travelvitals.amexgbt.com Open in urlscan Pro
194.36.55.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://travelvitals.amexgbt.com/
Submission: On April 21 via api (April 21st 2023, 12:03:38 pm UTC) from IE — Scanned from GB

Summary HTTP 68 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 68 HTTP transactions. The main IP is 194.36.55.251, located in and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is travelvitals.amexgbt.com. The Cisco Umbrella rank of the primary domain is 493767.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on April 13th 2023. Valid for: a year.

This is the only time travelvitals.amexgbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	194.36.55.251 194.36.55.251	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
11	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	194.36.55.247 194.36.55.247	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	44.230.1.235 44.230.1.235	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
10	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.232.194 2.18.232.194	16625 (AKAMAI-AS) (AKAMAI-AS)
68	16

25 194.36.55.251 (None, ) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

travelvitals.amexgbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

sdk.joinsherpa.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.36.55.247 (None, )

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.amexglobalbusinesstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.230.1.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-1-235.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-194.deploy.static.akamaitechnologies.com

static-assets.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
az1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	amexgbt.com 1 redirects travelvitals.amexgbt.com — Cisco Umbrella Rank: 493767	2 MB
12	qualtrics.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1350 static-assets.qualtrics.com — Cisco Umbrella Rank: 48326 az1.qualtrics.com — Cisco Umbrella Rank: 21031	74 KB
11	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5341 geolocation.onetrust.com — Cisco Umbrella Rank: 882	151 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	393 KB
4	google.com www.google.com — Cisco Umbrella Rank: 16 translate.google.com — Cisco Umbrella Rank: 2219	56 KB
2	amexglobalbusinesstravel.com www.amexglobalbusinesstravel.com — Cisco Umbrella Rank: 234201	95 KB
1	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1638	75 KB
1	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 2061	206 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	44 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	89 KB
1	joinsherpa.io sdk.joinsherpa.io — Cisco Umbrella Rank: 66215	191 KB
68	11

	Domain	Requested by
25	travelvitals.amexgbt.com	1 redirects travelvitals.amexgbt.com
10	cdn-ukwest.onetrust.com	travelvitals.amexgbt.com cdn-ukwest.onetrust.com
9	siteintercept.qualtrics.com	znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com siteintercept.qualtrics.com
8	www.gstatic.com	www.google.com travelvitals.amexgbt.com www.gstatic.com
3	www.google.com	travelvitals.amexgbt.com www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
2	www.amexglobalbusinesstravel.com	travelvitals.amexgbt.com
1	az1.qualtrics.com
1	static-assets.qualtrics.com
1	znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com	travelvitals.amexgbt.com
1	translate.googleapis.com
1	api.amplitude.com	travelvitals.amexgbt.com
1	translate.google.com	travelvitals.amexgbt.com
1	www.googleoptimize.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	www.googletagmanager.com	travelvitals.amexgbt.com
1	sdk.joinsherpa.io	travelvitals.amexgbt.com
68	17

This site contains links to these domains. Also see Links.

Domain
www.amexglobalbusinesstravel.com
translate.google.com
privacy.amexgbt.com
twitter.com
www.linkedin.com
www.instagram.com
www.onetrust.com

Subject Issuer	Validity	Valid
cdn.amexgbt.com Sectigo ECC Organization Validation Secure Server CA	`2023-04-13` - `2024-04-12`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-11-26` - `2023-11-26`	a year	crt.sh
www.viperlineup.com GTS CA 1D4	`2023-03-19` - `2023-06-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.amexglobalbusinesstravel.com Sectigo ECC Organization Validation Secure Server CA	`2023-02-24` - `2024-02-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://travelvitals.amexgbt.com/
Frame ID: 0E6CB313A150FA8C9BE529E68128CE63
Requests: 59 HTTP requests in this frame

Frame: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/invisible.js
Frame ID: 6D722058D6F822E2F97F5D997FA70F1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&badge=bottomright&cb=a23x3onto2ue
Frame ID: CA1C687C2ECCD26925B1DC8498E5B3BC
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7271468EFF03C5E8B9A8D459998AFC8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Vitalslinkedin-iconfacebook-icontwitter-iconinstagram-iconBack ButtonSearch IconFilter Icon

Detected technologies

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

99 %
HTTPS

57 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2866 kB
Transfer

5969 kB
Size

5
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amexglobalbusinesstravel.com/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/contact/
Title: Let's Talk

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/
Title: Custom Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/one-stop-travel-solution/
Title: One-Stop Travel Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/lola/
Title: Simplified Travel Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/energy-mining-marine/
Title: Energy, Marine, Mining

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/meetings-events/
Title: Meetings & Events

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/global-business-consulting/
Title: Consulting Services

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/policy-compliance/
Title: Trip Approval System

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/travel-risk-management/
Title: Risk Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/rest-assured/
Title: Accommodation Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/insights-and-reporting/
Title: Data & Analytics

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/online-travel-booking/
Title: Booking Technology

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/business-travel-app/
Title: Business Travel App

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/about-us/best-travel-team/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/about-us/#global-network-map
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-social-responsibility/
Title: Corporate Social Responsibility

