Submitted URL: https://139.71.51.48/
Effective URL: https://139.71.51.48/login
Submission: On January 22 via manual from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 139.71.51.48, located in United States and belongs to AMERICAN-EXPRESS, US. The main domain is 139.71.51.48.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 16th 2022. Valid for: a year.
This is the only time 139.71.51.48 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 139.71.51.48 6307 (AMERICAN-...)
7 23.45.101.231 16625 (AKAMAI-AS)
1 2 139.71.16.195 6307 (AMERICAN-...)
18 4
Apex Domain
Subdomains
Transfer
7 aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 13120
50 KB
2 americanexpress.com
reconciliation.americanexpress.com — Cisco Umbrella Rank: 337663
1 KB
18 2
Domain Requested by
7 www.aexp-static.com 139.71.51.48
2 reconciliation.americanexpress.com 1 redirects 139.71.51.48
18 2

This site contains no links.

Subject Issuer Validity Valid
reconadminv4-r2.americanexpress.com
DigiCert SHA2 Extended Validation Server CA
2022-01-16 -
2023-02-16
a year crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA
2022-05-16 -
2023-05-15
a year crt.sh
reconportal.americanexpress.com
DigiCert SHA2 Extended Validation Server CA
2023-01-19 -
2024-01-18
a year crt.sh

This page contains 1 frames:

Frame: https://reconciliation.americanexpress.com/
Frame ID: 4B95161F6840B17D3F10166196509A15
Requests: 23 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://139.71.51.48/ HTTP 302
    https://139.71.51.48/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • aexp-static\.com

Page Statistics

18
Requests

44 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

898 kB
Transfer

3982 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://139.71.51.48/ HTTP 302
    https://139.71.51.48/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://reconciliation.americanexpress.com/ HTTP 302
  • https://reconciliation.americanexpress.com/

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
139.71.51.48/
Redirect Chain
  • https://139.71.51.48/
  • https://139.71.51.48/login
338 KB
45 KB
Document
General
Full URL
https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
91030449c40d17ae6f095b646ee2300c7ec91da813a5e473933b9b5b293e01ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Sun, 22 Jan 2023 21:17:11 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
X-Application-Context
application:e3ePaas
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 22 Jan 2023 21:17:11 GMT
Expires
0
Location
https://139.71.51.48/login
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
vendor.7d4bd74b.css
139.71.51.48/assets/
195 KB
32 KB
Stylesheet
General
Full URL
https://139.71.51.48/assets/vendor.7d4bd74b.css
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
c694bed191aa7a1af8386e90a12e5c41fad75d064b31659e7d9f8f528eb1d63c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=28800, must-revalidate, public
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
bundle.4a542051.css
139.71.51.48/assets/
71 KB
15 KB
Stylesheet
General
Full URL
https://139.71.51.48/assets/bundle.4a542051.css
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
6f17bf5e2ae331b3bdc2cfb101c4d8220f4a30d0c905014acafa8b4cb328996a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=28800, must-revalidate, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15363
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/
2 KB
1 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 17:37:19 GMT
etag
W/"5dbb1bcf-962"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
989
dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/
2 KB
931 B
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 17:37:19 GMT
etag
W/"5dbb1bcf-66e"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
743
dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/
2 KB
930 B
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 17:37:19 GMT
etag
W/"5dbb1bcf-66b"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
742
dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/
5 KB
978 B
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Fri, 04 Sep 2020 17:15:25 GMT
etag
W/"5f52762d-15f8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
https://www.americanexpress.com
cache-control
max-age=31536000, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
587
navScript.js
www.aexp-static.com/cdaas/one/statics/@americanexpress/axp-nav-partial-utility/1.0.1/package/dist/
2 KB
1 KB
Script
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/@americanexpress/axp-nav-partial-utility/1.0.1/package/dist/navScript.js
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3002b7789afb7f37a8fe978ef834996ac8de9eab73e86e7c1a58a31c1f7acbc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 01:51:04 GMT
etag
W/"61f9e388-95b"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
timing-allow-origin
*
content-length
1097
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/
2 KB
912 B
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 2019 19:50:49 GMT
etag
W/"5daa1799-693"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000
timing-allow-origin
*
content-length
712
expires
Tue, 02 Mar 2021 18:54:37 GMT
manifest.91fb72be420d69ee9fc2.js
139.71.51.48/javascripts/
2 KB
2 KB
Script
General
Full URL
https://139.71.51.48/javascripts/manifest.91fb72be420d69ee9fc2.js
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
39f87a27a457a23224efeebc212c5967e427f3ec393f0946fd5d9fde5001dd27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1099
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
polyfills.2c33ebfdd19428e2c9cc.js
139.71.51.48/javascripts/
120 KB
38 KB
Script
General
Full URL
https://139.71.51.48/javascripts/polyfills.2c33ebfdd19428e2c9cc.js
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
3e96fb110745d85302e9130cc71748889ec239d7ca6e5ba95d6ebd59741828a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
vendor.46db0d6a1b6d31b0c43e.js
139.71.51.48/javascripts/
2 MB
503 KB
Script
General
Full URL
https://139.71.51.48/javascripts/vendor.46db0d6a1b6d31b0c43e.js
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
e6245b64904d1208e9df4180a066236c454f6c690cb0cd0b7332ce0c31ab12be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
bundle.cfcf9e7a2b2506d496df.js
139.71.51.48/javascripts/
1 MB
163 KB
Script
General
Full URL
https://139.71.51.48/javascripts/bundle.cfcf9e7a2b2506d496df.js
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
ae10ed15afdf94611fc355ff7645d73508edc238ec50c65c0fb402fd439da784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://139.71.51.48/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 19 Jan 2023 16:20:06 GMT
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/
0
0

