staging.americanexpress.io Open in urlscan Pro
23.43.85.5  Malicious Activity! Public Scan

URL: https://staging.americanexpress.io/
Submission: On March 16 via api from CA — Scanned from US

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 23.43.85.5, located in Edison, United States and belongs to AKAMAI-ASN1, NL. The main domain is staging.americanexpress.io.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 11th 2024. Valid for: a year.
This is the only time staging.americanexpress.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
6 23.43.85.5 20940 (AKAMAI-ASN1)
7 23.207.4.216 16625 (AKAMAI-AS)
1 104.17.24.14 13335 (CLOUDFLAR...)
7 185.199.109.153 54113 (FASTLY)
2 142.251.40.206 15169 (GOOGLE)
2 184.50.204.132 16625 (AKAMAI-AS)
1 23.206.216.174 16625 (AKAMAI-AS)
1 1 104.117.182.50 20940 (AKAMAI-ASN1)
1 104.117.182.27 20940 (AKAMAI-ASN1)
1 1 23.200.0.189 20940 (AKAMAI-ASN1)
1 23.200.0.185 20940 (AKAMAI-ASN1)
28 9
Apex Domain
Subdomains
Transfer
13 americanexpress.io
staging.americanexpress.io
americanexpress.io
7 MB
7 aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 13250
276 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2585
iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2588
64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net
1 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1432
c.go-mpulse.net — Cisco Umbrella Rank: 616
50 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
1 akstat.io
173bf10f.akstat.io — Cisco Umbrella Rank: 21195
233 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 253
17 KB
28 7
Domain Requested by
7 americanexpress.io staging.americanexpress.io
7 www.aexp-static.com staging.americanexpress.io
www.aexp-static.com
6 staging.americanexpress.io staging.americanexpress.io
2 www.google-analytics.com staging.americanexpress.io
www.google-analytics.com
1 64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 173bf10f.akstat.io s.go-mpulse.net
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net staging.americanexpress.io
1 cdnjs.cloudflare.com staging.americanexpress.io
28 12

This site contains links to these domains. Also see Links.

Domain
aexp.eightfold.ai
github.com
developer.americanexpress.com
Subject Issuer Validity Valid
staging.americanexpress.io
DigiCert SHA2 Extended Validation Server CA
2024-03-11 -
2025-03-10
a year crt.sh
m.americanexpress.com
DigiCert EV RSA CA G2
2023-04-05 -
2024-04-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
americanexpress.io
R3
2024-03-04 -
2024-06-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2024-03-06 -
2025-03-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://staging.americanexpress.io/
Frame ID: 48CE7F201A49DA2D715B1AEC7184C123
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

American Express Technology

Detected technologies

Overall confidence: 100%
Detected patterns
  • aexp-static\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

7
Domains

12
Subdomains

9
IPs

2
Countries

7582 kB
Transfer

8118 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5959taq0 HTTP 302
  • https://iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 26
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5959taq0 HTTP 302
  • https://64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net/eum/results.txt