Search URL Search Domain Scan URL

URL: https://privacy.amexgbt.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/terms-service/
Title: Terms and Services

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/press-room/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/amexgbt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express-global-business-travel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amexgbt

Search URL Search Domain Scan URL

URL: https://privacy.amexgbt.com/cookies
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/invisible.js

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
travelvitals.amexgbt.com/ 7 KB
4 KB 301ms
187ms Document
text/html 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0a0030f912996b9311093bd65033db2c33de2293a4300cb466522b0062da1875

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7bb57bf9ed89dd64-LHR
content-encoding: gzip
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 12:03:31 GMT
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 163ms
62ms Script
application/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
age: 65422
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6741
x-ms-lease-status: unlocked
last-modified: Tue, 11 Apr 2023 19:20:00 GMT
server: cloudflare
etag: 0x8DB3AC1BEC5BA19
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36457fbd-401e-0021-0f0c-6d49aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bfbbd3f8880-LHR
expires: Sat, 22 Apr 2023 12:03:31 GMT

GET
H2 200 index.css
travelvitals.amexgbt.com/css/ 11 KB
3 KB 235ms
233ms Stylesheet
text/css 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/index.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f9d5d9cd58df9ac1af5a37fe28fa93d0d97b1f7e0a8d5e08fcb557db5a53a1d3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:31 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f74dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:31 GMT

GET
H2 200 extract.css
travelvitals.amexgbt.com/css/ 186 KB
26 KB 181ms
180ms Stylesheet
text/css 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/extract.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

97a693fe5a3b2081a2dc13deb404da700f7ca8209e7dfbe296d9e80001a2c66e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:31 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f78dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:31 GMT

GET
H2 200 widget.js Show response
sdk.joinsherpa.io/ 634 KB
191 KB 187ms
56ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.joinsherpa.io/widget.js?appId=spMzOTE3NT

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

a63da8f6fc2866a1898db67b80ae0bc4acfd0756952516758b2b1ab99f0b19af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Fri, 21 Apr 2023 12:03:31 GMT
x-powered-by: Express
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 194477
x-served-by: cache-fra-eddf8230044-FRA
server: Google Frontend
x-timer: S1682078612.829588,VS0,VE3
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-expose-headers: x-country-code,x-orig-accept-language
cache-control: public, max-age=86400
function-execution-id: cmyxsmsgen7h
x-cloud-trace-context: 9f9e6d147e61d7d9ca64194c5c32aafc
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: FI
x-cache-hits: 1

GET
H2 200 2.80f479d8.chunk.css
travelvitals.amexgbt.com/static/css/ 144 KB
23 KB 194ms
192ms Stylesheet
text/css 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/css/2.80f479d8.chunk.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4ce9394fc01a6be307913365a73d6bb932d20a197b3ba3f502011129475c9472

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:31 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f7add64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:31 GMT

GET
H2 200 main.30efdb5c.chunk.css
travelvitals.amexgbt.com/static/css/ 13 KB
3 KB 226ms
225ms Stylesheet
text/css 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/css/main.30efdb5c.chunk.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d5c6a8dff28afcfa83217c42920dd4b22cd328a420d0fdf5d9a27e563af96bd4

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:31 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f7cdd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:31 GMT

GET
H2 200 2.5196a870.chunk.js Show response
travelvitals.amexgbt.com/static/js/ 585 KB
184 KB 445ms
444ms Script
application/javascript 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/js/2.5196a870.chunk.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8ddbb7c384dfad3b8f9527b0e2a1e9eee54ad282517b02e36c8613929a6c7b78

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:32 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f7ddd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:32 GMT

GET
H2 200 main.c82d4e3d.chunk.js Show response
travelvitals.amexgbt.com/static/js/ 54 KB
15 KB 231ms
229ms Script
application/javascript 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/js/main.c82d4e3d.chunk.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b5a4807c6e0f81337a30d24d00377104a6f83e05ea6ef4a6f28a529cdf6b3ec3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:31 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57bfb1f7edd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
89 KB 198ms
82ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K64VCV

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcd817e12243f39b5312468c9585df6d261a508ba386fb60f7620ca34ead5d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 12:03:32 GMT

GET
H2 200 ac001aef-4cd0-4951-82cb-b3f2339f647f.json Show response
cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/ 3 KB
2 KB 162ms
73ms XHR
application/x-javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/ac001aef-4cd0-4951-82cb-b3f2339f647f.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa4f0de33451cce32a6eb7ea8b347b0c0f717ecc4ff673a6b8685890f433bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6oKNd9r/4L3SW6ogCk+S1A==
age: 11317
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1457
x-ms-lease-status: unlocked
last-modified: Thu, 15 Sep 2022 08:42:08 GMT
server: cloudflare
etag: 0x8DA96F62CCAA1B1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 03808c8e-f01e-0038-2e43-6c65c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bfcbff771de-LHR

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
228 B 67ms
66ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7bb57bfd68c971de-LHR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/ 376 KB
90 KB 59ms
59ms Script
application/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 229oLfugqvtMNLM3e0uPaA==
age: 18001
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 91423
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:59 GMT
server: cloudflare
etag: 0x8DA95C70229E004
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: abb66b09-501e-003e-4543-6c92ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bfdd9138880-LHR
expires: Sat, 22 Apr 2023 12:03:32 GMT

