www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Effective URL:
https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Submission: On December 13 via manual (December 13th 2024, 2:26:43 am UTC) from CA — Scanned from IT

Summary HTTP 161 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 4 domains to perform 161 HTTP transactions. The main IP is 23.212.221.34, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 15696.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 29th 2024. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.102.62.18 104.102.62.18	16625 (AKAMAI-AS) (AKAMAI-AS)
3 10	23.212.221.34 23.212.221.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	139.71.182.30 139.71.182.30	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
56	23.212.203.180 23.212.203.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.102.33.179 104.102.33.179	16625 (AKAMAI-AS) (AKAMAI-AS)
15	139.71.21.230 139.71.21.230	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
2	139.71.6.183 139.71.6.183	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
3	104.102.60.45 104.102.60.45	16625 (AKAMAI-AS) (AKAMAI-AS)
1	139.71.7.76 139.71.7.76	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	148.173.98.154 148.173.98.154	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	198.160.127.57 198.160.127.57	15026 (ACXIOM) (ACXIOM)
2	2.23.209.189 2.23.209.189	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
28	139.71.16.158 139.71.16.158	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
5	139.71.113.91 139.71.113.91	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	139.71.89.13 139.71.89.13	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	2600:9000:249... 2600:9000:2490:6400:c:7c62:1240:93a1	16509 (AMAZON-02) (AMAZON-02)
6	139.71.125.239 139.71.125.239	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
14	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
7	34.249.87.52 34.249.87.52	16509 (AMAZON-02) (AMAZON-02)
161	19

1 104.102.62.18 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-62-18.deploy.static.akamaitechnologies.com

americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.212.221.34 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-221-34.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.182.30 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: referraluplift-eusw1-vip.americanexpress.com

referral.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 23.212.203.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-203-180.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.33.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-33-179.deploy.static.akamaitechnologies.com

global.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.71.21.230 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions2a-vip.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.71.6.183 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: rfprospectpage-euse1-vip.americanexpress.com

rfprospectpage.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.60.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-60-45.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.7.76 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: referconfigexternal-euse1-vip.americanexpress.com

referconfigexternal.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.173.98.154 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: origin-gemapp2.americanexpress.com

origin-gemapp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.160.127.57 (United States)

ASN15026 (ACXIOM, US)

aeopprodvip.acxiom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.189 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-23-209-189.deploy.static.akamaitechnologies.com

ucmapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 139.71.16.158 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi22.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.71.113.91 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: cdaas11.americanexpress.com

cdaas.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.89.13 (United States)

ASN6307 (AMERICAN-EXPRESS, US)

dynatracepsg.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:6400:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)

ct.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.71.125.239 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv4-eusw1-vip.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.249.87.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	americanexpress.com 4 redirects americanexpress.com — Cisco Umbrella Rank: 8102 www.americanexpress.com — Cisco Umbrella Rank: 15696 referral.americanexpress.com global.americanexpress.com — Cisco Umbrella Rank: 26718 functions.americanexpress.com — Cisco Umbrella Rank: 23672 rfprospectpage.americanexpress.com one-xp.americanexpress.com — Cisco Umbrella Rank: 24982 referconfigexternal.americanexpress.com — Cisco Umbrella Rank: 466016 origin-gemapp.americanexpress.com — Cisco Umbrella Rank: 30280 ucmapi.americanexpress.com — Cisco Umbrella Rank: 142942 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 20457 cdaas.americanexpress.com — Cisco Umbrella Rank: 40650 dynatracepsg.americanexpress.com — Cisco Umbrella Rank: 25367 gct.americanexpress.com — Cisco Umbrella Rank: 71276 omns.americanexpress.com — Cisco Umbrella Rank: 17209	380 KB
56	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 15341 icm.aexp-static.com — Cisco Umbrella Rank: 17411	2 MB
11	contentsquare.net ct.contentsquare.net — Cisco Umbrella Rank: 31564 c.contentsquare.net — Cisco Umbrella Rank: 4183	138 KB
1	acxiom.com aeopprodvip.acxiom.com — Cisco Umbrella Rank: 84146	442 B
161	4

