urlscan.io logo urlscan.io
SecurityTrails logo

www.amextravel.com Open in urlscan Pro
2606:4700::6810:fe43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.e-response.americanexpress.com/?qs=33d18ee2aca30c65e786f093ed852888cd98a498b0f3f7d37350b065b3e172c8f36a6247843f1f1ec26b917c35e6...
Effective URL: https://www.amextravel.com/featured-hotel-searches
Submission: On July 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700::6810:fe43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.amextravel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time www.amextravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2.16.107.152 20940 (AKAMAI-ASN1)
4 4 23.45.236.85 16625 (AKAMAI-AS)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.45.101.231 16625 (AKAMAI-AS)
2 139.71.18.182 6307 (AMERICAN-...)
1 13.225.74.8 16509 (AMAZON-02)
2 18.195.42.228 16509 (AMAZON-02)
1 52.212.164.82 16509 (AMAZON-02)
33 7
1    2.16.107.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-152.deploy.static.akamaitechnologies.com
click.e-response.americanexpress.com
4    23.45.236.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-236-85.deploy.static.akamaitechnologies.com
americanexpress.com
www.americanexpress.com
9    2606:4700::6810:fe43 (United States)

ASN13335 (CLOUDFLARENET, US)
www.amextravel.com
amex-static.iseatz.com
4    23.45.101.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-101-231.deploy.static.akamaitechnologies.com
www.aexp-static.com
icm.aexp-static.com
2    139.71.18.182 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: mgmrefer2.americanexpress.com
mgmrefer.americanexpress.com
1    13.225.74.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-8.fra2.r.cloudfront.net
js-cdn.dynatrace.com
2    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    52.212.164.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com
iseatz.tt.omtrdc.net
Domain Requested by
8 amex-static.iseatz.com www.amextravel.com
3 www.aexp-static.com www.amextravel.com
3 www.americanexpress.com 3 redirects
2 nexus.ensighten.com www.amextravel.com
2 mgmrefer.americanexpress.com www.amextravel.com
1 iseatz.tt.omtrdc.net amex-static.iseatz.com
1 icm.aexp-static.com www.amextravel.com
mgmrefer.americanexpress.com
1 js-cdn.dynatrace.com www.amextravel.com
1 www.amextravel.com www.amextravel.com
1 americanexpress.com 1 redirects
1 click.e-response.americanexpress.com 1 redirects
0 truncated Failed www.amextravel.com
0 g.3gl.net Failed amex-static.iseatz.com
0 vac.vap.expedia.com Failed www.amextravel.com
33 14

This site contains no links.

Subject Issuer Validity Valid
www.amextravel.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2021-06-08 -
2022-07-09		 a year crt.sh
iseatz.com
Cloudflare Inc ECC CA-3		 2021-05-14 -
2022-05-13		 a year crt.sh
mgmrefer2.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2020-03-19 -
2022-06-22		 2 years crt.sh
js-cdn.dynatrace.com
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.amextravel.com/featured-hotel-searches
Frame ID: 048D22CCD5FC1D3CB034440E69D5F1DD
Requests: 35 HTTP requests in this frame

Frame: https://g.3gl.net/jp/3794/v3.2.6/M
Frame ID: 3933126AB9C49587BDFC29A6C0012C89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.e-response.americanexpress.com/?qs=33d18ee2aca30c65e786f093ed852888cd98a498b0f3f7d37350b065b3e172c8f36a6247... HTTP 302
    https://americanexpress.com/fhr HTTP 301
    https://www.americanexpress.com/fhr HTTP 301
    https://www.amextravel.com/featured-hotel-searches Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