GET
H2 200 en-us.json Show response
cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/63172322-9f67-403d-95fe-3bb9db0dbfb0/ 40 KB
11 KB 59ms
59ms Fetch
application/x-javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/63172322-9f67-403d-95fe-3bb9db0dbfb0/en-us.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430a274edbc63647988751e1092bdf0f8792883a82a4a1e3a6a6b70e66cb3628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LY5e0JMLzreaVZ0ZMNyceg==
age: 4375
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11389
x-ms-lease-status: unlocked
last-modified: Thu, 15 Sep 2022 08:42:16 GMT
server: cloudflare
etag: 0x8DA96F6316F341C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5bdb9c97-201e-005c-5843-6cd562000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bfe9a4571de-LHR

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 10 KB
3 KB 69ms
68ms Fetch
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: a2W3vTIDs86DMxSWG3u1Vw==
age: 11317
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2589
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:48 GMT
server: cloudflare
etag: 0x8DA95C6FB825389
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 73a4156b-801e-003c-1943-6c9040000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bff1abc71de-LHR
expires: Sat, 22 Apr 2023 12:03:32 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/ 62 KB
13 KB 63ms
63ms Fetch
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: eeLeQFlL9c7wmvR8bYV+Vw==
age: 11317
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13334
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:48 GMT
server: cloudflare
etag: 0x8DA95C6FBEF3D22
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 874b657a-e01e-0068-3043-6c7aca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bff1abd71de-LHR
expires: Sat, 22 Apr 2023 12:03:32 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 5 KB
2 KB 71ms
71ms Fetch
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: chhUbr1lo8VfhnCyj4C/QQ==
age: 14171
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:48 GMT
server: cloudflare
etag: 0x8DA95C6FB9D5360
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 03808df9-f01e-0038-7543-6c65c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57bff1abe71de-LHR
expires: Sat, 22 Apr 2023 12:03:32 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 22 KB
5 KB 69ms
69ms Fetch
text/css 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 12054
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:32:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b26eed6b-801e-0051-3443-6c3a6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bb57bff1abf71de-LHR
expires: Sat, 22 Apr 2023 12:03:32 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 113 KB
44 KB 194ms
64ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P5PLQ9S

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K64VCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f50c933b9ac5c5fb9056561e3b6673ff38aaf00d470b174928c765b87f72932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 12:03:32 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
901 B 181ms
64ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/2.5196a870.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66b7ba6ec8e6f2964919ba55bc9f1428fe6eff42402f00d3260d30238da044a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 12:03:33 GMT

GET
H2 200 logo.e39f85a2.svg
travelvitals.amexgbt.com/static/media/ 8 KB
3 KB 205ms
202ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/logo.e39f85a2.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ff77a82947022c9900c23a9ed1f1cc3279c45da11c624c2afdae0c9fbfd91526

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042dfbdd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 menu_icon.9f3f7e26.svg
travelvitals.amexgbt.com/static/media/ 407 B
272 B 177ms
174ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/menu_icon.9f3f7e26.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f313719dda50110f5a2099a81603c5895b2a4a8646a4f669a82d5c014ba0706d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042dffdd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 serch_icon_filled.b039aad2.svg
travelvitals.amexgbt.com/static/media/ 552 B
392 B 171ms
168ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/serch_icon_filled.b039aad2.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c0ca2c9183566957781d4cc82c85bb4ded1ccca206ae82678a2250e68af1057

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042e00dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 map_outline.844629c4.svg
travelvitals.amexgbt.com/static/media/ 620 B
445 B 430ms
427ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/map_outline.844629c4.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6994f5d4d8ebd7cc7625e23f0ac9bafa8562a8a13cef32781abc88992061b318

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042e03dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 ellipsis_filled.7aedee04.svg
travelvitals.amexgbt.com/static/media/ 1017 B
677 B 198ms
195ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/ellipsis_filled.7aedee04.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f1b264d9934c8ed0c2ab65db3674f8cdc48b8c8f965301ce6c76d5e1a9ab1a39

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042e05dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 ellipsis_empty.0a3c2f51.svg
travelvitals.amexgbt.com/static/media/ 841 B
597 B 200ms
198ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/ellipsis_empty.0a3c2f51.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba1d4ba912bac26105454ad904624c42077d233d5650fa4e7875f72eaf6f1af5

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042e06dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 dls-icon-change_1.5cd1bf5f.svg
travelvitals.amexgbt.com/static/media/ 426 B
346 B 185ms
183ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/dls-icon-change_1.5cd1bf5f.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9aee43af9e957d4c23afa820116b8da335f1d30c9e1a671553162f2cafef4921

