Submitted URL: http://click.aadvantageeshopping.com/?qs=8ca58b932c190f4f9a4b83ec3a91fc849ccded6b0828d180b0dfde24d72f785fc24c479be46647fd74a76a2f8314...
Effective URL: https://www.aadvantageeshopping.com/
Submission: On June 17 via api from US

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 54.164.212.235, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.aadvantageeshopping.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 23rd 2019. Valid for: a year.
This is the only time www.aadvantageeshopping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.231.91.47 22606 (EXACT-7)
1 2 54.164.212.235 14618 (AMAZON-AES)
12 2a04:4e42:1b:... 54113 (FASTLY)
13 2
Domain Requested by
12 cartera-cdn.freetls.fastly.net www.aadvantageeshopping.com
cartera-cdn.freetls.fastly.net
2 www.aadvantageeshopping.com 1 redirects
1 click.aadvantageeshopping.com 1 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
www.aadvantageeshopping.com
Entrust Certification Authority - L1M
2019-12-23 -
2021-01-22
a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-21 -
2021-04-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.aadvantageeshopping.com/
Frame ID: BF765500E97FB62E45B67F187502DEC4
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://click.aadvantageeshopping.com/?qs=8ca58b932c190f4f9a4b83ec3a91fc849ccded6b0828d180b0dfde24d72f785fc24c479b... HTTP 302
    https://www.aadvantageeshopping.com/click.php?afsrc=1&c=876858&d_chan=content_api&l=290343&gmid=5471&r=4pts-%24&... HTTP 302
    https://www.aadvantageeshopping.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

305 kB
Transfer

1390 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.aadvantageeshopping.com/?qs=8ca58b932c190f4f9a4b83ec3a91fc849ccded6b0828d180b0dfde24d72f785fc24c479be46647fd74a76a2f83144abd40b31234894aa6e511300c86df249ece HTTP 302
    https://www.aadvantageeshopping.com/click.php?afsrc=1&c=876858&d_chan=content_api&l=290343&gmid=5471&r=4pts-%24&source=mn|AA|ALL|mn|NA|em|DOTW||email|20200611&utm_source=mn&utm_medium=em&utm_campaign=&utm_content=email&chan=mn&seg=NA&med=em&strm=DOTW&cam=&cont=email&end=1&mem_id=2fCiDMytn%2FbrgzlQf5%2FxO%2BazmEWv5sv0bpGdnaIztrZ12fDYSRxjb35uDD5Al2rW1K61akM0u%2FB3%2BtFIXJQDuSr0JQwYJv0iBHkew%2BygsZj6vvyvMoB0rSClwRJoU2tRl%2B6ltLKPsvZb9jkA1CLklrTdiSAAy88uASWv10ziAv8Ax92qZAbttQKQwd84NmrF8aq%2BEggPYimxz4maG9J8PlxJznfKr7AkijPLJh%2FAHpk%3D HTTP 302
    https://www.aadvantageeshopping.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.aadvantageeshopping.com/
Redirect Chain
  • http://click.aadvantageeshopping.com/?qs=8ca58b932c190f4f9a4b83ec3a91fc849ccded6b0828d180b0dfde24d72f785fc24c479be46647fd74a76a2f83144abd40b31234894aa6e511300c86df249ece
  • https://www.aadvantageeshopping.com/click.php?afsrc=1&c=876858&d_chan=content_api&l=290343&gmid=5471&r=4pts-%24&source=mn|AA|ALL|mn|NA|em|DOTW||email|20200611&utm_source=mn&utm_medium=em&utm_campai...
  • https://www.aadvantageeshopping.com/?
3 KB
2 KB
Document
General
Full URL
https://www.aadvantageeshopping.com/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.212.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-212-235.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c2521863bda0cdaf8091875ee77dc5af6e1ca8ba9ba663ca318edaf736fdd6b1
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://cartera-stage.freetls.fastly.net/ https://cartera-cdn.freetls.fastly.net/ https://client-services.rclon.com/ https://players.brightcove.net/ https://fast.wistia.com/ https://static-client-services.rclon.com/ https://stage.savingsace.com https://www.savingsace.com https://www.surveymonkey.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.aadvantageeshopping.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
Apache=d7ac9ea9.5a83ca14db71e; source=mn%7CAA%7CALL%7Cmn%7CNA%7Cem%7CDOTW%7C%7Cemail%7C20200611
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
cache-control
no-cache
Content-Encoding
gzip
Content-Security-Policy
frame-src 'self' https://www.google.com/ https://cartera-stage.freetls.fastly.net/ https://cartera-cdn.freetls.fastly.net/ https://client-services.rclon.com/ https://players.brightcove.net/ https://fast.wistia.com/ https://static-client-services.rclon.com/ https://stage.savingsace.com https://www.savingsace.com https://www.surveymonkey.com https://www.youtube.com;
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 17 Jun 2020 00:20:41 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
1097
Connection
keep-alive

