www.americanexpress.com Open in urlscan Pro
95.100.68.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Submission: On July 26 via api (July 26th 2023, 5:21:57 pm UTC) from US — Scanned from DE

Summary HTTP 171 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 17 domains to perform 171 HTTP transactions. The main IP is 95.100.68.84, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 14283.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 14th 2022. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	95.100.68.84 95.100.68.84	16625 (AKAMAI-AS) (AKAMAI-AS)
73	23.197.129.56 23.197.129.56	16625 (AKAMAI-AS) (AKAMAI-AS)
10	139.71.18.229 139.71.18.229	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	34.196.213.10 34.196.213.10	14618 (AMAZON-AES) (AMAZON-AES)
5	139.71.55.230 139.71.55.230	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	95.100.67.116 95.100.67.116	16625 (AKAMAI-AS) (AKAMAI-AS)
6	139.71.16.158 139.71.16.158	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	139.71.27.117 139.71.27.117	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	139.71.8.18 139.71.8.18	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1 2	52.213.166.38 52.213.166.38	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2490:8e00:c:7c62:1240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
1	139.71.50.190 139.71.50.190	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	63.140.62.135 63.140.62.135	15224 (OMNITURE) (OMNITURE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	34.247.45.95 34.247.45.95	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
7	52.18.30.63 52.18.30.63	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
1	2a04:4e42::448 2a04:4e42::448	54113 (FASTLY) (FASTLY)
8	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
1	198.160.127.57 198.160.127.57	15026 (ACXIOM) (ACXIOM)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
171	28

6 95.100.68.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-68-84.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 23.197.129.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-129-56.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.71.18.229 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: acquisition-12.americanexpress.com

acquisition-1.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.213.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-213-10.compute-1.amazonaws.com

track.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.71.55.230 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions-r2a.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.100.67.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-116.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.71.16.158 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi22.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.27.117 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: acqgateway-r1-vip.americanexpress.com

acqgateway.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.8.18 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: dynatracepsg2.americanexpress.com

dynatracepsg.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.166.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-166-38.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:8e00:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)

ct.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

tms.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.50.190 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv4-r2.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.45.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-45-95.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.18.30.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::448 (United States)

ASN54113 (FASTLY, US)

publisher.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpchat.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.160.127.57 (Conway, United States)

ASN15026 (ACXIOM, US)

aeopprodvip.acxiom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 12127 icm.aexp-static.com — Cisco Umbrella Rank: 13898	2 MB
52	americanexpress.com www.americanexpress.com — Cisco Umbrella Rank: 14283 acquisition-1.americanexpress.com — Cisco Umbrella Rank: 150875 functions.americanexpress.com — Cisco Umbrella Rank: 20191 one-xp.americanexpress.com — Cisco Umbrella Rank: 22717 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 16563 acqgateway.americanexpress.com — Cisco Umbrella Rank: 264651 dynatracepsg.americanexpress.com — Cisco Umbrella Rank: 20494 tms.americanexpress.com — Cisco Umbrella Rank: 49221 gct.americanexpress.com — Cisco Umbrella Rank: 51610 omns.americanexpress.com — Cisco Umbrella Rank: 15017 lpchat.americanexpress.com — Cisco Umbrella Rank: 50064	799 KB
11	contentsquare.net ct.contentsquare.net — Cisco Umbrella Rank: 21970 c.contentsquare.net — Cisco Umbrella Rank: 3668	123 KB
8	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3306 publisher.liveperson.net — Cisco Umbrella Rank: 20884 va.v.liveperson.net — Cisco Umbrella Rank: 3757	140 KB
6	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3207	12 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 313	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 210	3 KB
1	acxiom.com aeopprodvip.acxiom.com — Cisco Umbrella Rank: 113730	429 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1253	428 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1540	637 B
1	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 812	568 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1249	634 B
1	rkdms.com track.sv.rkdms.com — Cisco Umbrella Rank: 10980	263 B
0	linkedin.com Failed px4.ads.linkedin.com Failed
0	google.de Failed adservice.google.de Failed www.google.de Failed
0	wdsvc.net Failed tags.wdsvc.net Failed
171	17

	Domain	Requested by
42	www.aexp-static.com	www.americanexpress.com www.aexp-static.com
31	icm.aexp-static.com	www.americanexpress.com www.aexp-static.com ct.contentsquare.net lpchat.americanexpress.com
10	acquisition-1.americanexpress.com	www.americanexpress.com www.aexp-static.com
8	lpchat.americanexpress.com	lptag.liveperson.net
7	c.contentsquare.net
6	accdn.lpsnmedia.net	lptag.liveperson.net lpchat.americanexpress.com
6	iwmapapi.americanexpress.com	www.aexp-static.com ct.contentsquare.net
6	www.americanexpress.com	www.americanexpress.com
5	va.v.liveperson.net	lptag.liveperson.net va.v.liveperson.net
5	functions.americanexpress.com	www.aexp-static.com
4	omns.americanexpress.com	www.aexp-static.com ct.contentsquare.net
4	ct.contentsquare.net	www.aexp-static.com ct.contentsquare.net
4	dynatracepsg.americanexpress.com	www.aexp-static.com dynatracepsg.americanexpress.com
4	one-xp.americanexpress.com	www.aexp-static.com
3	tms.americanexpress.com	www.aexp-static.com
2	lptag.liveperson.net	www.aexp-static.com
2	s.amazon-adsystem.com	1 redirects
2	www.facebook.com
2	dpm.demdex.net	1 redirects
1	aeopprodvip.acxiom.com	ct.contentsquare.net
1	publisher.liveperson.net	lptag.liveperson.net
1	jadserve.postrelease.com
1	alb.reddit.com
1	ct.pinterest.com
1	sp.analytics.yahoo.com
1	gct.americanexpress.com	www.aexp-static.com
1	acqgateway.americanexpress.com	www.aexp-static.com
1	track.sv.rkdms.com	www.aexp-static.com
0	www.google.de Failed
0	px4.ads.linkedin.com Failed
0	adservice.google.de Failed
0	tags.wdsvc.net Failed
171	32

This site contains links to these domains. Also see Links.

Domain
online.americanexpress.com
global.americanexpress.com
www347.americanexpress.com
personalsavings.americanexpress.com
www.bluebird.com
www.serve.com
www.amexgiftcard.com
www.amextravel.com
hotel-booking.americanexpress.com
www.americanexpresscruise.com
www.amexglobalbusinesstravel.com
aeti.americanexpress.com
americanexpress.com
ir.americanexpress.com
network.americanexpress.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-14` - `2023-09-14`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
acquisition-12.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-01-07` - `2024-01-04`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-26`	9 months	crt.sh
functions.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-10-10` - `2023-10-09`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2022-09-13` - `2023-09-12`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-08-10` - `2023-08-09`	a year	crt.sh
acqgateway-r1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-03-01` - `2024-02-28`	a year	crt.sh
dynatracepsg.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-31` - `2024-05-29`	a year	crt.sh
ct-tag.clicktale.net Amazon RSA 2048 M02	`2023-04-26` - `2024-05-25`	a year	crt.sh
tms.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
gctv4-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-01-09` - `2024-01-08`	a year	crt.sh
omns.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-06-04`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
liveperson.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-28` - `2024-01-29`	a year	crt.sh
lpchat.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-27` - `2024-05-23`	a year	crt.sh
AEOPPRODVIP.ACXIOM.COM Entrust Certification Authority - L1K	`2023-02-24` - `2024-03-24`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Frame ID: 39D2DDB9C19CA241ED191CC1E0194571
Requests: 163 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: A33FF8555005D2EA526B0BBE81701174
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: 6E921354962E4BFD664DFFB4ABE6EC61
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: FEEB7701B28DDF5B389FF58A59A11FDF
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: 31B620351017CEBA4A1FE3C542091AE4
Requests: 1 HTTP requests in this frame

Frame: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 5DB5CE25840D0B3F4155D6216FFDDB84
Requests: 2 HTTP requests in this frame

Frame: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690392110057&loc=https%3A%2F%2Fwww.americanexpress.com
Frame ID: BE10618EA1B397F8C6A3DAC7E01ACCE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Credit Cards | American Express axp-glyph-down axp-glyph-down axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-icon-search axp-glyph-right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

171
Requests

92 %
HTTPS

11 %
IPv6

17
Domains

32
Subdomains

28
IPs

3
Countries

3532 kB
Transfer

11182 kB
Size

51
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Register&Face=en_US#/&inav=menu_myacct_create_online_account
Title: Create Your Online Account

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=menu_myacct_acctsum
Title: Account Home

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Activation&Face=en_US#/&inav=menu_myacct_confirm_card
Title: Confirm Your Card

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/activity?inav=menu_myacct_viewstmt
Title: Statements & Activity

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/account-management?inav=menu_myacct_profile_preference
Title: Account Services

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/card-benefits/view-all?inav=menu_myacct_cardbenefits
Title: Card Benefits

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=menu_myacct_smallbusiness
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www347.americanexpress.com/ATWORK/en_US/atwork.do?pageAction=initialize&inav=menu_myacct_atwork
Title: American Express @Work

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/onlinebanking/login.do?extlink=ps2020=GIN-H&inav=us_menu_my_account_other_accounts_savings_accounts
Title: Savings Accounts

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/summary?inav=menu_myacct_mrpointsum
Title: Membership Rewards® Point Summary

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/?solid=iNavMyAccountbb&inav=menu_myacct_bluebird&intlink=us-amex-prepaid-bluebird-inav_menu_myacct
Title: BlueBird Alternative to Banking

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/login/en-US?DestPage=https%3A%2F%2Ffreecreditscore.americanexpress.com%2Fmycreditguide%2Fenroll.do&inav=menu_myacct_creditscore
Title: Free Credit Score & Report

Search URL Search Domain Scan URL

URL: https://www.serve.com/?SOLID=4AMEX&extlink=us-amex-home-header&inav=menu_cards_reloadablecards
Title: Prepaid Debit Cards

Search URL Search Domain Scan URL

URL: https://www.amexgiftcard.com/?extlink=us-giftcard-home-footer&inav=menu_cards_giftcards&SOLID=AMEX1
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/onlinebanking/login.do?&inav=us_menu_savings_and_loans_savings_accounts_login
Title: Log In To Your Savings Account

Search URL Search Domain Scan URL

URL: https://www.amextravel.com/featured-hotel-searches?inav=us_menu_travel_personal_travel_bookfhr
Title: Book Fine Hotels & Resorts®

Search URL Search Domain Scan URL

URL: https://hotel-booking.americanexpress.com/en-us/thc/welcome?inav=us_menu_travel_personal_travel_bookthc
Title: Book The Hotel Collection

Search URL Search Domain Scan URL

URL: https://www.americanexpresscruise.com/promos/cruise
Title: Book Cruise Privileges Program

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/?inav=menu_travel_corporate_travel_solutions
Title: Corporate Travel Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/meetings-events/?inav=menu_travel_business_travel_meetings_events
Title: Meetings and Events

Search URL Search Domain Scan URL

URL: https://aeti.americanexpress.com/travel-insurance/home.do?inav=menu_travel_protection
Title: Travel Insurance

Search URL Search Domain Scan URL

URL: https://americanexpress.com/us/credit-cards/features-benefits/policies/?inav=menu_travel_covid
Title: COVID-19 Travel Insurance FAQ

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards?inav=us_menu_rewards_benefits_rewards_mr
Title: Membership Rewards®

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/entertainment/home?inav=us_menu_rewards_benefits_benefits_entertainment_events
Title: Entertainment and Events

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/calculator?inav=us_menu_rewards_benefits_manage_membership_points_value_calculator
Title: Points Value Calculator

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/points-for-charges?inav=us_menu_rewards_benefits_manage_membership_cover_card_charges
Title: Cover Card Charges

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/pay-with-points?inav=us_menu_rewards_benefits_manage_membership_pay_with_points
Title: Pay with Points