truncated
/
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
764 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
984 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/
44 KB
44 KB
Font
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.101.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-101-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0

Request headers

Referer
https://139.71.51.48/
Origin
https://139.71.51.48
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:17:12 GMT
last-modified
Mon, 06 Jan 2020 21:18:42 GMT
etag
"5e13a432-ae08"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
44552
expires
Tue, 02 Mar 2021 18:29:40 GMT
BentonSansBook.otf
139.71.51.48/fonts/
24 KB
25 KB
Font
General
Full URL
https://139.71.51.48/fonts/BentonSansBook.otf
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/assets/bundle.4a542051.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
a2305ddd49cceb3ce4e7dfc7b22e5e137dc994a59b72da9883dd49d479c7d2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://139.71.51.48/assets/bundle.4a542051.css
Origin
https://139.71.51.48
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 19 Jan 2023 16:20:10 GMT
X-Frame-Options
DENY
Content-Type
application/x-font-opentype
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24936
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
BentonSansBold.otf
139.71.51.48/fonts/
25 KB
25 KB
Font
General
Full URL
https://139.71.51.48/fonts/BentonSansBold.otf
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/assets/bundle.4a542051.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.51.48 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconadminv4-r2.americanexpress.com
Software
/
Resource Hash
bb962726f48ddca920808b52c0b988396102a3a9da0899067bf6dab3402e930e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://139.71.51.48/assets/bundle.4a542051.css
Origin
https://139.71.51.48
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sun, 22 Jan 2023 21:17:12 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 19 Jan 2023 16:20:10 GMT
X-Frame-Options
DENY
Content-Type
application/x-font-opentype
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25432
X-XSS-Protection
1; mode=block
X-Application-Context
application:e3ePaas
/
reconciliation.americanexpress.com/
Redirect Chain
  • https://reconciliation.americanexpress.com/
  • https://reconciliation.americanexpress.com/
0
0
Document
General
Full URL
https://reconciliation.americanexpress.com/
Requested by
Host: 139.71.51.48
URL: https://139.71.51.48/javascripts/bundle.cfcf9e7a2b2506d496df.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.71.16.195 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
reconportal2.americanexpress.com
Software
/
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://139.71.51.48/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-Store, no-cache
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Date
Sun, 22 Jan 2023 21:17:19 GMT
Expires
0
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
X-FRAME-OPTIONS
DENY
X-UA-Compatible
IE=EDGE
content-security-policy-report-only
style-src 'unsafe-inline' 'self'; block-all-mixed-content ; script-src https://*.americanexpress.com/ https://www.aexp-static.com/ 'unsafe-inline' 'self' https://c.evidon.com/ https://www.java.com/ 'unsafe-eval' https://ajax.googleapis.com/; base-uri 'none'; form-action 'self' https://*.americanexpress.com/; frame-src 'none'; img-src data: https:; connect-src https://*.evidon.com/; object-src 'none'; worker-src 'none'; media-src 'none'; frame-ancestors 'none'; font-src 'self' https://www.aexp-static.com/;
pragma
no-cache

