51001ddce43443961428fef4
.chase.com/	1969-12-31 23:59:59	Name: _SI_SID_1.b2a8ee90e0000138a2a5865c Value: fe346c6f0f477827d4e82da1.1647005406265.2163
.chase.com/	1969-12-31 23:59:59	Name: dtLatC Value: 1232
.chase.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.chase.com/	1969-12-31 23:59:59	Name: rxvt Value: 1647007207069\|1647005397767
.chase.com/	1969-12-31 23:59:59	Name: dtPC Value: 4$5407023_429h4vRWEVCNDPIKJAFDSBCUWCRUAMFBHDVMKV-0e0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bf63229jlf.bf.dynatrace.com
execution-360-cicolusp.cxtrvl.com
fonts.googleapis.com
secure.chase.com
secure01b.chase.com
securej.chase.com
static.chasecdn.com
stats.g.doubleclick.net
ultimaterewardspoints.chase.com
ultimaterewardstravel.chase.com
www.google-analytics.com
securej.chase.com
static.chasecdn.com
159.53.232.13
159.53.232.21
159.53.33.198
159.53.77.25
18.205.71.26
2.16.186.163
2600:9000:224a:7c00:1b:a923:3d80:93a1
2a00:1450:4001:810::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c08::9a
03af162507e24b5bf9fbe3007f047167d43f907ec70e08c814a9a10ecd590f71
134e1d6219705bc90a5348914bf2aaa2b039000d8e69b7a6987d44b1ff163804
152ae632e85f7f31cf62943c14fdd77e633eb339016d63c593642e597069fa08
1c6134f289a9898178c2a0d4869b96fb572af95b3668c2008e575f7ce9aaa47f
29dcf1084b70067249c4a6443c217b29966513e5e059440bc2f50f5b622fa682
3413a33f759da5030ed7a733bc0b9db8f4809332d9751d298265571e3b6b0910
45bbfec4c27f190896beb15175686f548ea4235cdec1b467c4e1d356020b0a3e
4c9c1b27c9999fc30a7f9ab2863dcff48cc4c1ad948a1f598ca9784781290c3c
52927c48d4988cde5658402a450edbc64e1b6a858da72013f50df8470cf5d3b6
5815b28052513f9ae9a9a77c2767e953e04e15e42a62ad81c01f931ed7bf9dcd
59a2eec1d737cd27fdac8269824a3a071e8a1a1d2d8875110e2e184b60b63e3a
5afc75cace56c24f7df44b12fe79f302ac6508db498034ad3d6ae94782d7e4d9
63e18657923f4b45dbcdcee28518adfb49ad10e1df9750e164d9f1acefb0a2b1
703a259e6a6481e6c1cc39c6d5990e707121cb123584904e68eff2e7394e966e
76744b23c078613353e0e3abf9b8a56fce1bf0b8cbebc0ec52baa7e2d0ed9ae7
787ef50f0f234282b0dc8cc6f37bd91a5771ea3d9b2d9c97f7ab2e8e90395363
7aceb88eaffe18a13e1887f0345e00f843a3464f9617acd83838ad0a485a9d58
7e4e7a0cec44ae87a417dde4815b2d99342ebf0a31fe19a8fc031a4283cf83f6
82cec78e76861879c6961d6668d866615c6a35b31396a2c9246d3230870ba3ce
8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949
a7b041ad1357dbbf3a36d4bb446818acc0bb3cc6200b6ccc64311c4c542260cb
aab1affce38064287c3a2b199ecf871af7c41f398eab5976206a15d202998580
b0684f41f28ecfa0d4ec0096df19146ba3c19a4910765741c115645dd4b1fff5
b2acb694b4c98734d0006c8d648708e9d83d0bd61f0b7a894914541f9e351e0d
ba3fe7f6c34424cf6b446af3974d3d4ccd236bd7ed5b224ae083fcc0643a0e0b
bde3093b2ca35019b9a7347de32c6e96e973d36f41551aa7e8c1b02a66d29472
c7631b5d8fa2853396a2a75b381920ad2b109b786f00f49f2ba16d416f7bd98e
c8e658841fb40f093ffabbe06207b2f96f79973c3be5d08b973b55bdb6f26a2e
cdb492ca8cb53bc20253745f0c08e1dd9eb4c68b1be90ae0a05e7f5af904e659
d6f6c2a0e6317bb924d60db49b2203b0be9ca0d81b756c4f76b656ca6bcfc0a0
e5323e1149f623bc98d3fd648ef5aa76e8fa3e5cdf910b344606de068559e757
e862084ddcd7a38b6e105fdaff1d0a36cf2143b181f1222265f619e6aa024158
fb54a63013674316e3c94e784af1395dbfceb5d14abe3c54e9d97b77e6ececb7
fe5d3fc44b87d72e4789b83919fea48446bcb915fe1527deb89ffc67993474c4

secure01b.chase.com Open in urlscan Pro 159.53.232.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

82 %HTTPS

40 %IPv6

7 Domains

11 Subdomains

9 IPs

3 Countries

4854 kBTransfer

28067 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure01b.chase.com Open in urlscan Pro
159.53.232.21 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

82 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

4854 kB
Transfer

28067 kB
Size

33
Cookies

68 HTTP transactions
1 data transactions