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/gift-cards?inav=us_menu_rewards_benefits_manage_membership_redeem_points_gift_cards
Title: Redeem points for Gift Cards

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=iNUtlContact
Title: Help

Search URL Search Domain Scan URL

URL: https://ir.americanexpress.com/investor-relations/default.aspx?inav=us_footer_about_investor_relations
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/globalnetwork/v4/?inav=us_footer_about_global_network
Title: Global Network

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=footer_contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards?us_nu=dd&inav=footer_mr
Title: Membership Rewards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressUS

Search URL Search Domain Scan URL

URL: https://twitter.com/askamex

Search URL Search Domain Scan URL

URL: https://www.instagram.com/AmericanExpress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073

Request Chain 85

https://ad.doubleclick.net/ddm/activity/src=8627703;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005? HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005? HTTP 302
https://adservice.google.com/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005 HTTP 0
https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005

Request Chain 86

https://dc.ads.linkedin.com/collect/?pid=1197&fmt=gif HTTP 0
https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQIe4oqgmqPoywAAAYmTOJ7epz7KplEdREL_7v_PqlqfYpSbzzccWaEOZAD6ZMGEPMvUFZi8bHs12g

Request Chain 91

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=664428625.1711005 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=664428625.1711005&dcc=t

Request Chain 92

https://www.googleadservices.com/pagead/conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LFbBZJPQL9Co78EPlty40A0&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgAMVUNQ7Ah0WLg7a HTTP 302
https://www.google.com/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgAMVUNQ7Ah0WLg7a&is_vtc=1&ocp_id=LFbBZJPQL9Co78EPlty40A0&cid=CAQSKQBpAlJWSfayCTZfovObEkamAAxuMfcoYHrhnBWI0360_T9n-Ggb0rNk&random=3126800778 HTTP 0
https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgAMVUNQ7Ah0WLg7a&is_vtc=1&ocp_id=LFbBZJPQL9Co78EPlty40A0&cid=CAQSKQBpAlJWSfayCTZfovObEkamAAxuMfcoYHrhnBWI0360_T9n-Ggb0rNk&random=3126800778&ipr=y

Request Chain 164

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null HTTP 302
https://www.google.com/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701 HTTP 0
https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701&ipr=y

171 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.americanexpress.com/us/credit-cards/category/travel-rewards/ 267 KB
47 KB 223ms
187ms Document
text/html 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

948dcabf14cdac519e92e745a83948ec58d490fb75e9926c07ee9f356dbb5fb0

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-466426ef75065451505026b5c3d90e2b' 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-466426ef75065451505026b5c3d90e2b' 'nonce-fa5a4755-e59f-4bbc-81a8-6a6a32c9468e' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-security-policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-466426ef75065451505026b5c3d90e2b' 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-466426ef75065451505026b5c3d90e2b' 'nonce-fa5a4755-e59f-4bbc-81a8-6a6a32c9468e' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
content-type: text/html; charset=utf-8
date: Wed, 26 Jul 2023 17:21:46 GMT
etag: W/"42c8b-8IyNVioF4fcrOkLuKfPqv9PziZE"
one-app-version: 4.92.1-af1f6806
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 43384 0 pmb=mTOE,1
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
38 KB 91ms
46ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-94c5"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 38085
expires: Tue, 02 Mar 2021 18:31:40 GMT

GET
H2 200 325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/nav/ngn/fonts/ 68 KB
69 KB 91ms
47ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-11086"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 69766
expires: Wed, 07 Oct 2020 16:56:37 GMT

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ 36 KB
37 KB 105ms
61ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-9121"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37153
expires: Mon, 25 Jan 2021 11:07:20 GMT

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
37 KB 65ms
21ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-943d"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37949
expires: Fri, 27 Nov 2020 03:31:12 GMT

GET
H2 200 dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/iconfont/ 34 KB
34 KB 90ms
46ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/iconfont/dls-icons.woff?v=5.10.0
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-87c4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 34756

GET
H2 200 acq-shop-us-consumer.css
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 310 KB
43 KB 107ms
62ms Stylesheet
text/css 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2af7fe57e1230c553d70476ffe391127aacf4a0d3d7bcf712675f3e27c643171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-4d9c7"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 43586

GET
H2 200 dls.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/ 362 KB
48 KB 83ms
39ms Stylesheet
text/css 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/dls.min.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 862ae6720e612d09b0f08cf8fa87e0e0e9e5808ea957adce4a3c0e432161031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 21:23:58 GMT
etag: W/"64936a6e-5a775"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 48725

GET
H2 200 CardCategory.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 625 KB
180 KB 70ms
26ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/CardCategory.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f5fe1cbea688b8fa501f4a7b6a26234c488f6880fef3de82d9ce88160deb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-9c3bb"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 184397

GET
H2 200 CardCategory.css
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 76 KB
12 KB 217ms
174ms Stylesheet
text/css 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/CardCategory.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65d652511a319fef8f7d3d5619f75d4432ca874322df389d6efe902c90eabf7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-13020"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 11619

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 66ms
64ms Image
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-c95"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1355

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 81ms
78ms Image
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 372c8a5ed0a956b5d75d6e865751c2098b0bc1be5d3d3ddec7f0e9c108a45d18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-b47"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1189

GET
H2 200 dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 139ms
137ms Image
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack-white.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a3cac8efcfbdd85c05051c74db0f67f2ff1de09da283973a6c2db9b1691d16c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-b47"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1187

GET
H2 200 dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/ 10 KB
2 KB 66ms
64ms Image
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/dls-flag-us.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e69d49b8806f3eccd600d3e715c879031ead2bb7227338ebc2dc5a2b7b50da9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2018 21:42:58 GMT
etag: W/"5a6a4f62-26d2"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 1732
expires: Sat, 14 Nov 2020 04:32:06 GMT

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 996 KB
232 KB 68ms
65ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-f8f36"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 237539

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 14 KB
5 KB 87ms
84ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-39bf"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5273

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 787 KB
201 KB 81ms
79ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-c4c2b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 205949

GET
H2 200 en-US.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/ 25 KB
4 KB 201ms
198ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en-US.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-65aa"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 4154

GET
H2 200 axp-acq-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-acq-root/3.27.0/ 232 KB
61 KB 29ms
26ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-acq-root/3.27.0/axp-acq-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0c058f37d15bc97cf0a2358bcfd2e4447954044a6854145e09991b31b944c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 12:35:56 GMT
etag: W/"6464ca2c-39ef7"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 62448

GET
H2 200 axp-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/ 39 KB
11 KB 29ms
26ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/axp-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f8678499879f157a0335a8553172733efe468a81f2a565045fff0751659eb16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 15:28:56 GMT
etag: W/"5f3e96b8-9d96"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 10782

GET
H2 200 acq-shop-us-consumer.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 2 MB
437 KB 67ms
65ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6a48547b7ca5cee0d0409f9973ec1dc82018a1a03d3a2e3ade3b084cad7f8ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-1a3d15"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 447473

GET
H2 200 axp-data-layer.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/ 213 KB
57 KB 67ms
64ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47846f8145bd543eea6812f17609c398d31e65a7b9bf6a9218fa7b8f2eff3e05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 16:54:22 GMT
etag: W/"5f5908be-354a0"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 58210

GET
H2 200 axp-one-seo.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-one-seo/1.4.1/ 37 KB
11 KB 68ms
65ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-one-seo/1.4.1/axp-one-seo.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e78a54c2b44d2d2e1db439e13e8d248dedfaf568377d6cc11d0053ec6958ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 16:02:39 GMT
etag: W/"5ff7309f-953a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 11416

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 204 KB
50 KB 65ms
63ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-32f27"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 51004

GET
H2 200 dls.min.js Show response
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/scripts/ 118 KB
26 KB 67ms
65ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/scripts/dls.min.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c610ed2fb331794caac511b4905f20eaea7d8c2b1a790fc18bcadf40c692021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 21:23:37 GMT
etag: W/"64936a59-1d75b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 25950

GET
H2 200 navScript.js Show response
icm.aexp-static.com/content/Navigation/NavScript/ 3 KB
1 KB 73ms
29ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/Navigation/NavScript/navScript.js

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cfae73d7f4bacf9d15c4e26acfd4dc290d2468d840f93b43395ded65b779f8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:46 GMT
last-modified: Wed, 19 Jul 2023 02:04:17 GMT
server: Akamai Resource Optimizer
etag: "ba4-5ff2b973c45dc-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2783
accept-ranges: bytes
content-length: 1030

GET
H2 200 one-xp-qa-tool-E3.js Show response
www.aexp-static.com/cdaas/one-xp-qa-tool/ 42 KB
11 KB 67ms
64ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-xp-qa-tool/one-xp-qa-tool-E3.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9462374d6e795d42042dc2c976daa90aa0f640aa31303d27230017a3af5cef32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:46 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 19:35:03 GMT
etag: W/"5f89f5e7-a7d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 11252
expires: Mon, 19 Apr 2021 20:24:43 GMT

GET
H2 200 LEHE Show response
www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/ 206 KB
74 KB 487ms
486ms Script
application/javascript 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 17:14:24 GMT
etag: "4ae962072dc2c7e374b2ff8b2d2d17b19dd05831b57b20557ddcc7f961dbbd8a"
stored-attribute-sha-checksum: ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21600
content-length: 75207

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 676ms
171ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-1b67d771-ec67-485c-b9d5-1fd95fe5ad6c' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-1b67d771-ec67-485c-b9d5-1fd95fe5ad6c' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:47 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/ 75 KB
75 KB 28ms
28ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/Roboto-Regular.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

Request headers

Referer: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-12bf8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 76792

GET
H2 200 Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/ 71 KB
72 KB 28ms
27ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/Roboto-Medium.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

Request headers

Referer: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-11cfc"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 72956

GET
H2 200 script-supplier.js Show response
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/ 81 KB
27 KB 31ms
31ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77166e2033cc977e5f8397e64bc0398ff43237bab55d4c807148184fba9fa4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Sat, 24 Jun 2023 00:37:39 GMT
etag: W/"64963ad3-14402"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 27139

GET
H2 200 tracking.gif Show response
track.sv.rkdms.com/ 43 B
263 B 303ms
96ms Fetch
image/gif 34.196.213.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.sv.rkdms.com/tracking.gif?sv_cid=5345_04530&sv_uid=39564613746748913182638241861913063498|9
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.213.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-213-10.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:47 GMT
server: nginx/1.22.0
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.americanexpress.com
cache-control: private, no-cache, proxy-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 en-BB~i1~a1e63395.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/ 18 KB
2 KB 22ms
22ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/en-BB~i1~a1e63395.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-4995"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1695

POST
H2 201 LEHE Show response
www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/ 18 B
835 B 302ms
302ms XHR
application/json 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 2b3be736-417c-40ca-9a2c-4c1814398619
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 447 B
405 B 348ms
131ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1690392

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

f1070bb9a8a71c8cbde3234cb1acaa84478957d3279d906d14dd21c6d8d38d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Wed, 26 Jul 2023 17:21:47 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 318

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 190ms
148ms Preflight 95.100.67.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 26 Jul 2023 17:21:47 GMT
Expires: Wed, 26 Jul 2023 17:21:47 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 370ms
137ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 26 Jul 2023 17:21:48 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 25330 Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/vac/category/ 364 KB
70 KB 1051ms
611ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/vac/category/25330?filters=travel-rewards

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

62f89a328a2e77fa5985f80a9681f1b9008a828cc75345ec1ec186686e8ae49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:48 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=729;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET
H2 200 categoryStaticPageData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 54 KB
12 KB 79ms
79ms Fetch
application/json 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/categoryStaticPageData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Resource Hash

b65848085c070eb7e149c1f9e9f72016726a0136abc9d49e1449455ec8b305ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:47 GMT
last-modified: Thu, 13 Apr 2023 19:14:31 GMT
etag: "d6ed-5f93c88c12897-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2140
accept-ranges: bytes
content-length: 11727