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c042e09dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 AXP_GBT_NameLockup_RGB_WHITE_D.png
www.amexglobalbusinesstravel.com/content/themes/amexgbt/images/ 23 KB
24 KB 227ms
123ms Image
image/png 194.36.55.247
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amexglobalbusinesstravel.com/content/themes/amexgbt/images/AXP_GBT_NameLockup_RGB_WHITE_D.png
Requested by: Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.36.55.247 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7260a0e065fc6bd843ed0c73fedec523f4fa2a6cbac6cb8155320cad45c6ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 00:38:55 GMT
server: cloudflare
age: 1541
etag: "5d05-5f9cde1c5c5c0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bb57c04cf2b3854-LHR
content-length: 23813
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 logo-biz.svg
www.amexglobalbusinesstravel.com/content/themes/amexgbt/images/2020/ 234 KB
72 KB 177ms
73ms Image
image/svg+xml 194.36.55.247
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amexglobalbusinesstravel.com/content/themes/amexgbt/images/2020/logo-biz.svg
Requested by: Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.36.55.247 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96bd2b5ecac20fbc947c88b2824d258b699c0887f45ce2695bcfa06b8dc21712

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 00:38:55 GMT
server: cloudflare
age: 1541
etag: W/"3a837-5f9cde1c5c5c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7bb57c04cf313854-LHR
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 1x%20World%20Service%20Pattern.png
travelvitals.amexgbt.com/images/ 647 KB
648 KB 234ms
232ms Image
image/png 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/images/1x%20World%20Service%20Pattern.png

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

45d2468115e6efd968b1afab799ab386be1567200952657b53e13f30f437ad7f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
content-length: 662411
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/png
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb57c042e0add64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 1x%20World%20Service%20Pattern.fcaef859.png
travelvitals.amexgbt.com/static/media/ 647 KB
648 KB 216ms
214ms Image
image/png 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/1x%20World%20Service%20Pattern.fcaef859.png

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/css/main.30efdb5c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

45d2468115e6efd968b1afab799ab386be1567200952657b53e13f30f437ad7f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/static/css/main.30efdb5c.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
content-length: 662411
last-modified: Thu, 02 Feb 2023 06:56:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/png
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb57c043e0cdd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 Amex-flourish-dark-1b.svg
travelvitals.amexgbt.com/images/2020/ 6 KB
3 KB 185ms
184ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/images/2020/Amex-flourish-dark-1b.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

09908aeba60bb08e88c174d2554f19b262b6474f9f4d7e0c23910addb895d76f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/css/extract.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c043e0edd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 tile-fullsize-08opacity.svg
travelvitals.amexgbt.com/images/2020/ 130 KB
42 KB 430ms
430ms Image
image/svg+xml 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/images/2020/tile-fullsize-08opacity.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

095017d0434fbe11e3c51a07bb0f6ae139dde4c44bb2a70e5206c95e758f0c8e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/css/extract.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c046e6add64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 BentonSansRegular.woff2
travelvitals.amexgbt.com/css/fonts/benton-sans-regular/ 9 KB
9 KB 250ms
250ms Font
font/woff2 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/benton-sans-regular/BentonSansRegular.woff2

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b325503d007aba9f3f596639b7b04ee47f2ec668ea33582fa7bc0239ff953873

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
content-length: 9156
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: font/woff2
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb57c046e6ddd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 GuardianEgyp-Regular.otf
travelvitals.amexgbt.com/css/fonts/guardian_egyptian_headline/ 126 KB
52 KB 265ms
265ms Font
font/otf 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/guardian_egyptian_headline/GuardianEgyp-Regular.otf

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e84237e139115ce87651758036fd271b66d015c7d207cbb62e018529abdf8e0

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: font/otf
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7bb57c046e6fdd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 BentonSansBold.woff
travelvitals.amexgbt.com/css/fonts/benton-sans-bold/ 12 KB
12 KB 238ms
238ms Font
font/woff 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/benton-sans-bold/BentonSansBold.woff

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ffb81d946c38ae37f7f5549e3c2d32b6ac0bfb60b937d87e19c912b17042f87e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' 'unsafe-inline' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
content-length: 12392
last-modified: Thu, 02 Feb 2023 06:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: font/woff
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb57c046e72dd64-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Fri, 21 Apr 2023 16:03:33 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 78 KB
28 KB 198ms
76ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/main.c82d4e3d.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5e8ad0ad1054e018847afab62692a3719130318bc409f745b0bb63576e2ecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 652ms
219ms XHR
text/html 44.230.1.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/2.5196a870.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.1.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-1-235.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 12:03:33 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64427b95-023575bd6923039b65b6c917
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2

200

invisible.js Show response
travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/ Frame 6D72
Redirect Chain

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/invisible.js

28 KB
14 KB

62ms
61ms

Script
application/javascript

194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/invisible.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

58902e6aac72e8b4d3f7b590fe032534eb7c5293846bec7508293b5c4b24efca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bb57c04df3bdd64-LHR

Redirect headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/70d5f7ce/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7bb57c046e74dd64-LHR