33
Requests

58 %
HTTPS

13 %
IPv6

10
Domains

14
Subdomains

7
IPs

3
Countries

1554 kB
Transfer

6923 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.e-response.americanexpress.com/?qs=33d18ee2aca30c65e786f093ed852888cd98a498b0f3f7d37350b065b3e172c8f36a6247843f1f1ec26b917c35e6ed983ed5ef751f079383 HTTP 302
    https://americanexpress.com/fhr HTTP 301
    https://www.americanexpress.com/fhr HTTP 301
    https://www.amextravel.com/featured-hotel-searches Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://vap.expedia.com/vacservice/public/code/script HTTP 302
  • https://vac.vap.expedia.com/1.22.6/virtualAgentControl.js
Request Chain 13
  • https://www.americanexpress.com/ensighten-head-domestic HTTP 301
  • https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Request Chain 26
  • https://www.americanexpress.com/adobetracking HTTP 301
  • https://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request featured-hotel-searches
www.amextravel.com/
Redirect Chain
  • http://click.e-response.americanexpress.com/?qs=33d18ee2aca30c65e786f093ed852888cd98a498b0f3f7d37350b065b3e172c8f36a6247843f1f1ec26b917c35e6ed983ed5ef751f079383
  • https://americanexpress.com/fhr
  • https://www.americanexpress.com/fhr
  • https://www.amextravel.com/featured-hotel-searches
704 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.amextravel.com
:scheme
https
:path
/featured-hotel-searches
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:47 GMT
content-type
text/html; charset=utf-8
cf-ray
66fad7dd2bce4e86-FRA
access-control-allow-origin
*
set-cookie
_amex_session=f27223e0be020838770a568f74d5c305; Path=/; Expires=Sat, 17 Jul 2021 11:20:47 GMT; HttpOnly; Secure;HttpOnly;Secure
strict-transport-security
max-age=7776000; includeSubDomains
vary
Accept-Encoding
cf-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
gzip