GET
H2 200 cpsTnlData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 92 KB
11 KB 32ms
32ms Fetch
application/json 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/cpsTnlData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Resource Hash

56b05208c2ef3ff2e15b56c18dfc4572be92cbc080337d23649d1c13e439870e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:47 GMT
last-modified: Thu, 13 Jul 2023 17:30:51 GMT
etag: "1718c-60061b193aa2c-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=4823
accept-ranges: bytes
content-length: 10724

GET
H2 200 dls-icon-right-filled.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 235 B
406 B 734ms
734ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-right-filled.svg

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

328ce5d279d3460b4be91c3ecc12443071e59b1e1353542622cb102e0d713aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:48 GMT
last-modified: Sun, 25 Sep 2022 22:27:15 GMT
server: Akamai Resource Optimizer
etag: "eb-57d4b419a09b0-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35248
accept-ranges: bytes
content-length: 160

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 402 B
1 KB 275ms
255ms Fetch
application/json 95.100.67.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 527f8fe4d5f1acee513d7b7d3c9fcc27cc31d6b7f506bb124ef0118f05365f78

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 17:21:48 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 402
Expires: Wed, 26 Jul 2023 17:21:48 GMT

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 444 B
416 B 246ms
128ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=1.0.0&environment=e3&cache=1690392

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

a663c0b584d67ae10b9e7e3a9f82ecf0b4c3f20dc78a486edef1b9928f5e6c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Wed, 26 Jul 2023 17:21:47 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 329

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 454 B
415 B 247ms
129ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=0.1.0&environment=e3&cache=1690392

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

cb7a63249a50fab04696f8a6a0d70fc0118cc922fa739bb2316e63242aadbeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Wed, 26 Jul 2023 17:21:47 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 328

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 433 B
498 B 245ms
127ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dynatrace&version=%5E1.0.0&environment=e3&cache=1690392

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

4d725d85b8124351470aa8d83334cea0ca7b06c1b7be1158efb55c97bcff82cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Wed, 26 Jul 2023 17:21:47 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 313

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 442 B
407 B 247ms
128ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=contentsquare&version=%5E1.0.0&environment=e3&cache=1690392

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

6cb25f29b93e0195c3379980e8de9aa0288f009bef4f5de89f2e9302f079c40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Wed, 26 Jul 2023 17:21:47 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 321

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 383ms
150ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 404
Not Found mid Show response
acqgateway.americanexpress.com/ 122 B
1 KB 513ms
124ms Fetch
application/json 139.71.27.117
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acqgateway.americanexpress.com/mid?pznid=39564613746748913182638241861913063498|9

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.27.117 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acqgateway-r1-vip.americanexpress.com

Software

Resource Hash

75295cd76ae9e26a95b48bb4b4c8fbea415fbdd3bd1d8079b9a95ef282730c34

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:48 GMT
X-Permitted-Cross-Domain-Policies: none
x-b3-traceid: f3c0e4a1538efcacd50364ea7d91bbf6
X-DNS-Prefetch-Control: off
Connection: keep-alive
content-length: 122
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
vary: Origin
X-Download-Options: noopen
access-control-allow-origin: https://www.americanexpress.com
content-type: application/json; charset=utf-8
cache-control: no-store, max-age=0
access-control-allow-credentials: true
access-control-expose-headers: x-b3-traceid
Keep-Alive: timeout=5

GET
H2 200 axp-root.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/en-us/ 193 B
1007 B 23ms
22ms Fetch
application/json 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/en-us/axp-root.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 15:28:44 GMT
etag: "5f3e96ac-c1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 157

GET
H2 200 axp-data-layer.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/en-us/ 232 B
986 B 32ms
32ms Fetch
application/json 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/en-us/axp-data-layer.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 16:54:11 GMT
etag: "5f5908b3-e8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 141

GET
H2 200 dynatrace.js Show response
www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/ 31 KB
13 KB 23ms
20ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/dynatrace.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48c5e532bf11365bc3fdc42a9152d003511abed903c9645a1fa7067880c21b90

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:47 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 03:09:32 GMT
etag: W/"6376f76c-7bc4"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 12691

GET
H2 200 launch-b363d6c28b7c.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/ 283 KB
67 KB 46ms
44ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 804ba55c228a81126b8e2b9a260bc7df58051bfcc820d3d2148350749764d622

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 04:00:51 GMT
etag: W/"649275f3-46a3e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 68244

GET
H2 200 csq.js Show response
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/ 1 KB
769 B 115ms
115ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/csq.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87ecca46c83d2913c0d381687200345db8d9a62255c78e84e5f614f2b173def9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 14:32:53 GMT
etag: W/"64b00b15-421"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 558

GET
H2 200 Bootstrap.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/ 80 KB
23 KB 39ms
39ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de286d1f8cdeb8399d37ca532ded83f7fe18ee155c32f8e921a542574748dfdb

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 07:49:50 GMT
etag: W/"6295c89e-140ab"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 22730

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/one/user-consent-management/1.9.10/ 134 KB
42 KB 38ms
37ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/user-consent-management/1.9.10/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 843bcfc0054f7a749fd2919e84db101733044c763c29fc87bb1b03202bd98efe

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 03:22:39 GMT
etag: W/"649e4a7f-2168d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 43045

GET
H/1.1 200
OK ruxitagent_A27Vfhjqrux_10233220224103020.js Show response
dynatracepsg.americanexpress.com/jstag/managed/ 198 KB
76 KB 648ms
124ms Script
application/javascript 139.71.8.18
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/dynatrace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.8.18 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: dynatracepsg2.americanexpress.com
Software: /
Resource Hash: 87b1236a89f18934179862bf5fd808af2460c7dff7a0b7cbadbbe3a07e88e4ab

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 17:21:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: Thu, 25 Jul 2024 16:57:31 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073

4 KB
2 KB

43ms
43ms

XHR
application/json

52.213.166.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073

Protocol

HTTP/1.1

Server

52.213.166.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-166-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12553e7b7140549144fd93c7ac51abb477e62be85f98965e5a68443c46aa6e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0b5931b43.edge-irl1.demdex.com 9 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Jtdbf2XsRBs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1386
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0ec6ca8b8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TcdXln3rREo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.americanexpress.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690392108073
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/ 58 KB
21 KB 21ms
21ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0acd7808230fbefd316cf2523581b2f92fa7f12a59f63e4cf4bc295bbfc47889

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 03:01:45 GMT
etag: W/"64926819-e969"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 20797

GET
H2 200 uxa.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 402 KB
86 KB 83ms
14ms Script
application/javascript 2600:9000:2490:8e00:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/csq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8e00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbce028756fa1340b4e66d4bd45a6f812f7d9c8acb77c40aa06c4a3966e8fd68

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 14:52:33 GMT
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-version-id: _js5CtCdf_uNbTJBseRY4PJDP1ldgFgX
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 87509
last-modified: Tue, 11 Jul 2023 01:36:51 GMT
server: AmazonS3
etag: "d3bfbc82ca45cead96f3c0a762f8f46a"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: JAK6TlmBdChiRilVsaUesAX1skPbAQDLuSjck1GrU64QZO4dRiu8Kg==

GET
H2 200 global.min.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/ 16 KB
3 KB 72ms
71ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/global.min.js?vr=1.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:28:28 GMT
etag: W/"63be651c-3ee4"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 2415

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 19 KB
5 KB 26ms
25ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:33:52 GMT
etag: W/"64358bf0-4aae"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5153

GET
H2 200 serverComponent.php Show response
tms.americanexpress.com/amex/amexcom/ 392 B
581 B 145ms
54ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards%26ens_env%3D3%26ensMarket%3Den-US%26ensApp%3Dacq%26deviceType%3Dlarge
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: a780f8f673e11aef87a6c9c84ce00fcd61f4d6622a49d71a23409e0b7921d016

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: irfdahF4w46eQqshdB5JMF27JYGyTCQM7vHgArX7OVqDxS--i35ofw==
expires: Wed, 26 Jul 2023 17:21:47 GMT

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame A33F 0
0

POST
H2 201 LEHE Show response
www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/ 18 B
810 B 1333ms
1332ms XHR
application/json 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 7b89747c-a180-4b6c-a589-8977efaef4c8
access-control-allow-headers: Content-Type
content-length: 18

POST
H/1.1 200
OK captureevents.do Show response
gct.americanexpress.com/gct/ 0
1 KB 559ms
208ms XHR
application/javascript 139.71.50.190
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.190 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'
Date: Wed, 26 Jul 2023 17:21:48 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
Content-Type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame 6E92 0
4 KB 123ms
123ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-785fad80-2509-4b46-90d7-1308812b4116' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-785fad80-2509-4b46-90d7-1308812b4116' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:48 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 id Show response
omns.americanexpress.com/ 48 B
475 B 81ms
26ms XHR
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=40214993501847562242363660209099757790&ts=1690392108475

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

7ec4f3f2a3175ef232f5a35adf935ebdba71c76e0f824e52e15a98dc561a5edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.americanexpress.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 ptc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 67 KB
14 KB 9ms
9ms Script
application/javascript 2600:9000:2490:8e00:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8e00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 552768fa93ffc02374e2b586800c238d7fe70d0849bf39817015d0bd398afdc9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 14:52:34 GMT
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-version-id: GFYIXZ_D7hgUc24mDxTDQ6O__XMFGjRY
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13882
last-modified: Tue, 11 Jul 2023 01:36:50 GMT
server: AmazonS3
etag: "e7592b40163469fa2ec9dddf2e1b7262"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: wiaesPXTQ0DKov8VqbxDROxJcpptnFIgr3vpf7sY2xRuqf2tYuWmDQ==

GET
H2 200 87f0334110f27414904b4e29902d34a5.js Show response
tms.americanexpress.com/amex/amexcom/code/ 77 KB
9 KB 24ms
23ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/87f0334110f27414904b4e29902d34a5.js?conditionId0=4829101
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 96a8c21d34ba72c3b1befb7684d57fb64105bc4cbc73645d52067df9259a2bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
x-amz-version-id: moF3xHFz67f.qNwGyu8mI4CptmoT7R.E
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 9450573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Mar 2023 10:28:19 GMT
server: CloudFront
etag: W/"17efa3486547e4ffa42835e13a546cc3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: itPOpEK-qxYRehAoWCSy-489LomY2WpfwQXU2CtvnZibjQoHrIMvxQ==

GET
H2 200 fe63bf27e2c0e7ba75765fc8af48766f.js Show response
tms.americanexpress.com/amex/amexcom/code/ 11 KB
4 KB 22ms
22ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/fe63bf27e2c0e7ba75765fc8af48766f.js?conditionId0=421808
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
x-amz-version-id: pZOQgqFNxPOGtiZI4rb1GR_NSN41scWK
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 6438666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 May 2023 03:21:13 GMT
server: CloudFront
etag: W/"d3605580e68458a8c9209b69ed427ab6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: ZmzlqLzPGMJggWVv1HMKJhyrWO05u-WdeSRtf2JE88dzozPg6aUbEw==

GET
BLOB 200
OK 073f826c-6b6e-48d1-af10-23a48b81ba2d
https://www.americanexpress.com/ 36 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanexpress.com/073f826c-6b6e-48d1-af10-23a48b81ba2d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ae73a1b8ab93248d6e01191eee887d490c31411cd5935f542f55231040ccfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 36377
Content-Type: application/javascript

GET
H2 200 pcc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 77 KB
18 KB 28ms
26ms Script
application/javascript 2600:9000:2490:8e00:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/pcc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8e00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d38ce08adc40ded591c1d4733a9c3dcaad864d8f0172cd950287e4af3d25540

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 14:52:34 GMT
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-version-id: rmyb2l2iOSI2CC0ljgS3cW9QAro6cU8Q
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18122
last-modified: Tue, 11 Jul 2023 01:36:50 GMT
server: AmazonS3
etag: "84f06e75513780da273fcb15bf6f006d"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: iV65LR0-pjpnmRWzVKqqewbSZysNMT5RfFCKysdgs6u_WeKE5sF9Gg==