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AXP_GBT_Primary_BBLockup_Stacked_SMALLscale_RGB_D.jpg
cdn-ukwest.onetrust.com/logos/a26b9700-d67b-481f-8d13-855f0648f53e/3806a967-42c9-4785-a686-9d0d8ed2e9e2/1d50d701-9d10-477c-b017-a26fa55fede7/ 17 KB
17 KB 67ms
66ms Image
image/jpeg 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a26b9700-d67b-481f-8d13-855f0648f53e/3806a967-42c9-4785-a686-9d0d8ed2e9e2/1d50d701-9d10-477c-b017-a26fa55fede7/AXP_GBT_Primary_BBLockup_Stacked_SMALLscale_RGB_D.jpg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4ec0f62ef2f1446794b8f3c06ff19e892a5632343a0c64c3f6bc81f876aabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: eDyddhc7j/Iym8ACAqxQqg==
age: 15672
content-length: 17281
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 16 Aug 2022 20:49:31 GMT
server: cloudflare
etag: 0x8DA7FC8D19508A2
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 470fa59c-301e-0025-6443-6cbc28000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bb57c049c878880-LHR
expires: Sat, 22 Apr 2023 12:03:33 GMT

GET
H2 200 poweredBy_ot_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 3 KB
2 KB 62ms
62ms Image
image/svg+xml 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/poweredBy_ot_logo.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 21 Apr 2023 12:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: LpuayL42jB78xRllx0vkOw==
age: 18003
x-ms-lease-status: unlocked
last-modified: Tue, 11 Apr 2023 19:20:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 747d371d-e01e-0005-600c-6dd0e4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bb57c049c8b8880-LHR
expires: Sat, 22 Apr 2023 12:03:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ 407 KB
164 KB 180ms
57ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf0f525a093a2008e20f01bbf709e1e8840d1c49e7e05a8e7431ed71d350f30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://travelvitals.amexgbt.com/
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166822
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 08:40:59 GMT

GET
H2 200 pica.js
travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6D72 6 KB
3 KB 84ms
84ms Other
application/javascript 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cee939836c050afe71f628cff14c8ec2824fecd34da6e4978596c34b5285df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bb57c054ffbdd64-LHR

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 25 KB
5 KB 179ms
59ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.440A4VLCC-I.O/d=1/rs=AN8SPfpe8kRNR2bXKNihzvDinHg9VZGBzQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4396
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 09:45:21 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.440A4VLCC-I.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpe8kRNR2bXKNihzvDinHg9VZGBzQ/ 213 KB
75 KB 187ms
55ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.440A4VLCC-I.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpe8kRNR2bXKNihzvDinHg9VZGBzQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.440A4VLCC-I.O/d=1/rs=AN8SPfpe8kRNR2bXKNihzvDinHg9VZGBzQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

454cfd906ca03c287660fc656dd9d94fce6a228403b4c69480a2defb0c13bc33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76395
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 21:15:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 09:45:20 GMT

POST
H2 200 7bb57bf9ed89dd64 Show response
travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6D72 2 B
347 B 104ms
104ms XHR
text/plain 194.36.55.251
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/cv/result/7bb57bf9ed89dd64
Requested by: Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.36.55.251 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 12:03:33 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7bb57c073b2bdd64-LHR
content-type: text/plain; charset=UTF-8

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CA1C 49 KB
27 KB 76ms
76ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&badge=bottomright&cb=a23x3onto2ue

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

530fd567a8e1b751820f8362d7858e5e805ed4e4a768e00017316c54a3def399

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zrzsNjlMxNnuf5DKV-d0Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelvitals.amexgbt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27181
content-security-policy: script-src 'report-sample' 'nonce-zrzsNjlMxNnuf5DKV-d0Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 12:03:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated Show response
/ Frame 7271 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 61ms
60ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 10:42:35 GMT
x-content-type-options: nosniff
age: 4858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Apr 2024 10:42:35 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 58ms
57ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:22:13 GMT
x-content-type-options: nosniff
age: 103280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Apr 2024 07:22:13 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 58ms
58ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:47:14 GMT
x-content-type-options: nosniff
age: 263779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Apr 2024 10:47:14 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ Frame CA1C 55 KB
24 KB 59ms
59ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&badge=bottomright&cb=a23x3onto2ue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 11:29:12 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ Frame CA1C 407 KB
163 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf0f525a093a2008e20f01bbf709e1e8840d1c49e7e05a8e7431ed71d350f30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166822
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 08:40:59 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CA1C 2 KB
2 KB 60ms
59ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:40:03 GMT
x-content-type-options: nosniff
age: 102211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:40:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CA1C 15 KB
16 KB 174ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:20:16 GMT
x-content-type-options: nosniff
age: 103398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 07:20:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CA1C 15 KB
15 KB 188ms
68ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:22:12 GMT
x-content-type-options: nosniff
age: 103282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 07:22:12 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CA1C 102 B
134 B 66ms
66ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vkGiR-M4noX1963Xi_DB0JeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ba015dc70fc1806f35a41de502301d7e7c9a3ece628afab96d9704d5f30ccee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&badge=bottomright&cb=a23x3onto2ue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 12:03:34 GMT

GET
H2 200 / Show response
znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 192ms
64ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e58ac45dcaaf3cab80afd9bd9c6cb777ee9c6eb483ff0b70b9c935206ef1d9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 42509
cf-polished: origSize=9051
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"235b-Sie1aq/rszD/euZeTdj0SmZOBoY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0c290424dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 10.13da654ebc4ff074d07c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
20 KB 69ms
68ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.13da654ebc4ff074d07c.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=travelvitals.amexgbt.com