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
staging.americanexpress.io/
42 KB
9 KB
Document
General
Full URL
https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b638ab90bfbd9a07aafbe90ded86b012c6811689643649fc4c0ae8c9272aaf82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
8532
content-type
text/html
date
Sat, 16 Mar 2024 10:56:29 GMT
etag
W/"65a1855b-965e"
expires
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Fri, 12 Jan 2024 18:30:51 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=349 origin; dur=172 ak_p; desc="1710586588855_400225157_34363022_52065_20204_10_85_255";dur=1
timing-allow-origin
*
vary
Origin Accept-Encoding
x-akamai-transformed
9 6537 0 pmb=mRUM,2
utils.js
staging.americanexpress.io/assets/js/
0
0
Script
General
Full URL
https://staging.americanexpress.io/assets/js/utils.js
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
cache-control
max-age=604796
server-timing
cdn-cache; desc=HIT, edge; dur=279, ak_p; desc="1710586589518_400225157_34363365_28151_1253_10_0_219";dur=1
content-length
167
vary
Accept-Encoding
content-type
text/html
dls.min.css
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/
343 KB
50 KB
Stylesheet
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9de7bf83aae1a1f3aea99983e793dedd01f03dd93ca2edfd0eaed58d32484fd9
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self';
x-content-type-options
nosniff
date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Mon, 28 Oct 2019 14:06:54 GMT
content-encoding
gzip
etag
W/"5db6f5fe-55c4c"
x-frame-options
DENY
vary
Origin, Accept-Encoding
content-type
text/css
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
51042
styles.css
staging.americanexpress.io/assets/css/
0
0
Stylesheet
General
Full URL
https://staging.americanexpress.io/assets/css/styles.css
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
cache-control
max-age=604800
server-timing
cdn-cache; desc=HIT, edge; dur=351, origin; dur=0, ak_p; desc="1710586589522_400225157_34363363_35715_1790_10_0_255";dur=1
content-length
167
vary
Accept-Encoding
content-type
text/html
syntax.css
staging.americanexpress.io/assets/css/
0
0
Stylesheet
General
Full URL
https://staging.americanexpress.io/assets/css/syntax.css
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
cache-control
max-age=604743
server-timing
cdn-cache; desc=MISS, edge; dur=296, origin; dur=22, ak_p; desc="1710586589516_400225157_34363364_31796_1797_10_0_255";dur=1
content-length
167
vary
Accept-Encoding
content-type
text/html
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/
3 KB
2 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/dls-logo-bluebox-solid.svg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
last-modified
Fri, 13 Apr 2018 18:46:38 GMT
etag
W/"5ad0fb0e-c95"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
1355
highlight.css
staging.americanexpress.io/assets/css/
0
0
Stylesheet
General
Full URL
https://staging.americanexpress.io/assets/css/highlight.css
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
cache-control
max-age=604771
server-timing
cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1710586589516_400225157_34363366_8967_1782_10_0_182";dur=1
content-length
167
vary
Accept-Encoding
content-type
text/html
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/
45 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
32970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16662
last-modified
Mon, 04 May 2020 16:10:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e7a-b3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9edLi%2Ff2xKN3YjvCnc4ccqWqGzxnosqPMBy%2BqGZ%2FuoG7XD4fXLPeJFutjsx5ORDvJP23vkYM6qAwyIsABxZu1N7QZK7GYv%2Fbeu30yjis0nEWhANLnUixIA2LFL4wjlRRbEc7Pvlv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
865437895e054bc6-BUF
expires
Thu, 06 Mar 2025 10:56:29 GMT
article_hero_image.jpg
staging.americanexpress.io/assets/img/
548 B
548 B
Image
General
Full URL
https://staging.americanexpress.io/assets/img/article_hero_image.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
gzip
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=75, ak_p; desc="1710586589648_400225157_34363418_7582_1642_10_0_182";dur=1
content-length
167
vary
Accept-Encoding
content-type
text/html
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/
187 KB
187 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/main.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
28fbcd403541377f7197c85666f2ee6ab6f7326c
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
expires
Sat, 16 Mar 2024 11:06:29 GMT
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
191127
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
CDC6:111690:8CCBDB:A7855C:65F57ADA
x-timer
S1710586590.842415,VS0,VE30
etag
"63d9485b-2ea97"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
main.jpg
americanexpress.io/_post_assets/choosing-go/img/
6 MB
6 MB
Image
General
Full URL
https://americanexpress.io/_post_assets/choosing-go/img/main.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
76b42a4b3f1584fa0cb0c2eec32eee5f72129df2
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
expires
Sat, 16 Mar 2024 11:06:29 GMT
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
6783888
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
BE28:1516C2:91CAF7:AC8472:65F57ADB
x-timer
S1710586590.842420,VS0,VE72
etag
"63d9485b-678390"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-delegates/img/
185 KB
186 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/advanced-kotlin-delegates/img/main.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
f32038ffe0cc5f845f8f0381bb717375a48fa5e0
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
189651
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
9A32:1093E6:920F9D:ACCA35:65F57ADD
x-timer
S1710586590.903917,VS0,VE31
etag
"63d9485b-2e4d3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 16 Mar 2024 11:06:29 GMT
hero.jpg
americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/
57 KB
57 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/hero.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
431ba174dad271a79a6355912692c2f901828a63
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
expires
Sat, 16 Mar 2024 11:06:29 GMT
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
58043
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
1B94:DB83F:9AD234:B58997:65F57ADC
x-timer
S1710586590.903897,VS0,VE31
etag
"63d9485b-e2bb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/hooks-intro/img/
14 KB
14 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/hooks-intro/img/hero.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
37505bd16a5205460691b10620a1604f3d0b0876
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
13966
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
DD62:349AC5:906226:AB1BC7:65F57ADB
x-timer
S1710586590.903883,VS0,VE14
etag
"63d9485b-368e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 16 Mar 2024 11:06:29 GMT
hero.jpg
americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/
73 KB
74 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/hero.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
da8b753b6d360ca7627ce0a5b9c4105966bc1b49
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
75252
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
E828:2C1C31:87276A:A1E058:65F57ADD
x-timer
S1710586590.903875,VS0,VE27
etag
"63d9485b-125f4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 16 Mar 2024 11:06:29 GMT
hero.jpg
americanexpress.io/_post_assets/spread-love/img/
62 KB
62 KB
Image
General
Full URL
https://americanexpress.io/_post_assets/spread-love/img/hero.jpg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fastly-request-id
d3a4b5e7fa3a2cb73050ea5d358d7d3d2555af3f
date
Sat, 16 Mar 2024 10:56:29 GMT
via
1.1 varnish
expires
Sat, 16 Mar 2024 11:06:29 GMT
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
63132
x-served-by
cache-nyc-kteb1890076-NYC
last-modified
Tue, 31 Jan 2023 16:56:59 GMT
server
GitHub.com
x-github-request-id
167E:111690:8CCBE3:A78568:65F57ADD
x-timer
S1710586590.904011,VS0,VE21
etag
"63d9485b-f69c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/img/dls_logos/
3 KB
1 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/img/dls_logos/dls-logo-line.svg
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self';
x-content-type-options
nosniff
date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Mon, 28 Oct 2019 14:06:37 GMT
content-encoding
gzip
etag
W/"5db6f5ed-b7f"
x-frame-options
DENY
vary
Origin, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
1181
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Mar 2024 10:06:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2986
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 12:06:43 GMT
3JY28-FF92J-VVHZ4-XZZSW-LK9DZ
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/3JY28-FF92J-VVHZ4-XZZSW-LK9DZ
Requested by
Host: staging.americanexpress.io
URL: https://staging.americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.204.132 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-204-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Thu, 14 Mar 2024 03:34:40 GMT
x-serial
4518
x-check-cacheable
YES
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/
36 KB
37 KB
Font
General
Full URL
https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Origin
https://staging.americanexpress.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Wed, 15 Aug 2018 20:46:09 GMT
etag
"5b749111-9121"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
37153
expires
Mon, 25 Jan 2021 11:07:20 GMT
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/iconfont/
39 KB
40 KB
Font
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/iconfont/dls-icons.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08aa290779a2cfa729656adc7080814c717da25486b5c30693d17298a68cfc28