GET
H2 200 wr.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 6 KB
2 KB 29ms
26ms Script
application/javascript 2600:9000:2490:8e00:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/wr.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8e00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 14:52:34 GMT
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-version-id: ymXhHMcWrhUf5SVQxBl7yoGTLFTQoFTS
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2017
last-modified: Tue, 11 Jul 2023 01:36:49 GMT
server: AmazonS3
etag: "e53f78d1c505fc3271aa87ff1a71d5ac"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: UpMrG0uQQen-TyxFRY6Qc4JcPTemEFysZm21__XNdRSeFYmDBvRueA==

POST
H2 201 LEHE Show response
www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/ 18 B
822 B 198ms
198ms XHR
application/json 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: bd3ab4af-7210-4ed7-9cc4-6b4a314adc6c
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 s72340244220194 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 53ms
52ms Script
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s72340244220194?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F6%2F2023%2017%3A21%3A48%203%200&d.&nsid=15&jsonv=1&.d&mid=40214993501847562242363660209099757790&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards&g=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=0&.cm&omn.&lob=acq&country=us&language=en&inav=menu_cards_pc_travelrewardscards&.omn&.c&cc=USD&server=www.americanexpress.com&events=event140&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Cacq%7Ccredit-cards%7Ccategory&c3=en&c4=US&c6=D%3Dv6&v8=menu_cards_pc_travelrewardscards&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Cacq&c24=US%7Cacq%7Ccredit-cards&v27=US&c30=US%7Cacq%7Ccredit-cards%7Ccategory&c31=US&c38=US%7Cacq%7Ccredit-cards%7Ccategory&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.3.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-06-21&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards&c75=Launch&v75=40214993501847562242363660209099757790&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=16903921080065B0GFNICN4B0UDSLAE7KGLSQF9SAQMQ7&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

22975a14b227e17f6f51bd7ba6b5bc7667a3471d470341233c6babf4ea131024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: M0ZVaz21Tfc=
date: Wed, 26 Jul 2023 17:21:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4167
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v050-04aec769b.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Thu, 27 Jul 2023 17:21:48 GMT
server: jag
etag: 3630089411800367104-4619700376988295663
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 25 Jul 2023 17:21:48 GMT

GET
H2 200 le-mtagconfig.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/ 2 KB
1 KB 32ms
32ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 13:24:48 GMT
etag: W/"5e43fca0-75b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 832
expires: Sun, 14 Feb 2021 08:01:05 GMT

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 115ms
115ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-8dbc70e8-0957-44e7-b12f-13343f88f2cd' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-8dbc70e8-0957-44e7-b12f-13343f88f2cd' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:48 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET noscriptamex
tags.wdsvc.net/ 0
0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
634 B 124ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10091564&ec=CPSA9_ZZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 26 Jul 2023 17:21:48 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 55ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1087025278065923&ev=PageView&dpo=LDU&dpoco=0&dpost=0&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Jul 2023 17:21:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8627703;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;...
https://ad.doubleclick.net/ddm/activity/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav...
https://adservice.google.com/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=...
https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=m...

0
0

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=1197&fmt=gif
https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQIe4oqgmqPoywAAAYmTOJ7epz7KplEdREL_7v_PqlqfYpSbzzccWaEOZAD6ZMGEPMvUFZi8bHs12g

0
0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
568 B 116ms
42ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613808224364&event=pagevisit&[line_items][0][product_id]=%271%27&ed[line_items][0][product_name]=CPSA9_ZZ&noscript=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d0d5ce17.1690392108.29d7a545
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1749494276199133
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 147ms
107ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?id=t2_vjf6aeeo&event=Lead&integration=noscript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 conversion
jadserve.postrelease.com/ 43 B
428 B 123ms
31ms Image
image/gif 34.247.45.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/conversion?ntv_pixel_id=d7c4ff32d4374e7da2aef8b33664f6c0&ntv_pixel_value=[optional_float]&ord=664428625.1711005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.45.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-45-95.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 54ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1087025278065923&ev=PageView&cd[product]=ZZ&cd[page_description]=CPSA9_ZZ&dl=https://www.americanexpress.com/&dpo=LDU&dpoco=0&dpost=0&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Jul 2023 17:21:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%...

43 B
855 B

120ms
120ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=664428625.1711005&dcc=t

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 17:21:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J5G604R7BA0872NHZCDB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 17:21:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X7822SDB6NS9KDSFEY8C
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=664428625.1711005&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

/
www.google.de/pagead/1p-conversion/9366399813/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LFbBZJPQL9Co78EPlty40A...
https://www.google.com/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsg...
https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgA...

0
0

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 138ms
31ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=3776&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&sn=1&hd=1690392108&pn=1&dw=1600&dh=2920&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards&uc=1&la=en-US&cvars=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%7D&cvarp=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%7D&v=13.28.5&pvt=n&ex=&r=262385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame FEEB 0
0

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame 31B6 0
0

POST
H2 201 LEHE Show response
www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/ 18 B
815 B 279ms
277ms XHR
application/json 95.100.68.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/v0Ov6l/_fV2i/RFl4z/bM11/YEOE8m8pJDEOh5/WV47agRFFAY/cnUXMFw/LEHE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.68.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-68-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: a0e0f653-ca4e-4665-a873-a44c1b517b81
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 114ms
31ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAQEAMAgCsEqICKd%2FsW8CR%2B0e5ilnUlyvDaJoc0nxATD0334mAAAA&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&r=315809
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 95ms
31ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBCREAMAgDME3lLXa4Mv8SlgxEOMiY3rPXiNoUVSGbQ%2BcpY%2FwDEwmvPygAAAA%3D&ct=2&isETR=false&isCustomHashId=true&v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&r=138623
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 32ms
31ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&dv=H4sIAAAAAAAAAy2PXWvCMBSG%2F0rIlYKtSZoPo1dFYRuuY2A3L%2BYoaXsyg1lb2so%2BxP%2B%2BbOzqwAvPe573grP1890GLzEnjHKtE0HogishGeMskYmUhBFNtFZCKU3wDD8N0Kdv0IwBytpv572Zi5igyd41dfsxoIccURKTFQqB5Cv0KfkUpV3nYQ%2Fl1o1zkag4kWiyvc2z%2Bxny7gToBqpTO0XrY9%2B%2Bw5zS0BiL8DCmlKCdsaZ3%2F1xQSM%2FjMQi4yoxQBw1r%2FAC%2F%2BWNWbPJiB8Pg2uZvFik5LSWRUbgyMpYuosrUKtLMMgVlXZlKxzSw1oGvC9MY%2FxWKh8KevQ%2F85YC7HmxYCfUBL19er%2Fj6A2lHHlg1AQAA&ct=2&r=309014
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 137ms
27ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=14106077

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 465ms
391ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-7eeb7dbe-3e8e-4586-adfb-90cc12c144e4' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-7eeb7dbe-3e8e-4586-adfb-90cc12c144e4' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:49 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 124ms
123ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-073003a3-208e-4431-a6e8-1cd629b8c605' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-073003a3-208e-4431-a6e8-1cd629b8c605' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:49 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 177ms
177ms Preflight 95.100.67.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 26 Jul 2023 17:21:49 GMT
Expires: Wed, 26 Jul 2023 17:21:49 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 402 B
1 KB 224ms
223ms Fetch
application/json 95.100.67.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 527f8fe4d5f1acee513d7b7d3c9fcc27cc31d6b7f506bb124ef0118f05365f78

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 17:21:49 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 402
Expires: Wed, 26 Jul 2023 17:21:49 GMT

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 424ms
412ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-bcb2394d-6af6-45cd-8388-44b3927eda35' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-bcb2394d-6af6-45cd-8388-44b3927eda35' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:49 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/ 342 KB
121 KB 24ms
24ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

1cd1c72cffe0bf75e936018576f780d573d89f350748912a81a4d53007c7f9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 31ms
31ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAystrklMLqxJLkpNySzRTU4sSimuSU4sSU3PL6qsKSlKLEvN0S1KLQeJAwD0VPD9KwAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&r=747533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:49 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 32ms
32ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA3NMTw%2FwqyktrklMLqxJLkpNySzRTU4sSimuSU4sSU3PL6qsKSlKLEvN0S1KLQeJAwDo7%2F%2FMMQAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&r=126457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:49 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
460 B 113ms
113ms XHR
text/plain 139.71.8.18
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-13%24KTC4E6UTCRFAMBLALTJHNTFFCJLNL790;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards;visitID=WPKFATHFACNIKCQJOHKCFCUSDKBKIJNI-0;app=24FF88ADA3BFD2CE;crc=3874205155;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.8.18 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: dynatracepsg2.americanexpress.com
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Jul 2023 17:21:49 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/ 7 KB
3 KB 117ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

43156d6b172ff8739106616042d924a411b79ec139228ce2176f48b9a0dc5fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:47 GMT

GET
H2 200 consumer_acq.js Show response
publisher.liveperson.net/external-project/14106077/js/ 3 KB
2 KB 492ms
449ms Script
application/javascript 2a04:4e42::448
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.liveperson.net/external-project/14106077/js/consumer_acq.js
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a04:4e42::448 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: ws /
Resource Hash: 0fda5b32bb5f4cfec48b056cff712764f712c23e55251b99381e2ce457a8b7a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-object-meta-lp-version: 1.0.635
content-encoding: gzip
x-openstack-request-id: tx17c2d4a0ab9f49bfabf37-0064c01f59
date: Wed, 26 Jul 2023 17:21:49 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
x-trans-id: tx17c2d4a0ab9f49bfabf37-0064c01f59
content-length: 1192
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 25 Jul 2023 19:06:47 GMT
server: ws
x-timer: S1690392109.267118,VS0,VE442
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT
content-type: application/javascript
x-object-meta-mtime: 1690311712.000000
x-timestamp: 1690312006.28219
cache-control: max-age=600
access-control-allow-credentials: true
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
x-object-meta-lp-project: public
x-cache-hits: 1

GET
H2 200 ui-framework.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 40 KB
15 KB 178ms
39ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ui-framework.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:49 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 88 KB
30 KB 180ms
42ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/UMSClientAPI.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:49 GMT

GET
H2 200 lpChatV3.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 92 KB
31 KB 201ms
64ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/lpChatV3.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:49 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 8 KB
3 KB 200ms
63ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/surveylogicinstance.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:27 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:49 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ 6 KB
2 KB 127ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:42 GMT

GET
H2 200 desktopEmbedded.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 997 KB
311 KB 41ms
40ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/desktopEmbedded.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:49 GMT

GET
H2 200 storage.secure.min.html Show response
lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/ Frame 5DB5 39 KB
16 KB 109ms
106ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 26 Jul 2023 17:21:49 GMT
expires: Thu, 25 Jul 2024 17:21:49 GMT
last-modified: Fri, 17 Mar 2023 01:15:35 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 108ms
108ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 26 Jul 2023 17:21:49 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 108ms
107ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 26 Jul 2023 17:21:49 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 axp-glyph-down.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 347 B
427 B 492ms
492ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-glyph-down.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

08843cb6db7bb529c5b6a4ca202abd067d55b186dcbb911894c15938a1765b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Sep 2022 21:00:44 GMT
server: Akamai Resource Optimizer
etag: "15b-5b957d41690c7-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35559
accept-ranges: bytes
content-length: 208

GET
H2 200 icon-generic-cards.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 522 B
528 B 604ms
604ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/icon-generic-cards.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a8f4acf91763177692de540d5bc9b6615c1ad09315b2f5bce8592c56f9954174

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:50 GMT
last-modified: Wed, 28 Sep 2022 00:31:27 GMT
server: Akamai Resource Optimizer
etag: "20a-5b95805c519be-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35559
accept-ranges: bytes
content-length: 281

GET
H2 200 axp-icon-search.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 555 B
565 B 583ms
583ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-icon-search.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