Redirect headers

Cache-Control
no-Store, no-cache
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html;charset=UTF-8
Date
Sun, 22 Jan 2023 21:17:17 GMT
Expires
0
Keep-Alive
timeout=5, max=100
Location
https://reconciliation.americanexpress.com/
X-FRAME-OPTIONS
DENY
X-UA-Compatible
IE=EDGE
content-security-policy-report-only
style-src 'unsafe-inline' 'self'; block-all-mixed-content ; script-src https://*.americanexpress.com/ https://www.aexp-static.com/ 'unsafe-inline' 'self' https://c.evidon.com/ https://www.java.com/ 'unsafe-eval' https://ajax.googleapis.com/; base-uri 'none'; form-action 'self' https://*.americanexpress.com/; frame-src 'none'; img-src data: https:; connect-src https://*.evidon.com/; object-src 'none'; worker-src 'none'; media-src 'none'; frame-ancestors 'none'; font-src 'self' https://www.aexp-static.com/;
pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aexp-static.com
URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

7 Cookies

Domain/Path Name / Value
139.71.51.48/ Name: SESSION
Value: b16ac7b5-194a-4210-ac49-d41e82c6fd26
139.71.51.48/ Name: XSRF-TOKEN
Value: 57fa8db8-e094-47cf-ac53-ec86dadb29e8
139.71.51.48/ Name: TS0139a03f
Value: 0103f93e5cbdd68bfbe968cd02c1e0fafb187850f0ed181e7518d2be5c490366fca4cbc8b73094a56fb1a6442ec12ef55b19237753dfaad77b5898a36fa61552c59ceb9434297081a2b846f01b6c205332e7b452d9
reconciliation.americanexpress.com/ Name: SESSION
Value: b2d31a85-21d1-4c29-aede-64a8f0f6aea6
reconciliation.americanexpress.com/ Name: defaultLang
Value: de_DE
reconciliation.americanexpress.com/ Name: TS0139a03f
Value: 0152a806c176673470b9921a9d3120d367cefb9dda908ff45d1fcfa9be8a7a0dcfedbfdc56da5ba802e99558fcde4e52361815db89
reconciliation.americanexpress.com/ Name: TS01cbb0ee
Value: 0152a806c176673470b9921a9d3120d367cefb9dda908ff45d1fcfa9be8a7a0dcfedbfdc56da5ba802e99558fcde4e52361815db89

2 Console Messages

Source Level URL
Text
javascript error URL: https://139.71.51.48/login
Message:
Access to image at 'https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg' from origin 'https://139.71.51.48' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.americanexpress.com' that is not equal to the supplied origin.
network error URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

reconciliation.americanexpress.com
www.aexp-static.com
www.aexp-static.com
139.71.16.195
139.71.51.48
23.45.101.231
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
3002b7789afb7f37a8fe978ef834996ac8de9eab73e86e7c1a58a31c1f7acbc0
39f87a27a457a23224efeebc212c5967e427f3ec393f0946fd5d9fde5001dd27
3e96fb110745d85302e9130cc71748889ec239d7ca6e5ba95d6ebd59741828a7
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0
6f17bf5e2ae331b3bdc2cfb101c4d8220f4a30d0c905014acafa8b4cb328996a
91030449c40d17ae6f095b646ee2300c7ec91da813a5e473933b9b5b293e01ee
a2305ddd49cceb3ce4e7dfc7b22e5e137dc994a59b72da9883dd49d479c7d2a7
ae10ed15afdf94611fc355ff7645d73508edc238ec50c65c0fb402fd439da784
bb962726f48ddca920808b52c0b988396102a3a9da0899067bf6dab3402e930e
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c694bed191aa7a1af8386e90a12e5c41fad75d064b31659e7d9f8f528eb1d63c
e6245b64904d1208e9df4180a066236c454f6c690cb0cd0b7332ce0c31ab12be
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519