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Origin
https://staging.americanexpress.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Mon, 28 Oct 2019 14:06:40 GMT
etag
"5db6f5f0-9d8c"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
40332
Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/
75 KB
75 KB
Font
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/Roboto-Regular.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Origin
https://staging.americanexpress.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Mon, 28 Oct 2019 14:06:37 GMT
etag
"5db6f5ed-12bf8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
76792
Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/
71 KB
72 KB
Font
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/Roboto-Medium.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.4.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-4-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/dls.min.css
Origin
https://staging.americanexpress.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 10:56:29 GMT
last-modified
Mon, 28 Oct 2019 14:06:37 GMT
etag
"5db6f5ed-11cfc"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
72956
collect
www.google-analytics.com/j/
1 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=979432519&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.americanexpress.io%2F&ul=en-us&de=UTF-8&dt=American%20Express%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=511952383&gjid=940820025&cid=1277765993.1710586590&tid=UA-99877773-1&_gid=1437146399.1710586590&_r=1&z=778170354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.americanexpress.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 10:56:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging.americanexpress.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/
770 B
934 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=3JY28-FF92J-VVHZ4-XZZSW-LK9DZ&d=staging.americanexpress.io&t=5701955&v=1.720.0&sl=0&si=b05deebb-e3f8-4a74-8cdd-0b3bebe9ced2-saft25&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=1034942
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3JY28-FF92J-VVHZ4-XZZSW-LK9DZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.174 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdfe501a61625256e0bf19bbf0823fcba7fa5ecdbd1197e5a3e7a8536ab504e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 10:56:30 GMT
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
770
content-type
application/json
/
173bf10f.akstat.io/
0
233 B
Ping
General
Full URL
https://173bf10f.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3JY28-FF92J-VVHZ4-XZZSW-LK9DZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.204.132 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-204-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://staging.americanexpress.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 10:56:30 GMT
content-type
image/gif
access-control-allow-origin
https://staging.americanexpress.io
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Sat, 16 Mar 2024 10:56:30 GMT
results.txt
iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5959taq0
  • https://iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 10:56:31 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Sat, 16 Mar 2024 10:56:30 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5959taq0
  • https://64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
23.200.0.185 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-185.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 10:56:30 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Sat, 16 Mar 2024 10:56:30 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| findLinkParent string| GoogleAnalyticsObject function| ga object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| hljs object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| BOOMR_onload

3 Cookies

Domain/Path Name / Value
.americanexpress.io/ Name: _ga
Value: GA1.2.1277765993.1710586590
.americanexpress.io/ Name: _gid
Value: GA1.2.1437146399.1710586590
.americanexpress.io/ Name: _gat
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://staging.americanexpress.io/assets/css/highlight.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://staging.americanexpress.io/assets/img/article_hero_image.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://staging.americanexpress.io/assets/js/utils.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://staging.americanexpress.io/assets/css/syntax.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://staging.americanexpress.io/assets/css/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf10f.akstat.io
64-44-118-112_s-23-200-0-189_ts-1710586590-clienttons-s.akamaihd.net
americanexpress.io
c.go-mpulse.net
cdnjs.cloudflare.com
iawhm4diow3dezpvplpa-p5959t-21b86c0c3-clientnsv4-s.akamaihd.net
s.go-mpulse.net
staging.americanexpress.io
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.aexp-static.com
www.google-analytics.com
104.117.182.27
104.117.182.50
104.17.24.14
142.251.40.206
184.50.204.132
185.199.109.153
23.200.0.185
23.200.0.189
23.206.216.174
23.207.4.216
23.43.85.5
08aa290779a2cfa729656adc7080814c717da25486b5c30693d17298a68cfc28
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bdfe501a61625256e0bf19bbf0823fcba7fa5ecdbd1197e5a3e7a8536ab504e
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e
9de7bf83aae1a1f3aea99983e793dedd01f03dd93ca2edfd0eaed58d32484fd9
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95
b638ab90bfbd9a07aafbe90ded86b012c6811689643649fc4c0ae8c9272aaf82
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c