574bb84ea46b345970f5958691a46e1ac0c1fd2457047b37703824868043f1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:50 GMT
last-modified: Thu, 29 Sep 2022 23:32:27 GMT
server: Akamai Resource Optimizer
etag: "22b-5b9580ce4d314-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35559
accept-ranges: bytes
content-length: 317

GET
H2 200 category-travel-hero.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 18 KB
19 KB 51ms
51ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/category-travel-hero.jpg?CPS_CARD_SHOP_VER
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b5a4068db8e8a5704c0b72b3896d29f59e6fdfb3b39517f5de64d4854a2e49cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Sat, 14 May 2022 16:39:11 GMT
server: Akamai Image Manager
etag: "16e27-56adaa0c17100-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 18794
expires: Thu, 27 Jul 2023 05:21:49 GMT

GET
H2 200 Classic-Platinum.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 1 KB
2 KB 25ms
24ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/Classic-Platinum.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d4535c70e7120623bf1c108dd565f8cb15c637268e42175698d01a5c1f06e88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Thu, 20 Jan 2022 08:50:13 GMT
server: Akamai Image Manager
x-serial: 1065
x-check-cacheable: YES
etag: "1173-5d32ffc315b41-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=74997
content-length: 1384
expires: Thu, 27 Jul 2023 14:11:46 GMT

GET
H2 200 Kehinde-Wiley.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 3 KB
3 KB 50ms
49ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/Kehinde-Wiley.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d5834988ecb79587074f945c4bcd5f9d27218f837399dcda199a09755e8dc889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Mon, 12 Sep 2022 00:42:32 GMT
server: Akamai Image Manager
x-serial: 862
x-check-cacheable: YES
etag: "2a2a-5d32ffc84cabc-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=84481
content-length: 2770
expires: Thu, 27 Jul 2023 16:49:50 GMT

GET
H2 200 Julie-Mehretu.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 2 KB
2 KB 50ms
49ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/Julie-Mehretu.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fc8b7a738cccfc74c49dffa445e9a2a8f8ae9c538d78282402c1bafe2f0a8042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Mon, 10 Jan 2022 14:42:27 GMT
server: Akamai Image Manager
etag: "1a1d-5d32ffc247e35-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=42121
content-length: 2112
expires: Thu, 27 Jul 2023 05:03:50 GMT

GET
H2 200 gold.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 1 KB
1 KB 24ms
23ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/gold.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: de9407ffd3b03873dfef1342378905b0d0dd299890e61e06a39a9bf6f3ec663e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Fri, 08 Jul 2022 14:40:19 GMT
server: Akamai Image Manager
etag: "12a7-5d92cbdab529b-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=63158
content-length: 1336
expires: Thu, 27 Jul 2023 10:54:27 GMT

GET
H2 200 rose-gold.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 1 KB
1 KB 24ms
24ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/rose-gold.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4f5999b635cb822e924d77e7aff19584cd5314e67a4a5de1d8f2083d5ea0f155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Wed, 22 Jun 2022 14:47:04 GMT
server: Akamai Image Manager
etag: "11de-5d92cbda5e3fb-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=69548
content-length: 1276
expires: Thu, 27 Jul 2023 12:40:57 GMT

GET
H2 200 Standard-Classic-Metal.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 1 KB
1 KB 64ms
63ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/Standard-Classic-Metal.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e49fd9c0d0a1a97cc0dcd57c5c251a9789b2763f49ecf41c442ec7e9b9aee15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Wed, 15 Jun 2022 18:43:42 GMT
server: Akamai Image Manager
etag: "189e-5ddb7a6a7a6ea-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=34365
content-length: 1158
expires: Thu, 27 Jul 2023 02:54:34 GMT

GET
H2 200 Recycled-Ocean-Plastic.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/ 1 KB
1 KB 48ms
48ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/credit-cards/rubiks/Recycled-Ocean-Plastic.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e49fd9c0d0a1a97cc0dcd57c5c251a9789b2763f49ecf41c442ec7e9b9aee15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Sat, 10 Sep 2022 06:34:57 GMT
server: Akamai Image Manager
etag: "189e-5ddb7a7732c4d-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=41040
content-length: 1158
expires: Thu, 27 Jul 2023 04:45:49 GMT

GET
H2 200 TravelCreditCards-GlobalAssist-2x.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/medium-2x/ 199 KB
199 KB 104ms
104ms Image
image/avif 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/medium-2x/TravelCreditCards-GlobalAssist-2x.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6caae24d61dc38fb1cd3870ab692d63e291c730d7d7b868ae7206f50540b2847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Tue, 24 Jan 2023 11:23:36 GMT
server: Akamai Image Manager
etag: "57b49-54d05d07420c0-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=49480
content-length: 203771
expires: Thu, 27 Jul 2023 07:06:29 GMT

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.29.1/package/dist/fonts/ 36 KB
37 KB 54ms
54ms Font
font/woff 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.29.1/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/dls.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/dls.min.css
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Fri, 10 Mar 2023 19:27:22 GMT
etag: "640b849a-9121"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 37153

GET
H2 200 axp-glyph-right.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 353 B
453 B 550ms
548ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-glyph-right.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b5bd6b720d8d106e3574b1d46b1c38c6c81fe5f1a09653f96437aa3d54c0f6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:50 GMT
last-modified: Tue, 27 Sep 2022 23:25:54 GMT
server: Akamai Resource Optimizer
etag: "161-5b957d41523aa-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35249
accept-ranges: bytes
content-length: 206

GET
H2 200 dls-icon-plus-circle.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 360 B
464 B 503ms
502ms XHR
image/svg+xml 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-plus-circle.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

992fb685b350a623037c0d7dce20da4b6f505eeee59cba92f53bf03cb2a7acbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:50 GMT
last-modified: Wed, 28 Sep 2022 10:23:27 GMT
server: Akamai Resource Optimizer
etag: "168-57d4bfe2b696d-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=35249
accept-ranges: bytes
content-length: 217

GET
H2 200 NUS000000237_480x304_straight_withname.png
icm.aexp-static.com/acquisition/card-art/ 40 KB
40 KB 23ms
20ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/acquisition/card-art/NUS000000237_480x304_straight_withname.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d8ac7db3340a8b4966574e4fb872f20e87a71191fd3339ad517de3c2590a0f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Wed, 23 Feb 2022 17:11:15 GMT
server: Akamai Image Manager
etag: "1f866-5d8b28bed2e30-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=82762
content-length: 40710
expires: Thu, 27 Jul 2023 16:21:11 GMT

GET
H2 200 NUS000000174_480x304_straight_withname.png
icm.aexp-static.com/acquisition/card-art/ 35 KB
35 KB 42ms
39ms Image
image/avif 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/acquisition/card-art/NUS000000174_480x304_straight_withname.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1702cd525d3a348a26142e9514aaebeaffbdc7a9d3b5b2586f8faf8608e9a97c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Fri, 21 Apr 2023 18:45:51 GMT
server: Akamai Image Manager
x-serial: 1281
x-check-cacheable: YES
etag: "1cde9-5e4275e0fa10c-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=65605
content-length: 35985
expires: Thu, 27 Jul 2023 11:35:14 GMT

GET
H2 200 gold-delta-skymiles.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 33 KB
33 KB 42ms
39ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/gold-delta-skymiles.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e09df71eb033d8a16ee9f7571ad2fd424235dfe0912cb6fb5d34659225e5e33a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Thu, 17 Feb 2022 16:06:04 GMT
server: Akamai Image Manager
x-serial: 1719
x-check-cacheable: YES
etag: "40425-5d838f11331fd-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=8616
content-length: 33908
expires: Wed, 26 Jul 2023 19:45:25 GMT

GET
H2 200 cardlanding_category_travel.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 12 KB
12 KB 127ms
124ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_travel.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db90275d202e5fe33cc7f76063284cbf078234319c7d652b20871d68fee95ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Tue, 16 Nov 2021 11:43:00 GMT
server: Akamai Image Manager
etag: "36c9-54d060379a6c0-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=64857
content-length: 12370
expires: Thu, 27 Jul 2023 11:22:46 GMT

GET
H2 200 cardlanding_category_cashBack.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 12 KB
12 KB 42ms
40ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_cashBack.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c083b54108b865a25464ebf29b76435428f01bd3e8e43212394663df0b170747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Sat, 29 Jan 2022 22:55:53 GMT
server: Akamai Image Manager
etag: "3dab-54d05fa88d540-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=34901
content-length: 12278
expires: Thu, 27 Jul 2023 03:03:30 GMT

GET
H2 200 cardlanding_category_rewards.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 5 KB
5 KB 52ms
50ms Image
image/avif 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_rewards.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 60fb61b218e4c773455a6a519334c358f2d21cd68d7aa64f1e66ad03208adbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Sun, 12 Feb 2023 10:37:33 GMT
server: Akamai Image Manager
etag: "27db-54d05fb02e740-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 4932
expires: Thu, 27 Jul 2023 05:21:49 GMT

GET
H2 200 platinum-delta-skymiles.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 8 KB
8 KB 41ms
39ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/platinum-delta-skymiles.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9ed9e1017920ef15c43266e6722c3b18776a5dbf6fadad82a23a5c8f3a24e7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Sat, 27 Nov 2021 13:45:30 GMT
server: Akamai Image Manager
x-serial: 1252
x-check-cacheable: YES
etag: "9fe9-5c456ac53548b-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=15104
content-length: 8298
expires: Wed, 26 Jul 2023 21:33:33 GMT

GET
H2 200 marriott-bonvoy-bevy-card.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 15 KB
15 KB 40ms
38ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/marriott-bonvoy-bevy-card.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ae64d2f1b8a18ae84d71f9b545256d279d8550b154a3d5f908c1b45b415a38c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Fri, 16 Sep 2022 10:29:40 GMT
server: Akamai Image Manager
x-serial: 1481
x-check-cacheable: YES
etag: "730e6-5e69da52844ae-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=69501
content-length: 15024
expires: Thu, 27 Jul 2023 12:40:10 GMT

GET
H2 200 marriott-bonvoy-brilliant-card.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 11 KB
11 KB 41ms
39ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/marriott-bonvoy-brilliant-card.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 80137f3def66a36e16b2e98e90f56d718df2da7fe6f1c16ebf2e989e91333e81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Thu, 22 Sep 2022 04:13:33 GMT
server: Akamai Image Manager
x-serial: 1870
x-check-cacheable: YES
etag: "d2b6-5e93c4864acfd-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=64934
content-length: 11350
expires: Thu, 27 Jul 2023 11:24:03 GMT

GET
H/1.1 200
OK cardshopql Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/v3/ 206 KB
40 KB 359ms
358ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/v3/cardshopql?query={cardShop(shop:%22consumer%22,page:%22cc%22,country:%20%22us%22,queryParams:%22{\%22params\%22:{\%22entryEEP\%22:\%2225330\%22}}%22){cards{cardFlags{id%20value}filters%20usesCMPZN%20paymentType%20cardType%20productId%20dtmProductName%20specialInd%20cardTitle%20appAssets%20{cardArt}%20pmcCode%20shortName%20cardHeadline%20applyNowLink{dtmTag%20link%20title%20url}fee{%20header%20text}rates{header%20text}controlHow{header%20text}tncLinks{offerTerms{url%20link%20title%20DXP_url%20dtmTag}ratesFees{url%20link%20title%20DXP_url%20dtmTag}}viewDetailsLink{link%20title}IACode%20uaCtaOffer%20{acquisition_offer_id%20applicant_request_token}ctaPostData%20{acquisition_offer_id%20applicant_request_token}dualOffer{text%20header}designVariations%20{%20experienceId%20arrangementId%20dtmCardName%20cardDesigns%20{%20%20id%20%20displayName%20%20state%20%20name%20%20pickerImage%20%20designDtmTag%20%20formFactor%20%20paymentTechnology%20%20digitalAssetId%20%20default%20%20cardArt%20{%20%20%20%20default%20%20%20%20desktop%20%20%20%20desktop2X%20%20%20%20tablet%20%20%20%20tablet2X%20%20%20%20mobile%20%20%20%20mobile2X%20%20}%20}}welcomeOffer{text%20header%20title%20{%20%20%20%20prospect%20%20%20%20member%20%20}}greatFor{description%20toutId%20order}keyProductFeatures{groupHeader%20groupId%20subGroupNames%20features{%20description%20header%20order}}howYouEarnCashBack{features{%20toutId%20header%20description}}benefitsAtAGlance{benefits{%20toutId%20header%20benefitId%20order%20description}}productFeatures{groups{dtmTag%20groupHeader%20order%20groupId%20features{%20description%20header%20order}subGroups{features{%20description%20header%20order}header{headline%20id%20toutId}}}}productId}}}