Redirect headers

server
AkamaiGHost
content-length
0
location
https://www.amextravel.com/featured-hotel-searches
date
Fri, 16 Jul 2021 11:20:46 GMT
set-cookie
agent-id=612c3b4d-bf53-4add-88a5-bb55a2198854; expires=Sat, 16-Jul-2022 11:20:46 GMT; path=/; domain=.americanexpress.com; secure; HttpOnly
x-frame-options
SAMEORIGIN
dls.min.css
www.aexp-static.com/cdaas/one/statics/axp-dls/6.14.0/package/dist/6.14.0/styles/ 		304 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/6.14.0/package/dist/6.14.0/styles/dls.min.css
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 15:04:52 GMT
etag
W/"5f9c2b94-4c13a"
vary
Origin, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
42094
styles.85612d8704771d860e81.css
amex-static.iseatz.com/web-assets/ 		351 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/styles.85612d8704771d860e81.css
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21036
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:05:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"57ddd-17aab585210-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
expires
Sat, 17 Jul 2021 10:50:48 GMT
cache-control
public, max-age=84600
cf-polished
origSize=359901
content-security-policy
frame-ancestors 'self'
cf-ray
66fad7e40abec2c2-FRA
cf-bgj
minify
main.css
mgmrefer.americanexpress.com/css/ 		53 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mgmrefer.americanexpress.com/css/main.css
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.18.182 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
mgmrefer2.americanexpress.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Jun 2021 13:59:15 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"d403-179fb5ea738"
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Date
Fri, 16 Jul 2021 11:20:48 GMT
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
0
Keep-Alive
timeout=5
mmcore.js
www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 13:25:17 GMT
etag
W/"5e43fcbd-48d8"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
6771
polyfills.min.js
amex-static.iseatz.com/web-assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/polyfills.min.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21037
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
content-length
3348
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:03:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2919-17aab56a078-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=84600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
66fad7e40ac6c2c2-FRA
expires
Sat, 17 Jul 2021 10:50:48 GMT
ios.safari.polyfills.min.js
amex-static.iseatz.com/web-assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/ios.safari.polyfills.min.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21037
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
content-length
2589
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:03:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1f6e-17aab56a078-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=84600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
66fad7e40ad0c2c2-FRA
expires
Sat, 17 Jul 2021 10:50:48 GMT
at.js
amex-static.iseatz.com/web-assets/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/at.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21036
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:03:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d0bd-17aab56a078-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
expires
Sat, 17 Jul 2021 10:50:48 GMT
cache-control
public, max-age=84600
cf-polished
origSize=118973
content-security-policy
frame-ancestors 'self'
cf-ray
66fad7e40ad8c2c2-FRA
cf-bgj
minify
atc.min.js
amex-static.iseatz.com/web-assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/atc.min.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21035
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
content-length
7671
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:03:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4d72-17aab56a078-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=84600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
66fad7e64f7bc2c2-FRA
expires
Sat, 17 Jul 2021 10:50:48 GMT
vendor.85612d8704771d860e81.bundle.js
amex-static.iseatz.com/web-assets/ 		2 MB
510 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/vendor.85612d8704771d860e81.bundle.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21036
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:05:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1da8e9-17aab585210-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
expires
Sat, 17 Jul 2021 10:50:48 GMT
cache-control
public, max-age=84600
cf-polished
origSize=1943785
content-security-policy
frame-ancestors 'self'
cf-ray
66fad7e40ad3c2c2-FRA
cf-bgj
minify
views.85612d8704771d860e81.bundle.js
amex-static.iseatz.com/web-assets/ 		1 MB
365 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/views.85612d8704771d860e81.bundle.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21036
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:05:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1707c5-17aab585210-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
expires
Sat, 17 Jul 2021 10:50:48 GMT
cache-control
public, max-age=84600
cf-polished
origSize=1509317
content-security-policy
frame-ancestors 'self'
cf-ray
66fad7e40ac5c2c2-FRA
cf-bgj
minify
client.85612d8704771d860e81.bundle.js
amex-static.iseatz.com/web-assets/ 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amex-static.iseatz.com/web-assets/client.85612d8704771d860e81.bundle.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
21036
x-powered-by
Express
strict-transport-security
max-age=7776000; includeSubDomains
referrer-policy
same-origin
last-modified
Thu, 15 Jul 2021 18:05:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"132467-17aab585210-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
expires
Sat, 17 Jul 2021 10:50:48 GMT
cache-control
public, max-age=84600
cf-polished
origSize=1254503
content-security-policy
frame-ancestors 'self'
cf-ray
66fad7e40ac9c2c2-FRA
cf-bgj
minify
ruxitagent_ICA27SVfhqrux_10189200420175514.js
js-cdn.dynatrace.com/jstag/1619ed8a359/ 		161 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-cdn.dynatrace.com/jstag/1619ed8a359/ruxitagent_ICA27SVfhqrux_10189200420175514.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-8.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Origin
https://www.amextravel.com
Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 04:36:57 GMT
content-encoding
gzip
age
18600231
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-oneagent-js-injection
true
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
traffic-source
UNKNOWN
timing-allow-origin
*
x-amz-cf-id
FfMBD8gvXvPqwOIvbtkKdMOphSXMyf6tY01VONpqqSesndzNUzT-Ng==
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
expires
Mon, 13 Dec 2021 04:36:57 GMT
virtualAgentControl.js
vac.vap.expedia.com/1.22.6/
Redirect Chain
  • https://vap.expedia.com/vacservice/public/code/script
  • https://vac.vap.expedia.com/1.22.6/virtualAgentControl.js
0
0
Bootstrap.js
nexus.ensighten.com/amex/amexhead/
Redirect Chain
  • https://www.americanexpress.com/ensighten-head-domestic
  • https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 08:11:12 GMT
server
nginx
etag
W/"601cfda0-13c11"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300