	Domain	Requested by
45	www.aexp-static.com	www.americanexpress.com www.aexp-static.com
28	iwmapapi.americanexpress.com	www.aexp-static.com
15	functions.americanexpress.com	www.aexp-static.com
14	omns.americanexpress.com	www.aexp-static.com
11	icm.aexp-static.com	www.americanexpress.com www.aexp-static.com
10	www.americanexpress.com	3 redirects www.americanexpress.com
7	c.contentsquare.net
6	gct.americanexpress.com	www.aexp-static.com dynatracepsg.americanexpress.com
5	cdaas.americanexpress.com	www.aexp-static.com cdaas.americanexpress.com
4	ct.contentsquare.net	www.aexp-static.com ct.contentsquare.net
4	dynatracepsg.americanexpress.com	www.aexp-static.com
3	one-xp.americanexpress.com	www.aexp-static.com
3	global.americanexpress.com	www.aexp-static.com
2	ucmapi.americanexpress.com	www.aexp-static.com
2	rfprospectpage.americanexpress.com	www.aexp-static.com
1	aeopprodvip.acxiom.com	icm.aexp-static.com
1	origin-gemapp.americanexpress.com	www.aexp-static.com
1	referconfigexternal.americanexpress.com	www.aexp-static.com
1	referral.americanexpress.com	www.americanexpress.com
1	americanexpress.com	1 redirects
161	20

This site contains links to these domains. Also see Links.

Domain
docupload-prod.americanexpress.com
global.americanexpress.com
www.facebook.com
www.instagram.com
x.com
www.youtube.com

Subject Issuer	Validity	Valid
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-10-29` - `2025-10-28`	a year	crt.sh
referraluplift-eusw1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-09-12` - `2025-09-11`	a year	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-10-29` - `2025-10-28`	a year	crt.sh
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-10-29` - `2025-10-28`	a year	crt.sh
functions.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-08-08` - `2025-08-08`	a year	crt.sh
rfprospectpage-euse1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-09-20` - `2025-09-20`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2024-10-29` - `2025-10-28`	a year	crt.sh
referconfigexternal-euse1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-09-19` - `2025-09-18`	a year	crt.sh
origin-gemapp2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-07-03` - `2025-07-02`	a year	crt.sh
AEOPPRODVIP.ACXIOM.COM Entrust Certification Authority - L1K	`2024-02-29` - `2025-03-29`	a year	crt.sh
ucmapi.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-06-28`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-10-02` - `2025-10-01`	a year	crt.sh
cdaas.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-08-20` - `2025-08-20`	a year	crt.sh
dynatracepsg1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-07-24` - `2025-07-23`	a year	crt.sh
ct-tag.clicktale.net Amazon RSA 2048 M02	`2024-03-27` - `2025-04-26`	a year	crt.sh
gctv4-eusw1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-09-11` - `2025-09-10`	a year	crt.sh
omns.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-29` - `2025-03-27`	a year	crt.sh
dep.ba.contentsquare.net R11	`2024-10-30` - `2025-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Frame ID: F96350915BE577DD86B04ECBBE983311
Requests: 152 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express

Page URL History Show full URLs

https://americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS HTTP 301
https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS Page URL

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

161
Requests

98 %
HTTPS

5 %
IPv6

4
Domains

20
Subdomains

19
IPs

3
Countries

2121 kB
Transfer

7331 kB
Size

30
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://docupload-prod.americanexpress.com/globaluploadcenter/en_CA/entryController?inav=ca_sitefooter_form&document
Title: Form & Document Centre

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/intl/rc/canlac/profiles/rchome.do?request_type=authreg_PrivacyPrefs&linknav=CA-axpAccountManagement-PrivacyPreferences&Face=en_CA&pageId=m5&sorted_index=0&inav=ca_sitefooter_signup
Title: Sign Up for Email Offers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressCanada

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amexcanada/?hl=en

Search URL Search Domain Scan URL

URL: https://x.com/amexcanada

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpressCAD

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS HTTP 301
https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&flavor=post&vi=OGSMWDHPPGRLTQKDCIDMFHOEIHCAERLU-0&modifiedSince=1727660546378&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv~A~I~B~H~C~N~W~g~p-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&bp=3&app=bf05ef884b484fae&crc=692782759&en=jf4wyxxa&end=1 HTTP 301
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

Request Chain 159

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&flavor=post&vi=OGSMWDHPPGRLTQKDCIDMFHOEIHCAERLU-0&modifiedSince=1727660546378&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv~A~I~B~H~C~N~W~g~p-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&bp=3&app=bf05ef884b484fae&crc=497621858&en=jf4wyxxa&end=1 HTTP 301
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