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

026e6680e3c1e55c48a634023a5293f5ae73b4eb2d0d88bf7b66de53f3387415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:49 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=729;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET
H2 200 compareStaticPageData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 55 KB
9 KB 17ms
17ms Fetch
application/json 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/compareStaticPageData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Resource Hash

e30a7da8af51846582e4a4e666745fffe7073c15686b1c754a2a7466fa1c1cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Thu, 20 Jul 2023 05:31:34 GMT
etag: "dcb8-600e476233a16-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=4682
accept-ranges: bytes
content-length: 8230

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 126ms
126ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 153ms
152ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK pznExtn Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/ 2 KB
1 KB 647ms
427ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/pznExtn

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

439ffb3222b2f6f992c24fd4266b8a56178e59b9148897adaa0608bd6a0b46df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:50 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=NaN;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET noscriptamex
tags.wdsvc.net/ 0
0

POST
H2 200 s71588823038330 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 49ms
48ms XHR
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s71588823038330

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

5e430e31dd8f737fb8cecaaa3e097acac359cd20a43376734ef669cd4486d60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: 6HfCsqagQCU=
date: Wed, 26 Jul 2023 17:21:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4118
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v050-0b6b5be26.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Thu, 27 Jul 2023 17:21:49 GMT
server: jag
etag: 3630089414792871936-4619597470098994447
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 25 Jul 2023 17:21:49 GMT

GET
H2 200 ClickStreamVars.js Show response
icm.aexp-static.com/Internet/US/DARE/ 3 KB
1 KB 33ms
33ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/US/DARE/ClickStreamVars.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-129-56.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 17:21:49 GMT
last-modified: Wed, 19 Jul 2023 20:38:38 GMT
server: Akamai Resource Optimizer
etag: "bbe-5bc035198f58c-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=3670
accept-ranges: bytes
content-length: 837

GET
H2 200 pzncs.min.js Show response
www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/ 9 KB
3 KB 33ms
33ms Script
application/javascript 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e950b6503fdc24893b247cccaed9cc937306c8e09cce0b8c8a21979159429a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 12:46:24 GMT
etag: W/"5e5d0020-23bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3043
expires: Fri, 20 Nov 2020 02:33:58 GMT

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/ Frame 5DB5 3 KB
2 KB 41ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/refererrestrictions?cb=lpCb85766x84499

Requested by

Host: lpchat.americanexpress.com
URL: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

28ac87684fa988988cd4bce6539bce97918d11b5d204cd3a979b17e635fc8272

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpchat.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:49 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:42 GMT

GET
H2 200 s7619200920036 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 52ms
52ms Script
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s7619200920036?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F6%2F2023%2017%3A21%3A49%203%200&d.&nsid=15&jsonv=1&.d&mid=40214993501847562242363660209099757790&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards&g=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards&c.&cm.&ssf=0&.cm&omn.&identifier=acq-shop-us-consumer&element=ViewAllCards%3AtopThreeCards&lob=acq&detail=platinum%2Cgold-card%2Cdelta-skymiles-gold-american-express-card&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=acq-shop-us-consumer&v5=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EViewAllCards%3AtopThreeCards%3E%3Eplatinum%2Cgold-card%2Cdelta-skymiles-gold-american-express-card&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=acq-shop-us-consumer&c22=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EViewAllCards%3AtopThreeCards%3E%3Eplatinum%2Cgold-card%2Cdelta-skymiles-gold-american-express-card&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.3.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-06-21&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards&v75=40214993501847562242363660209099757790&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

5c015a8feafdc2ac78ea9ab1f35ea71f6322edaf8de45f03f618b3bb9e16fe8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: PjliYpu3RL0=
date: Wed, 26 Jul 2023 17:21:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4166
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v050-01d8b9ba0.edge-irl1.demdex.com 9 ms
pragma: no-cache
last-modified: Thu, 27 Jul 2023 17:21:50 GMT
server: jag
etag: 3630089416596553728-4619722761839785649
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 25 Jul 2023 17:21:50 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ 6 KB
2 KB 87ms
87ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:50 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:42 GMT

POST
H/1.1 204
No Content v2clickStream Show response
aeopprodvip.acxiom.com/services/ 0
429 B 613ms
200ms XHR
text/html 198.160.127.57
ACXIOM

General

Check archive.org

Show headers Download Go to

Full URL

https://aeopprodvip.acxiom.com/services/v2clickStream

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

198.160.127.57 Conway, United States, ASN15026 (ACXIOM, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age:31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Jul 2023 17:21:50 GMT
Strict-Transport-Security: max-age:31536000
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Referer
X-Application-Context

GET
H2 200 postmessage.min.html Show response
va.v.liveperson.net/postmessage/ Frame BE10 11 KB
5 KB 409ms
93ms Document
text/html 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690392110057&loc=https%3A%2F%2Fwww.americanexpress.com

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
content-type: text/html
date: Wed, 26 Jul 2023 17:21:50 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 30ms
30ms Image
text/plain 52.18.30.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAx2MQQrDMAwEPxR9oAdB6LmXUHIXtmhEZcuxbJJCH5%2Fg4%2Bwss7zmf3dECjv4ZgW6Q7DsPXFFlFQqu4tlxFX4mFWfVKM%2FmpX3VpkHIRalJrmn6WMaIdzjFFkbgX9%2FSZQdhqA7KoEy8Dm643kBPdF2boIAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=0b41b606-b416-af18-cad7-92f27ebdcac9&r=288157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-30-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 17:21:50 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ Frame BE10 225 B
1 KB 330ms
329ms XHR
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?&__d=44681

Requested by

Host: va.v.liveperson.net
URL: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690392110057&loc=https%3A%2F%2Fwww.americanexpress.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

186ee4246986a4c2ef837b99c721016b3ee3e289f785dabcec00c1d1ff84efe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

LP-DOMAIN-REFERER: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690392110057&loc=https%3A%2F%2Fwww.americanexpress.com
X-Requested-With: XMLHttpRequest
LP-URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards

Response headers

date: Wed, 26 Jul 2023 17:21:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-allow-origin: https://va.v.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 110 B
899 B 95ms
95ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=BLIkP6ITQ_qdw1u2AJ-n9A&cb=lpCb5975x52373&t=pl&ts=1690392110056&pid=9002923338&tid=5009764759&vid=NiMjdjM2IwMmI1NzBhOWIy

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

7be8c130beecd936409a0ed2cf0a315bcee59d213cacc348c37dcfc9c1d98d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 403 B
1 KB 105ms
105ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=BLIkP6ITQ_qdw1u2AJ-n9A&cb=lpCb55392x64078&t=uc&ts=1690392110088&pid=9002923338&tid=5009764759&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22lpButtonDiv%22%7D%5D&vid=NiMjdjM2IwMmI1NzBhOWIy

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

0aee0d789e46a165347a58bf94dbf3da73ea8f23cf8ec27d194ecec854fb8e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET

/
www.google.de/pagead/1p-user-list/977472328/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null
https://www.google.com/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701
https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701&ipr=y

0
0

GET
H2 200 overlay.js Show response
lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/ 10 KB
4 KB 23ms
22ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/overlay.js?_v=3.55.0.0-release_5152

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

990d600d7846c6aafbb84ed023425439171f2aaa319572bc9c1cf4d1c9bdc36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:46:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:51 GMT

GET
H2 200 UISuite.js Show response
lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/ 30 KB
12 KB 45ms
44ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/UISuite.js?_v=3.55.0.0-release_5152

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:46:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 25 Jul 2024 17:21:51 GMT

GET
H2 200 5786 Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/campaigns/263832514/engagements/263841314/revision/ 2 KB
2 KB 41ms
41ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/campaigns/263832514/engagements/263841314/revision/5786?v=3.0&cb=lp263841314&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

70a50f9026f589e94f618afc733fdf07aaa3998a0d64463df6884d3c7aa19d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:16 GMT

GET
H2 200 263840714 Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/engagement-window/window-confs/ 5 KB
3 KB 41ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/engagement-window/window-confs/263840714?cb=lpCb5998x93765

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

ee93a3c58392b43b53fe0c0385db8eb9371d7d9c8b23631bb4d049b9489d4596

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 26 Jul 2023 17:22:16 GMT

GET
H2 200 pill-button.png
icm.aexp-static.com/Internet/SMC/images/Chat/ 4 KB
5 KB 28ms
28ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/SMC/images/Chat/pill-button.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
last-modified: Sun, 30 Oct 2022 09:47:37 GMT
server: Akamai Image Manager
x-serial: 1145
x-check-cacheable: YES
etag: "2637-54ea041d89480-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=38016
content-length: 4576
expires: Thu, 27 Jul 2023 03:55:27 GMT

GET
H2 200 pill-button.png
icm.aexp-static.com/Internet/SMC/images/Chat/ 4 KB
5 KB 27ms
26ms Image
image/webp 23.197.129.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/SMC/images/Chat/pill-button.png
Requested by: Host: lpchat.americanexpress.com
URL: https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/overlay.js?_v=3.55.0.0-release_5152
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.129.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-129-56.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
last-modified: Sun, 30 Oct 2022 09:47:37 GMT
server: Akamai Image Manager
x-serial: 1145
x-check-cacheable: YES
etag: "2637-54ea041d89480-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=38016
content-length: 4576
expires: Thu, 27 Jul 2023 03:55:27 GMT

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 42 B
838 B 99ms
98ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=BLIkP6ITQ_qdw1u2AJ-n9A&cb=lpCb50212x79321&t=uc&ts=1690392111245&pid=9002923338&tid=5009764759&vid=NiMjdjM2IwMmI1NzBhOWIy&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A263832514%2C%22engId%22%3A263841314%2C%22revision%22%3A5786%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

93c719b274080f2c2a61801205320c55a2696072ccb11103acfac1a5b68aa3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:21:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 119ms
118ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-78c5b98a-8020-4a88-8036-339ac6164271' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-78c5b98a-8020-4a88-8036-339ac6164271' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Wed, 26 Jul 2023 17:21:51 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
460 B 104ms
104ms XHR
text/plain 139.71.8.18
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-13%24KTC4E6UTCRFAMBLALTJHNTFFCJLNL790;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards;visitID=WPKFATHFACNIKCQJOHKCFCUSDKBKIJNI-0;app=24FF88ADA3BFD2CE;crc=1861083770;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.8.18 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: dynatracepsg2.americanexpress.com
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Jul 2023 17:21:52 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
460 B 212ms
211ms XHR
text/plain 139.71.8.18
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-13%24KTC4E6UTCRFAMBLALTJHNTFFCJLNL790;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Ftravel-rewards%2F%3Finav%3Dmenu_cards_pc_travelrewardscards;visitID=WPKFATHFACNIKCQJOHKCFCUSDKBKIJNI-0;app=24FF88ADA3BFD2CE;crc=1958479734;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.8.18 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: dynatracepsg2.americanexpress.com
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Jul 2023 17:21:54 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: adservice.google.de
URL: https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQIe4oqgmqPoywAAAYmTOJ7epz7KplEdREL_7v_PqlqfYpSbzzccWaEOZAD6ZMGEPMvUFZi8bHs12g