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 240000
cf-polished: origSize=66409
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"10369-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0c899024dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 254ms
253ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_bpWJ9gKlad5X3kF&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.13da654ebc4ff074d07c.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=travelvitals.amexgbt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1f10a83bca33115d829233957441280354aa75c18a13200232d2cd7142d0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://travelvitals.amexgbt.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: f67ea2d6a7134f8f
cf-ray: 7bb57c0d1a4d24dd-LHR
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 76ms
76ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54778
cf-polished: origSize=104979
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19a13-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0ebccc24dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 5.07a6a69905ef056ba9ee.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
900 B 105ms
104ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.07a6a69905ef056ba9ee.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b46a29347f98c4452c9e512233641444def5ebf724cf4cc6a8b18709323204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 141311
cf-polished: origSize=2522
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9da-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0f5df424dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.92310019cd9a5ffe1656.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
6 KB 89ms
89ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.92310019cd9a5ffe1656.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee84f35cccd4482139bcd41e7e0b932961363f9a702082b36ecb0b48921c2fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 239997
cf-polished: origSize=29372
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72bc-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0f5df724dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 SliderModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 14 KB
4 KB 76ms
76ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9caae55516a4dc087ff6980903434d5b9651acc7c6e509f2b7abd72bed7b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:03:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 239965
cf-polished: origSize=14625
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"3921-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0f5dfa24dd-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
1 KB 159ms
67ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bPGbyrdbCLgWeTb&Version=10&Q_ORIGIN=https://travelvitals.amexgbt.com&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c5eb2fd1dc08db2baa381084ddce040a8abce7fd3361de1db79f790e32af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 14 Apr 2033 13:34:08 GMT
date: Fri, 21 Apr 2023 12:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 340167
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Apr 2023 13:34:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0feb0723c4-LHR
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 165ms
73ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9FxHTg65L4DO2WN&Version=31&Q_InterceptID=SI_bPGbyrdbCLgWeTb&Q_ORIGIN=https://travelvitals.amexgbt.com&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96fe3e32b7ee68f094ba6ea93785333993f0537e212e07b67a238fd7dec622d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 14 Apr 2033 14:33:19 GMT
date: Fri, 21 Apr 2023 12:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 336616
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Apr 2023 14:33:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bb57c0feb0823c4-LHR
servershortname

GET
H2 200 svg-close-btn-black-7.svg
static-assets.qualtrics.com/static/prototype-ui-modules/SharedGraphics/siteintercept/ 1 KB
2 KB 241ms
61ms Image
image/svg+xml 2.18.232.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-assets.qualtrics.com/static/prototype-ui-modules/SharedGraphics/siteintercept/svg-close-btn-black-7.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: DOuBs6sDOMlimUvdQBvjLjGnOaVPiN8s
date: Fri, 21 Apr 2023 12:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-amz-replication-status: COMPLETED
content-length: 1206
x-amz-meta-mutable: true
last-modified: Fri, 31 Mar 2023 13:55:12 GMT
etag: "8736a0a5f49a2a06e82f607f9f3d4f46"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: must-revalidate, max-age=543813
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 Graphic.php
az1.qualtrics.com/WRQualtricsSiteIntercept/ 1 KB
2 KB 257ms
72ms Image
image/png 2.18.232.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://az1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_eJK0TkseRWzpGXX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-194.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

c5c2e1c40c659ebb0b4472f031cca5165d18802e0d00b76d70e73d3e19c1320e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 263
date: Fri, 21 Apr 2023 12:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 1
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 93
content-disposition: inline; filename=Feedback2
content-length: 1168
x-request-id: 2f885203-2967-4e69-bd62-b007483f9faf,74e43bea-511e-4b00-8e75-6ea9406b5c13
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "c7392b392f84f28abab7b97cc7d5d2a7"
content-type: image/png
access-control-allow-origin: *,*
x-transaction-id: b7707fd5-29e6-4314-9394-69c408637765
cache-control: public, max-age=19
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Fri, 21 Apr 2023 12:03:54 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
222 B 145ms
145ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9FxHTg65L4DO2WN&Q_SIID=SI_bPGbyrdbCLgWeTb&Q_ASID=AS_66951923&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&r=1682078615100

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 12:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://travelvitals.amexgbt.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 524d3517fb0725cf
cf-ray: 7bb57c108bfc23c4-LHR