Redirect headers

location
https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
date
Fri, 16 Jul 2021 11:20:48 GMT
server
AkamaiGHost
content-length
0
x-frame-options
SAMEORIGIN
main.js
mgmrefer.americanexpress.com/js/ 		417 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mgmrefer.americanexpress.com/js/main.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.18.182 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
mgmrefer2.americanexpress.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Jun 2021 13:59:15 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"71cfc-179fb5ea738"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Date
Fri, 16 Jul 2021 11:20:48 GMT
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
0
Keep-Alive
timeout=5
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 		0
0
dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 		0
0
dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 		0
0
dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/ 		0
0
navScript.js
www.aexp-static.com/cdaas/one/statics/axp-nav-partial-utility/1.0.1/package/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-nav-partial-utility/1.0.1/package/dist/navScript.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 23:14:22 GMT
etag
W/"60a2f8ce-7c2"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
939
main.js
icm.aexp-static.com/Internet/travel/global-travel-navigation/subnav-script/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icm.aexp-static.com/Internet/travel/global-travel-navigation/subnav-script/main.js
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 16:34:51 GMT
server
Akamai Resource Optimizer
etag
"1f30-5b3ec9e63336f-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=9317
accept-ranges
bytes
content-length
2237
dls-logo-line.svg
icm.aexp-static.com/Internet/travel/cttonline/en_US/subNav/images/ 		0
0
mobile-travel-logo_en-us.svg
icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/ 		0
0
desktop-travel-logo_en-us.svg
icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/ 		0
0
fhr_logo_white.svg
www.amextravel.com/web-assets/ 		0
0
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 		0
0
Bootstrap.js
nexus.ensighten.com/amex/
Redirect Chain
  • https://www.americanexpress.com/adobetracking
  • https://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Requested by
Host: www.amextravel.com
URL: https://www.amextravel.com/featured-hotel-searches
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:20:48 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 09:05:01 GMT
server
nginx
etag
W/"60f14bbd-126b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300

Redirect headers

location
https://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
date
Fri, 16 Jul 2021 11:20:48 GMT
server
AkamaiGHost
content-length
0
x-frame-options
SAMEORIGIN
json
iseatz.tt.omtrdc.net/m2/iseatz/mbox/ 		96 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iseatz.tt.omtrdc.net/m2/iseatz/mbox/json?mbox=iseatz-mbox&mboxSession=3969e2b1af104a4780da985cc70b3ccc&mboxPC=&mboxPage=4b0de7d331f34c7b8e8013825fceb189&mboxVersion=0.9.6&mboxCount=1&mboxTime=1626441648552&mboxHost=www.amextravel.com&mboxURL=https%3A%2F%2Fwww.amextravel.com%2Ffeatured-hotel-searches&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&at_property=a26624e7-6790-766f-5efe-9d62d881036a
Requested by
Host: amex-static.iseatz.com
URL: https://amex-static.iseatz.com/web-assets/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-164-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
application/json
Referer
https://www.amextravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 11:20:48 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.amextravel.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
96
x-request-id
9dbe639431faafd440a3d5142e35aa2e
M
g.3gl.net/jp/3794/v3.2.6/ Frame 3933 		0
0
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/ 		0
0
Roboto-Regular.woff
icm.aexp-static.com/Internet/MemberGetMember/widget/generic/fonts/Roboto/ 		0
0
dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/ 		0
0
truncated
/ 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vac.vap.expedia.com
URL
https://vac.vap.expedia.com/1.22.6/virtualAgentControl.js
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
Domain
icm.aexp-static.com
URL
https://icm.aexp-static.com/Internet/travel/cttonline/en_US/subNav/images/dls-logo-line.svg
Domain
icm.aexp-static.com
URL
https://icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/mobile-travel-logo_en-us.svg
Domain
icm.aexp-static.com
URL
https://icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/desktop-travel-logo_en-us.svg
Domain
www.amextravel.com
URL
https://www.amextravel.com/web-assets/fhr_logo_white.svg
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Domain
g.3gl.net
URL
https://g.3gl.net/jp/3794/v3.2.6/M
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0
Domain
icm.aexp-static.com
URL
https://icm.aexp-static.com/Internet/MemberGetMember/widget/generic/fonts/Roboto/Roboto-Regular.woff
Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://icm.aexp-static.com/Internet/travel/global-travel-navigation/subnav-script/main.js(Line 8)
Message:
Subnav partials script running - v1.0.1.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block