Domain: www.google.de
URL: https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgAMVUNQ7Ah0WLg7a&is_vtc=1&ocp_id=LFbBZJPQL9Co78EPlty40A0&cid=CAQSKQBpAlJWSfayCTZfovObEkamAAxuMfcoYHrhnBWI0360_T9n-Ggb0rNk&random=3126800778&ipr=y

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701&ipr=y

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: testcookie Value: 2023-07-26/10:21:48:889
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: JSESSIONID Value: HPa7ANB2n2Ev_5FHq5gz6Kq-sS7rpH6ZW2lw4j2Y.svc-deployment-92-dv7v4
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: TS01b3a5dc Value: 0103f93e5cf13c68efd5618d40dbf4e7ae06fb504c7111b3f19d34ae00cde312f2e1803b2937c21b97dd86b356aef20314080b71d4
.americanexpress.com/	1970-01-20 22:18:48	Name: agent-id Value: ec35224e-6ef3-4ec3-b764-be9a854ce8d4
.americanexpress.com/	1970-01-20 13:33:19	Name: ak_bmsc Value: 8464EBCB93E1382EEA3526C27AAA0544~000000000000000000000000000000~YAAQs3p7XKI1H3KJAQAAHpc4kxSYiYhYPnNTxiVZIJdxBiJWkTltLCpzNlg8MT6oxET92fdimreOCYknETnN0sDx2pWxVcMEv/Q2gmAs04uh2DzsQp2HcmLwB8xqF+SR/7FpC5Rz/7xPUbSXEm03tzIU+g9IjYgnBnUSFnuhKvINCNc8CtIC8S2e9TCbmLO/mjdN91tz/89vf5E70Lpv/KOreLVfrwf/c0BHUIZJmBlZKUXWRW5Nqf1sKJLkC1FCvB/gIK2HO4OLo4c272jnLAPx7HpPgdRiwDGm40gXElP90qUNk3ktyOQMp1PeeL8n8Zxj45tjXiaWuwdYPYdJ3dwOnDo4aSSSnKvy5R+USFh9/Db8PtB/dqCIqsRdAdyiJoR+ehMnbJorq73WYQEMKSbbhxFi
.americanexpress.com/	1970-01-20 13:33:26	Name: bm_sz Value: 630736CE96B62A4A9A5423E4BDC8F8D5~YAAQs3p7XKM1H3KJAQAAHpc4kxRG5D6BGUwQhg8SJd4rZA5VIQkYvyyccYj1FAigJJaMqmnO6xQPXP5VZ9f9/fhB6T3cETcoQjhlqa5cQ8AadHI0SZCVfXnQI4BI1+imc1rfjPlCQYWnP4zKg2C7ZFWkwKvYf7ryS59nG5o1laLJuDMwOo0BWXed6Y+hLoWHzg91I755buZEilGUEvYXrbTyJpfDQPtBcQwF3TBvyqwV6Kp2ChbOj+X1JYv8LmJqlAM6SnAqYOETYqRVEUr+72fwjL/5QaYTkXF/1kP5kJrvq1pwrxB+9Wwp4K8=~3294258~3752770
.americanexpress.com/	1970-01-20 18:21:12	Name: m_val_pixel Value: 39564613746748913182638241861913063498\|9
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: en-US
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: -13$KTC4E6UTCRFAMBLALTJHNTFFCJLNL790
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 16903921080065B0GFNICN4B0UDSLAE7KGLSQF9SAQMQ7
.demdex.net/	1970-01-20 17:52:24	Name: demdex Value: 40013661278389044562343527116680305750
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1970-01-20 23:02:36	Name: _cs_c Value: 1
.americanexpress.com/	1970-01-20 23:09:12	Name: s_ecid Value: MCMID%7C40214993501847562242363660209099757790
.americanexpress.com/	1970-01-20 23:09:12	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C40214993501847562242363660209099757790%7CMCAAMLH-1690996908%7C6%7CMCAAMB-1690996908%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1690399308s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0
.americanexpress.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_tp%3D2920%3B%20s_ppv%3Dus%25257Cacq%25257Ccredit-cards%25257Ccategory%25257Ctravel-rewards%252C41%252C41%252C1200%3B%20omn_inav%3Dmenu_cards_pc_travelrewardscards%3B%20s_cc%3Dtrue%3B
.americanexpress.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ctravel-rewards%22%5D%7D
.americanexpress.com/	1970-01-20 23:02:36	Name: _cs_id Value: 0b41b606-b416-af18-cad7-92f27ebdcac9.1690392108.1.1690392108.1690392108.1.1724556108628
.americanexpress.com/	1969-12-31 23:59:59	Name: SaneID Value: 178.162.209.141-1690392108200435
.americanexpress.com/	1970-01-20 23:09:12	Name: pznid Value: 78427364574840439169100169346227518716%7C9
.americanexpress.com/	1969-12-31 23:59:59	Name: CARDSHOP_SESS Value: s%3A9IRRyPoYPqEKHvy4Y808s7nfW19ek897.hx%2FpCZm4cERBB2Eg%2FE%2BWcx8gzo7InhFb%2F30tnlG8W%2BA
acquisition-1.americanexpress.com/	1969-12-31 23:59:59	Name: TS01aa62da Value: 0152a806c122166b9656268b5c9a03d807300b7ae4d8391ba6ef800f93ed28648ef379cd1608cc19494ff561b65a0cb8f1bd963c12
.americanexpress.com/	1969-12-31 23:59:59	Name: TS019a7663 Value: 0152a806c122166b9656268b5c9a03d807300b7ae4d8391ba6ef800f93ed28648ef379cd1608cc19494ff561b65a0cb8f1bd963c12
.ct.pinterest.com/	1970-01-20 22:18:48	Name: _pinterest_ct_ua Value: "TWc9PSZCQmMxSTc1dVRPaG1relp5cEYzK2c1RmlGUytZQXdoNU1NQnUrc3Vkd2J5TEI0dmJLNnc0OEFhblNGSnRHMHVGVjhCV015Y0ZxRnNxaEFJcW03ZlM4eEZ4VWo4UUZrOTVvbGpiUGVrVi9NWT0mSC9OWjlxSmpNb0JYNGxNVVY2c1REZnNHbTBvPQ=="
.yahoo.com/	1970-01-20 22:19:09	Name: A3 Value: d=AQABBCxWwWQCELnRrAH9qVVk1IihMy5C9O8FEgEBAQGnwmTLZOANyiMA_eMAAA&S=AQAAAg4f3FVEzQdehE72-HzZ2Ls
.postrelease.com/	1970-01-20 22:18:48	Name: opt_out Value: 1
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCV_combined Value: 40214993501847562242363660209099757790\|6
.americanexpress.com/	1970-01-20 22:18:48	Name: lenum Value: 0
.americanexpress.com/	1969-12-31 23:59:59	Name: leshop Value: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/
.americanexpress.com/	1970-01-20 14:16:24	Name: aampros Value: SBO%3D1
.americanexpress.com/	1970-01-20 14:16:24	Name: aam_id Value: 40013661278389044562343527116680305750
.linkedin.com/	1970-01-20 22:18:48	Name: bcookie Value: "v=2&fd3e63f1-2de5-4b34-89dc-f26f3f3777e5"
.linkedin.com/	1970-01-20 17:52:24	Name: li_gc Value: MTswOzE2OTAzOTIxMDg7MjswMjEDXcpgTfS0efbmKHX+j6OtCj2gJ+UYBeMijUXvKwS5AQ==
.linkedin.com/	1970-01-20 13:34:38	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2794:u=1:x=1:i=1690392108:t=1690478508:v=2:sig=AQGjtNUMdRMv2_V-JMXw0U9OlEi5wDUN"
.americanexpress.com/	1970-01-20 23:09:12	Name: gctracus Value: "gctvid=2023-07-26/17:21:48:380-ebe8dafd-0d5c-ca15-0928-2290c5ea1914&eep=null&sno=1&lan=1"
gct.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0103f93e5cf13c68efd5618d40dbf4e7ae06fb504c7111b3f19d34ae00cde312f2e1803b2937c21b97dd86b356aef20314080b71d4
.americanexpress.com/	1969-12-31 23:59:59	Name: TS0114bdae Value: 0103f93e5cf13c68efd5618d40dbf4e7ae06fb504c7111b3f19d34ae00cde312f2e1803b2937c21b97dd86b356aef20314080b71d4
.doubleclick.net/	1970-01-20 22:54:48	Name: IDE Value: AHWqTUlk2NJkbQ2OrLh6twAHMjCarhe7k1wkDDMGWhgMI5VSy7lnjaq-pKj9-bUE
.americanexpress.com/	1969-12-31 23:59:59	Name: dtLatC Value: 19
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1690393908984\|1690392108007
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: -13$192107997_828h-vWPKFATHFACNIKCQJOHKCFCUSDKBKIJNI-0e1
.americanexpress.com/	1970-01-20 13:33:13	Name: _cs_s Value: 1.5.0.1690393909155
.amazon-adsystem.com/	1970-01-20 19:33:12	Name: ad-id Value: A717WqSMKEqQpLWuai3txBM
.amazon-adsystem.com/	1970-01-20 23:09:12	Name: ad-privacy Value: 0
.americanexpress.com/	1970-01-20 13:33:19	Name: bm_sv Value: FE58D926C656593032D5425D45AE6468~YAAQm3p7XIbvCpKJAQAAqqE4kxRdBwglbQhZvtsfAbBo4WiV9Gqq5SdA77V0hT44jEt4GFWsIoTwngzLxNVDv+emOJFD4m/XFrYfH3A0g2ARa3OgYIFvALFU6ylCdrPYbcCxj05uPxoabzW0dxaq738Ivbs2yK/rdWeHIJCoNYjzwXZeB71lC0wpMETmm2tX6k9gusMsTYjI8HwvrrBuw/lS+Rzn63PpYsyX0aYuMGEtRzsfxPUcMnuMyuAIazDpnfZ6BhxxSrvM~1
.americanexpress.com/	1970-01-20 22:18:48	Name: _abck Value: 98452A75CAE9D18FF3CE8890A3181CAA~-1~YAAQs3p7XAI4H3KJAQAAe6I4kwoqnBMLwjoR/uN7JwWgfQrt4mdn1y+gnF4per9ATAnPMQ2kR0ljPIZ8FjnACZ69CrBsd2XkDSpRVum2CfAIH5GMN49CgUmcK1afcGux4yzC9/ScMcXaDSQK7dtiU5MVB6WQQbFkGaJ9BQ+R3hBdgqY5KOhUpp6lb6sW3fvHZxxo2Bm/KN8v7kiGlqst5kBmdJC/ObNxep9RW9R8Og4DARQvgXDpid2VP+hyfUv1sBu0SjRisAw18AjplTVbj1nS/HCkIsrPz0bYpqf8Fna9YfQB32pvFhVhaaU/j0lr5nGjFdMdFtkI055hzJ914SeuJ8sVdGd02Iybm2FCSThl4ar7jGZQCF0Ne2WIOEig4TuIVRmYba6WoL2pWsB6AyOjeQ==~-1~-1~-1
www.americanexpress.com/	1969-12-31 23:59:59	Name: CPS_userType Value: prospect
.americanexpress.com/	1970-01-20 23:09:12	Name: s_pers Value: %20s_tslv%3D1690392108143%7C1753464108143%3B%20s_tbm%3Dtrue%7C1690393908581%3B%20gpv_v41%3Dus%257Cacq%257Ccredit-cards%257Ccategory%257Ctravel-rewards%7C1690393909856%3B
.americanexpress.com/	1970-01-20 22:18:48	Name: LPVID Value: NiMjdjM2IwMmI1NzBhOWIy
.americanexpress.com/	1969-12-31 23:59:59	Name: LPSID-14106077 Value: BLIkP6ITQ_qdw1u2AJ-n9A