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amexgbt.com/	1969-12-31 23:59:59	Name: _cfuvid Value: _aNpO3gMjYm0NR.XQx3TzaqvVCR50.Q.q0QMBpHCXVs-1682078611642-0-604800000
.amexgbt.com/	1970-01-20 20:00:14	Name: amp_6f3785 Value: e1OgH94VNwt-wM0EWgbB0H...1guhr5fjd.1guhr5fkk.1.0.1
.travelvitals.amexgbt.com/	1970-01-20 20:00:14	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Apr+21+2023+12%3A03%3A33+GMT%2B0000+(GMT)&version=202209.1.0&isIABGlobal=false&hosts=&consentId=5ea79ea0-d415-454d-84f9-7687baf9169e&interactionCount=0&landingPath=https%3A%2F%2Ftravelvitals.amexgbt.com%2F&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0
.amexglobalbusinesstravel.com/	1970-01-20 11:14:40	Name: __cf_bm Value: 5M1SNB_Jm8XIBorkB71coG8G_f1n9gWqyVShB6IgR2Y-1682078613-0-AWpd27AWMqyIPIG0F9IBDXU5tDzOjxXGuczlI3nWVnTm1YfRg765tOukCtRd4TRPp52mMU4R3bQimG4zWpspfkY=
.amexgbt.com/	1970-01-20 11:14:40	Name: __cf_bm Value: 5M4uA7FXIfwGayKOepDY.26tfkn0xb3s2jYYe5S2Lpg-1682078613-0-AZRhJzUuLkdf/oLq6jaOD7ZFvaad+3jXbJaYln09lbx5xsqgc1+W9cuNMwmOTLDFT7uS14SviRA/xVBYxDwkMRHErdyWMVL4JhtYGNTmokzFIQyll5h75wS3S62eRRGttDjahFhK63TZFL3ai83ebPA=