Redirect headers

Cache-Control
private
cache-control
no-cache
Content-Encoding
gzip
Content-Security-Policy
frame-src 'self' https://www.google.com/ https://cartera-stage.freetls.fastly.net/ https://cartera-cdn.freetls.fastly.net/ https://client-services.rclon.com/ https://players.brightcove.net/ https://fast.wistia.com/ https://static-client-services.rclon.com/ https://stage.savingsace.com https://www.savingsace.com https://www.surveymonkey.com https://www.youtube.com;
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Jun 2020 00:20:41 GMT
location
https://www.aadvantageeshopping.com?
Server
Apache
Set-Cookie
Apache=d7ac9ea9.5a83ca14db71e; path=/; expires=Thu, 17-Jun-21 00:20:41 GMT source=mn%7CAA%7CALL%7Cmn%7CNA%7Cem%7CDOTW%7C%7Cemail%7C20200611; expires=Sat, 15-Jun-2030 00:20:41 GMT; Max-Age=315360000; path=/; domain=.aadvantageeshopping.com; secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
236
Connection
keep-alive
main.css
cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/
809 KB
91 KB
Stylesheet
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/main.css
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
59ec6615e02b3b59b8ae9a2734851f761bc0e7f7dd841e0914e98bd99a765059
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
1339321
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
92895
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.514002,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
expires
Wed, 01 Jul 2020 12:18:40 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
17
require.js
cartera-cdn.freetls.fastly.net/images/core/js/libs/
81 KB
20 KB
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
7a10cbce6ec24bc6769d7a8de5f99620c1635dbead60712225404dde13d424f9
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
1557469
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
20489
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.514064,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Sun, 28 Jun 2020 23:42:53 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
logo.png
cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/imgs/
14 KB
13 KB
Image
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/imgs/logo.png
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
c44bf0c604f513cf23cf16bbc36f6cf50a58381cae03e79aa2683dfeee7b73ee
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2297484
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
13625
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.571601,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
image/png
via
1.1 varnish
expires
Sat, 20 Jun 2020 10:09:16 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
GDPR-Flags.svg
cartera-cdn.freetls.fastly.net/images/core/imgs/
146 KB
46 KB
Image
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/imgs/GDPR-Flags.svg
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
422eb7dbc349a13c6f342b18772be571d72d8e4e94eb6d54d1e83914f782a031
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2232039
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
46559
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:29 GMT
server
Apache
x-timer
S1592353242.571914,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
expires
Sun, 21 Jun 2020 04:20:03 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
americansans-bold-webfont.woff2
cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/fonts/AmericanSans/
21 KB
21 KB
Font
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/fonts/AmericanSans/americansans-bold-webfont.woff2
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f863ad91080625daa1b35a2f3d4569cfe1b5dfa8cfc843436b672c628b329bde
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/main.css
Origin
https://www.aadvantageeshopping.com

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2234248
via
1.1 varnish
x-cache
HIT
status
200
access-control-max-age
86400
x-cache-hits
1
strict-transport-security
max-age=31536000; includeSubDomains
content-length
21095
x-xss-protection
1; mode=block
x-served-by
cache-hhn4082-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.584028,VS0,VE1
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 21 Jun 2020 03:43:14 GMT
americansans-regular-webfont.woff2
cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/fonts/AmericanSans/
21 KB
22 KB
Font
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/fonts/AmericanSans/americansans-regular-webfont.woff2
Requested by
Host: www.aadvantageeshopping.com
URL: https://www.aadvantageeshopping.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
35070d0179486aa5f6a76a319e35fd6340c3655486443356895e5281d4aabc73
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cartera-cdn.freetls.fastly.net/images/orgs/americanairlines/f87ec/main.css
Origin
https://www.aadvantageeshopping.com