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://acqgateway.americanexpress.com/mid?pznid=39564613746748913182638241861913063498\|9 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQIe4oqgmqPoywAAAYmTOJ7epz7KplEdREL_7v_PqlqfYpSbzzccWaEOZAD6ZMGEPMvUFZi8bHs12g' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CJDmrqnxrIADFT5SkQUdtJMC9Q;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=664428625.1711005' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1308009533&sscte=1&crd=&pscrd=IhMIk5azqfGsgAMVUNQ7Ah0WLg7a&is_vtc=1&ocp_id=LFbBZJPQL9Co78EPlty40A0&cid=CAQSKQBpAlJWSfayCTZfovObEkamAAxuMfcoYHrhnBWI0360_T9n-Ggb0rNk&random=3126800778&ipr=y' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/travel-rewards/?inav=menu_cards_pc_travelrewardscards Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=2398346701&ipr=y' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-466426ef75065451505026b5c3d90e2b' 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-466426ef75065451505026b5c3d90e2b' 'nonce-fa5a4755-e59f-4bbc-81a8-6a6a32c9468e' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
acqgateway.americanexpress.com
acquisition-1.americanexpress.com
adservice.google.de
aeopprodvip.acxiom.com
alb.reddit.com
c.contentsquare.net
ct.contentsquare.net
ct.pinterest.com
dpm.demdex.net
dynatracepsg.americanexpress.com
functions.americanexpress.com
gct.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
jadserve.postrelease.com
lpchat.americanexpress.com
lptag.liveperson.net
omns.americanexpress.com
one-xp.americanexpress.com
publisher.liveperson.net
px4.ads.linkedin.com
s.amazon-adsystem.com
sp.analytics.yahoo.com
tags.wdsvc.net
tms.americanexpress.com
track.sv.rkdms.com
va.v.liveperson.net
www.aexp-static.com
www.americanexpress.com
www.facebook.com
www.google.de
acquisition-1.americanexpress.com
adservice.google.de
px4.ads.linkedin.com
tags.wdsvc.net
www.google.de
139.71.16.158
139.71.18.229
139.71.27.117
139.71.50.190
139.71.55.230
139.71.8.18
151.101.1.140
178.249.97.23
178.249.97.98
178.249.97.99
198.160.127.57
208.89.12.87
212.82.100.181
23.197.129.56
23.206.208.183
2600:9000:2490:8e00:c:7c62:1240:93a1
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::448
3.124.173.63
34.196.213.10
34.247.45.95
52.18.30.63
52.213.166.38
52.46.130.91
63.140.62.135
95.100.67.116
95.100.68.84
026e6680e3c1e55c48a634023a5293f5ae73b4eb2d0d88bf7b66de53f3387415
0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5
08843cb6db7bb529c5b6a4ca202abd067d55b186dcbb911894c15938a1765b8f
0acd7808230fbefd316cf2523581b2f92fa7f12a59f63e4cf4bc295bbfc47889
0aee0d789e46a165347a58bf94dbf3da73ea8f23cf8ec27d194ecec854fb8e36
0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d38ce08adc40ded591c1d4733a9c3dcaad864d8f0172cd950287e4af3d25540
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e69d49b8806f3eccd600d3e715c879031ead2bb7227338ebc2dc5a2b7b50da9
0fda5b32bb5f4cfec48b056cff712764f712c23e55251b99381e2ce457a8b7a5
12553e7b7140549144fd93c7ac51abb477e62be85f98965e5a68443c46aa6e50
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028
1702cd525d3a348a26142e9514aaebeaffbdc7a9d3b5b2586f8faf8608e9a97c
186ee4246986a4c2ef837b99c721016b3ee3e289f785dabcec00c1d1ff84efe7
1cd1c72cffe0bf75e936018576f780d573d89f350748912a81a4d53007c7f9d0
1e950b6503fdc24893b247cccaed9cc937306c8e09cce0b8c8a21979159429a6
20f5fe1cbea688b8fa501f4a7b6a26234c488f6880fef3de82d9ce88160deb1b
22975a14b227e17f6f51bd7ba6b5bc7667a3471d470341233c6babf4ea131024
22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
28ac87684fa988988cd4bce6539bce97918d11b5d204cd3a979b17e635fc8272
2af7fe57e1230c553d70476ffe391127aacf4a0d3d7bcf712675f3e27c643171
301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430
328ce5d279d3460b4be91c3ecc12443071e59b1e1353542622cb102e0d713aa7
36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49
372c8a5ed0a956b5d75d6e865751c2098b0bc1be5d3d3ddec7f0e9c108a45d18
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89
3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
43156d6b172ff8739106616042d924a411b79ec139228ce2176f48b9a0dc5fce
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f
439ffb3222b2f6f992c24fd4266b8a56178e59b9148897adaa0608bd6a0b46df
47846f8145bd543eea6812f17609c398d31e65a7b9bf6a9218fa7b8f2eff3e05
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
48c5e532bf11365bc3fdc42a9152d003511abed903c9645a1fa7067880c21b90
491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d
4d725d85b8124351470aa8d83334cea0ca7b06c1b7be1158efb55c97bcff82cc
4e78a54c2b44d2d2e1db439e13e8d248dedfaf568377d6cc11d0053ec6958ac0
4f5999b635cb822e924d77e7aff19584cd5314e67a4a5de1d8f2083d5ea0f155
527f8fe4d5f1acee513d7b7d3c9fcc27cc31d6b7f506bb124ef0118f05365f78
53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a
552768fa93ffc02374e2b586800c238d7fe70d0849bf39817015d0bd398afdc9
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
56b05208c2ef3ff2e15b56c18dfc4572be92cbc080337d23649d1c13e439870e
574bb84ea46b345970f5958691a46e1ac0c1fd2457047b37703824868043f1f9
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5ae73a1b8ab93248d6e01191eee887d490c31411cd5935f542f55231040ccfff
5c015a8feafdc2ac78ea9ab1f35ea71f6322edaf8de45f03f618b3bb9e16fe8b
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5e430e31dd8f737fb8cecaaa3e097acac359cd20a43376734ef669cd4486d60e
60fb61b218e4c773455a6a519334c358f2d21cd68d7aa64f1e66ad03208adbe1
62f89a328a2e77fa5985f80a9681f1b9008a828cc75345ec1ec186686e8ae49c
65d652511a319fef8f7d3d5619f75d4432ca874322df389d6efe902c90eabf7b
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4
6caae24d61dc38fb1cd3870ab692d63e291c730d7d7b868ae7206f50540b2847
6cb25f29b93e0195c3379980e8de9aa0288f009bef4f5de89f2e9302f079c40f
70a50f9026f589e94f618afc733fdf07aaa3998a0d64463df6884d3c7aa19d7d
75295cd76ae9e26a95b48bb4b4c8fbea415fbdd3bd1d8079b9a95ef282730c34
77166e2033cc977e5f8397e64bc0398ff43237bab55d4c807148184fba9fa4b1
7be8c130beecd936409a0ed2cf0a315bcee59d213cacc348c37dcfc9c1d98d32
7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551
7ec4f3f2a3175ef232f5a35adf935ebdba71c76e0f824e52e15a98dc561a5edb
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
80137f3def66a36e16b2e98e90f56d718df2da7fe6f1c16ebf2e989e91333e81
804ba55c228a81126b8e2b9a260bc7df58051bfcc820d3d2148350749764d622
820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227
843bcfc0054f7a749fd2919e84db101733044c763c29fc87bb1b03202bd98efe
862ae6720e612d09b0f08cf8fa87e0e0e9e5808ea957adce4a3c0e432161031d
87b1236a89f18934179862bf5fd808af2460c7dff7a0b7cbadbbe3a07e88e4ab
87ecca46c83d2913c0d381687200345db8d9a62255c78e84e5f614f2b173def9
8a3cac8efcfbdd85c05051c74db0f67f2ff1de09da283973a6c2db9b1691d16c
93c719b274080f2c2a61801205320c55a2696072ccb11103acfac1a5b68aa3bc
9462374d6e795d42042dc2c976daa90aa0f640aa31303d27230017a3af5cef32
948dcabf14cdac519e92e745a83948ec58d490fb75e9926c07ee9f356dbb5fb0
96a8c21d34ba72c3b1befb7684d57fb64105bc4cbc73645d52067df9259a2bdc
990d600d7846c6aafbb84ed023425439171f2aaa319572bc9c1cf4d1c9bdc36a
992fb685b350a623037c0d7dce20da4b6f505eeee59cba92f53bf03cb2a7acbe
9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9c610ed2fb331794caac511b4905f20eaea7d8c2b1a790fc18bcadf40c692021
9ed9e1017920ef15c43266e6722c3b18776a5dbf6fadad82a23a5c8f3a24e7b4
9f8678499879f157a0335a8553172733efe468a81f2a565045fff0751659eb16
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a663c0b584d67ae10b9e7e3a9f82ecf0b4c3f20dc78a486edef1b9928f5e6c90
a780f8f673e11aef87a6c9c84ce00fcd61f4d6622a49d71a23409e0b7921d016
a8f4acf91763177692de540d5bc9b6615c1ad09315b2f5bce8592c56f9954174
adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597
ae64d2f1b8a18ae84d71f9b545256d279d8550b154a3d5f908c1b45b415a38c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b5a4068db8e8a5704c0b72b3896d29f59e6fdfb3b39517f5de64d4854a2e49cf
b5bd6b720d8d106e3574b1d46b1c38c6c81fe5f1a09653f96437aa3d54c0f6dc
b65848085c070eb7e149c1f9e9f72016726a0136abc9d49e1449455ec8b305ea
b6a48547b7ca5cee0d0409f9973ec1dc82018a1a03d3a2e3ade3b084cad7f8ea
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c083b54108b865a25464ebf29b76435428f01bd3e8e43212394663df0b170747
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
cb7a63249a50fab04696f8a6a0d70fc0118cc922fa739bb2316e63242aadbeed
cbce028756fa1340b4e66d4bd45a6f812f7d9c8acb77c40aa06c4a3966e8fd68
ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
cfae73d7f4bacf9d15c4e26acfd4dc290d2468d840f93b43395ded65b779f8db
d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b
d4535c70e7120623bf1c108dd565f8cb15c637268e42175698d01a5c1f06e88e
d5834988ecb79587074f945c4bcd5f9d27218f837399dcda199a09755e8dc889
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
d8ac7db3340a8b4966574e4fb872f20e87a71191fd3339ad517de3c2590a0f7c
db90275d202e5fe33cc7f76063284cbf078234319c7d652b20871d68fee95ca6
de286d1f8cdeb8399d37ca532ded83f7fe18ee155c32f8e921a542574748dfdb
de9407ffd3b03873dfef1342378905b0d0dd299890e61e06a39a9bf6f3ec663e
e09df71eb033d8a16ee9f7571ad2fd424235dfe0912cb6fb5d34659225e5e33a
e0c058f37d15bc97cf0a2358bcfd2e4447954044a6854145e09991b31b944c2b
e30a7da8af51846582e4a4e666745fffe7073c15686b1c754a2a7466fa1c1cd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced
e49fd9c0d0a1a97cc0dcd57c5c251a9789b2763f49ecf41c442ec7e9b9aee15b
ee93a3c58392b43b53fe0c0385db8eb9371d7d9c8b23631bb4d049b9489d4596
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1070bb9a8a71c8cbde3234cb1acaa84478957d3279d906d14dd21c6d8d38d96
f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815
fc8b7a738cccfc74c49dffa445e9a2a8f8ae9c538d78282402c1bafe2f0a8042
ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

www.americanexpress.com Open in urlscan Pro 95.100.68.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

171 Requests

92 %HTTPS

11 %IPv6

17 Domains

32 Subdomains

28 IPs

3 Countries

3532 kBTransfer

11182 kBSize

51 Cookies

38 Outgoing links

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.americanexpress.com Open in urlscan Pro
95.100.68.84 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

92 %
HTTPS

11 %
IPv6

17
Domains

32
Subdomains

28
IPs

3
Countries

3532 kB
Transfer

11182 kB
Size

51
Cookies

171 HTTP transactions
5 data transactions