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/invisible.js Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/invisible.js Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js(Line 450) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.440A4VLCC-I.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpe8kRNR2bXKNihzvDinHg9VZGBzQ/m=el_main(Line 236) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: data:text/html;charset=UTF-8;base64,PCFET0NUWVBFIGh0bWw+PGJvZHk+PHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwondXNlIHN0cmljdCc7dmFyIGU9dGhpc3x8c2VsZjtmdW5jdGlvbiBmKGEpe3JldHVybiBhfTt2YXIgaDtmdW5jdGlvbiBrKGEsYyl7dGhpcy5nPWM9PT1sP2E6IiJ9ay5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5nKyIifTt2YXIgbD17fTtmdW5jdGlvbiBtKGEpe2lmKHZvaWQgMD09PWgpe3ZhciBjPW51bGw7dmFyIGI9ZS50cnVzdGVkVHlwZXM7aWYoYiYmYi5jcmVhdGVQb2xpY3kpe3RyeXtjPWIuY3JlYXRlUG9saWN5KCJnb29nI2h0bWwiLHtjcmVhdGVIVE1MOmYsY3JlYXRlU2NyaXB0OmYsY3JlYXRlU2NyaXB0VVJMOmZ9KX1jYXRjaChkKXtlLmNvbnNvbGUmJmUuY29uc29sZS5lcnJvcihkLm1lc3NhZ2UpfWg9Y31lbHNlIGg9Y31hPShjPWgpP2MuY3JlYXRlU2NyaXB0VVJMKGEpOmE7cmV0dXJuIG5ldyBrKGEsbCl9Oy8qCgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KaWYoIWZ1bmN0aW9uKCl7aWYoc2VsZi5vcmlnaW4pcmV0dXJuIm51bGwiPT09c2VsZi5vcmlnaW47aWYoIiIhPT1sb2NhdGlvbi5ob3N0KXJldHVybiExO3RyeXtyZXR1cm4gd2luZG93LnBhcmVudC5lc2NhcGUoIiIpLCExfWNhdGNoKGEpe3JldHVybiEwfX0oKSl0aHJvdyBFcnJvcigic2FuZGJveGluZyBlcnJvciIpOwp3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsZnVuY3Rpb24oYSl7dmFyIGM9YS5wb3J0c1swXTthPWEuZGF0YTt2YXIgYj1hLmNhbGxiYWNrTmFtZS5zcGxpdCgiLiIpLGQ9d2luZG93OyJ3aW5kb3ciPT09YlswXSYmYi5zaGlmdCgpO2Zvcih2YXIgZz0wO2c8Yi5sZW5ndGgtMTtnKyspZFtiW2ddXT17fSxkPWRbYltnXV07ZFtiW2IubGVuZ3RoLTFdXT1mdW5jdGlvbihuKXtjLnBvc3RNZXNzYWdlKEpTT04uc3RyaW5naWZ5KG4pKX07Yj1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCJzY3JpcHQiKTthPW0oYS51cmwpO2Iuc3JjPWEgaW5zdGFuY2VvZiBrJiZhLmNvbnN0cnVjdG9yPT09az9hLmc6InR5cGVfZXJyb3I6VHJ1c3RlZFJlc291cmNlVXJsIjtkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGIpfSwhMCk7fSkuY2FsbCh0aGlzKTsKPC9zY3JpcHQ+PC9ib2R5Pg== Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js(Line 386) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__en.js(Line 386) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
az1.qualtrics.com
cdn-ukwest.onetrust.com
fonts.gstatic.com
geolocation.onetrust.com
sdk.joinsherpa.io
siteintercept.qualtrics.com
static-assets.qualtrics.com
translate.google.com
translate.googleapis.com
travelvitals.amexgbt.com
www.amexglobalbusinesstravel.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
104.17.208.240
151.101.1.195
194.36.55.247
194.36.55.251
2.18.232.194
2606:4700:4400::ac40:9062
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200e
44.230.1.235
095017d0434fbe11e3c51a07bb0f6ae139dde4c44bb2a70e5206c95e758f0c8e
09908aeba60bb08e88c174d2554f19b262b6474f9f4d7e0c23910addb895d76f
0a0030f912996b9311093bd65033db2c33de2293a4300cb466522b0062da1875
0c0ca2c9183566957781d4cc82c85bb4ded1ccca206ae82678a2250e68af1057
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
430a274edbc63647988751e1092bdf0f8792883a82a4a1e3a6a6b70e66cb3628
454cfd906ca03c287660fc656dd9d94fce6a228403b4c69480a2defb0c13bc33
45d2468115e6efd968b1afab799ab386be1567200952657b53e13f30f437ad7f
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ce9394fc01a6be307913365a73d6bb932d20a197b3ba3f502011129475c9472
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
530fd567a8e1b751820f8362d7858e5e805ed4e4a768e00017316c54a3def399
53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf
58902e6aac72e8b4d3f7b590fe032534eb7c5293846bec7508293b5c4b24efca
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b1f10a83bca33115d829233957441280354aa75c18a13200232d2cd7142d0e5
5b7260a0e065fc6bd843ed0c73fedec523f4fa2a6cbac6cb8155320cad45c6ab
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5d4ec0f62ef2f1446794b8f3c06ff19e892a5632343a0c64c3f6bc81f876aabd
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
66b7ba6ec8e6f2964919ba55bc9f1428fe6eff42402f00d3260d30238da044a2
6994f5d4d8ebd7cc7625e23f0ac9bafa8562a8a13cef32781abc88992061b318
6e9caae55516a4dc087ff6980903434d5b9651acc7c6e509f2b7abd72bed7b24
7ba015dc70fc1806f35a41de502301d7e7c9a3ece628afab96d9704d5f30ccee
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
80c5eb2fd1dc08db2baa381084ddce040a8abce7fd3361de1db79f790e32af48
8ddbb7c384dfad3b8f9527b0e2a1e9eee54ad282517b02e36c8613929a6c7b78
8e84237e139115ce87651758036fd271b66d015c7d207cbb62e018529abdf8e0
8f50c933b9ac5c5fb9056561e3b6673ff38aaf00d470b174928c765b87f72932
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96bd2b5ecac20fbc947c88b2824d258b699c0887f45ce2695bcfa06b8dc21712
96fe3e32b7ee68f094ba6ea93785333993f0537e212e07b67a238fd7dec622d0
97a693fe5a3b2081a2dc13deb404da700f7ca8209e7dfbe296d9e80001a2c66e
9aee43af9e957d4c23afa820116b8da335f1d30c9e1a671553162f2cafef4921
9cee939836c050afe71f628cff14c8ec2824fecd34da6e4978596c34b5285df2
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a63da8f6fc2866a1898db67b80ae0bc4acfd0756952516758b2b1ab99f0b19af
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b325503d007aba9f3f596639b7b04ee47f2ec668ea33582fa7bc0239ff953873
b5a4807c6e0f81337a30d24d00377104a6f83e05ea6ef4a6f28a529cdf6b3ec3
ba1d4ba912bac26105454ad904624c42077d233d5650fa4e7875f72eaf6f1af5
c5c2e1c40c659ebb0b4472f031cca5165d18802e0d00b76d70e73d3e19c1320e
caa4f0de33451cce32a6eb7ea8b347b0c0f717ecc4ff673a6b8685890f433bd9
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
cf0f525a093a2008e20f01bbf709e1e8840d1c49e7e05a8e7431ed71d350f30f
d5c6a8dff28afcfa83217c42920dd4b22cd328a420d0fdf5d9a27e563af96bd4
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcd817e12243f39b5312468c9585df6d261a508ba386fb60f7620ca34ead5d83
e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c
e58ac45dcaaf3cab80afd9bd9c6cb777ee9c6eb483ff0b70b9c935206ef1d9b0
eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b
ee84f35cccd4482139bcd41e7e0b932961363f9a702082b36ecb0b48921c2fc0
f1b264d9934c8ed0c2ab65db3674f8cdc48b8c8f965301ce6c76d5e1a9ab1a39
f1b46a29347f98c4452c9e512233641444def5ebf724cf4cc6a8b18709323204
f313719dda50110f5a2099a81603c5895b2a4a8646a4f669a82d5c014ba0706d
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5e8ad0ad1054e018847afab62692a3719130318bc409f745b0bb63576e2ecdb
f9d5d9cd58df9ac1af5a37fe28fa93d0d97b1f7e0a8d5e08fcb557db5a53a1d3
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
ff77a82947022c9900c23a9ed1f1cc3279c45da11c624c2afdae0c9fbfd91526
ffb81d946c38ae37f7f5549e3c2d32b6ac0bfb60b937d87e19c912b17042f87e

travelvitals.amexgbt.com Open in urlscan Pro 194.36.55.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

57 %IPv6

11 Domains

17 Subdomains

16 IPs

3 Countries

2866 kBTransfer

5969 kBSize

5 Cookies

27 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

travelvitals.amexgbt.com Open in urlscan Pro
194.36.55.251 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

57 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2866 kB
Transfer

5969 kB
Size

5
Cookies

68 HTTP transactions
2 data transactions