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2297461
via
1.1 varnish
x-cache
HIT
status
200
access-control-max-age
86400
x-cache-hits
1
strict-transport-security
max-age=31536000; includeSubDomains
content-length
21767
x-xss-protection
1; mode=block
x-served-by
cache-hhn4082-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.584019,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 20 Jun 2020 10:09:39 GMT
gdprSelfSelect.js
cartera-cdn.freetls.fastly.net/images/core/js/utils/
2 KB
756 B
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/utils/gdprSelfSelect.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
9ef45ef387384c06ac7ecff45ce89cb555ffa97dce8c640bc08f4d88b35d5101
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2145862
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
662
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.653779,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Mon, 22 Jun 2020 04:16:19 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
base.js
cartera-cdn.freetls.fastly.net/images/core/js/require-config/
3 KB
1 KB
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/require-config/base.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
7eb90d8dbc71cd1779967273d5be9b04bd07b9298bebf39f6dffdfaa79fbc4f9
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2297466
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1026
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.672582,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Sat, 20 Jun 2020 10:09:35 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
jquery.js
cartera-cdn.freetls.fastly.net/images/core/js/libs/
280 KB
84 KB
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/libs/jquery.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8a0dfd009dd1d202dd0d212e1ce56efbd7b23824c826dad1c6517660ab2bc225
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
268431
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
85393
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.687515,VS0,VE1
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Mon, 13 Jul 2020 21:46:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
sha256.min.js
cartera-cdn.freetls.fastly.net/images/core/js/libs/
9 KB
4 KB
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/libs/sha256.min.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
1207700
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
3593
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.687506,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Fri, 03 Jul 2020 00:52:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
jquery.cookie.js
cartera-cdn.freetls.fastly.net/images/core/js/plugins/
2 KB
961 B
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/plugins/jquery.cookie.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
4e8a64a75099e9b709b72bdd614d14bf25b45b5061b5493f8ad083a5a2051113
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
2297466
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
897
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.687501,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Sat, 20 Jun 2020 10:09:35 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
cookieHelper.js
cartera-cdn.freetls.fastly.net/images/core/js/utils/
334 B
290 B
Script
General
Full URL
https://cartera-cdn.freetls.fastly.net/images/core/js/utils/cookieHelper.js
Requested by
Host: cartera-cdn.freetls.fastly.net
URL: https://cartera-cdn.freetls.fastly.net/images/core/js/libs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::591 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f606742e08f76a2cb68c66e5ade77212cd7e1ac614635d76aa8acf0fcb084223
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.aadvantageeshopping.com/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-src 'self' https://www.google.com/ https://resources.digital-cloud-citi.medallia.com/ *.doubleclick.net/;
content-encoding
gzip
age
523903
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
196
x-xss-protection
1; mode=block
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 14 May 2020 18:19:30 GMT
server
Apache
x-timer
S1592353242.687480,VS0,VE0
date
Wed, 17 Jun 2020 00:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Fri, 10 Jul 2020 22:48:58 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mn function| requirejs function| require function| define function| sha256 function| sha224 function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
.aadvantageeshopping.com/ Name: source
Value: mn%7CAA%7CALL%7Cmn%7CNA%7Cem%7CDOTW%7C%7Cemail%7C20200611
www.aadvantageeshopping.com/ Name: Apache
Value: d7ac9ea9.5a83ca14db71e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self' https://www.google.com/ https://cartera-stage.freetls.fastly.net/ https://cartera-cdn.freetls.fastly.net/ https://client-services.rclon.com/ https://players.brightcove.net/ https://fast.wistia.com/ https://static-client-services.rclon.com/ https://stage.savingsace.com https://www.savingsace.com https://www.surveymonkey.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block