Request Chain 165

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&flavor=post&vi=OGSMWDHPPGRLTQKDCIDMFHOEIHCAERLU-0&modifiedSince=1727660546378&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv~A~I~B~H~C~N~W~g~p-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&bp=3&app=bf05ef884b484fae&crc=4016852402&en=jf4wyxxa&end=1 HTTP 301
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

161 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cobalt Show response
www.americanexpress.com/en-ca/referral/
Redirect Chain

https://americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

361 KB
71 KB

522ms
371ms

Document
text/html

23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

f13f8e07f0791297d73ea8672c50466c5cbc949d8ce7d3cd50eab77a7f9d9c1a

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'self' .aexp.com wss://.americanexpress.com .aexp-static.com .americanexpress.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'nonce-4072517c-3d19-4875-af98-024745ea50f3' 'self' .aexp.com .aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com secure.adnxs.com go.affec.tv .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com cdn.optimizely.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com .americanexpress.com logx.optimizely.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
content-security-policy: report-uri https://referral.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'self' *.aexp.com wss://*.americanexpress.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'nonce-4072517c-3d19-4875-af98-024745ea50f3' 'self' *.aexp.com *.aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com secure.adnxs.com go.affec.tv *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com cdn.optimizely.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com *.americanexpress.com logx.optimizely.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
content-type: text/html; charset=utf-8
date: Fri, 13 Dec 2024 02:26:34 GMT
etag: W/"59f0e-rjQXOxv3VglOE37GTdViIy0oq1k"
one-app-version: 5.25.0-61e4465e
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 62718 0 pmb=mTOE,3mRUM,1
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 85
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 13 Dec 2024 02:26:33 GMT
Location: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Server: AkamaiGHost

POST
H/1.1 204
No Content csp-violation
referral.americanexpress.com/_/report/security/ 0
10 KB 1055ms
248ms Other
text/plain 139.71.182.30
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://referral.americanexpress.com/_/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.182.30 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

referraluplift-eusw1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com wss://.americanexpress.com .aexp-static.com .americanexpress.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-03a35744-a25e-4445-b633-f9cf85645797' 'self' .aexp.com .aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com secure.adnxs.com go.affec.tv .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com cdn.optimizely.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com .americanexpress.com logx.optimizely.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/csp-report
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: report-uri https://referral.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com wss://*.americanexpress.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-03a35744-a25e-4445-b633-f9cf85645797' 'self' *.aexp.com *.aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com secure.adnxs.com go.affec.tv *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com cdn.optimizely.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com *.americanexpress.com logx.optimizely.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 25
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: https://www.americanexpress.com
one-app-version: 5.25.0-61e4465e
date: Fri, 13 Dec 2024 02:26:35 GMT
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: SAMEORIGIN

GET
H2 200 42489344 Show response
www.americanexpress.com/akam/13/ 26 KB
9 KB 51ms
51ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/42489344

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

4169bc21e9a01b4091e544d8cda09876801fd0a3a0bc75c64de3da5ee131faac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Response headers

cache-control: max-age=21600
content-encoding: gzip
etag: "da1fa8ff2c24185f64e3084f40cc5c6175e63937710f730c87cd142a1463b314"
content-length: 8749
date: Fri, 13 Dec 2024 02:26:34 GMT
stored-attribute-sha-checksum: 4169bc21e9a01b4091e544d8cda09876801fd0a3a0bc75c64de3da5ee131faac
last-modified: Thu, 22 Feb 2024 19:52:40 GMT
content-type: application/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
1 KB 212ms
53ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"5dbb1bcf-962"
content-length: 989
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
vary: Origin, Accept-Encoding

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
922 B 213ms
55ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"5dbb1bcf-66e"
content-length: 743
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
vary: Origin, Accept-Encoding

GET
H2 200 cobalt.png
icm.aexp-static.com/Internet/MemberGetMember/card-art/CA_en/mgmee/ 28 KB
28 KB 535ms
392ms Image
image/avif 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/Internet/MemberGetMember/card-art/CA_en/mgmee/cobalt.png

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

713f125a8619c83181567974e20e45c2ae6c9a2bd78728f2db628b041277c5e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: default-src 'self'
cache-control: private, no-transform, max-age=40990
etag: "11fc5-5c9a676eb5c9f-gzip"
expires: Fri, 13 Dec 2024 13:49:44 GMT
access-control-allow-origin: *
content-length: 28249
date: Fri, 13 Dec 2024 02:26:34 GMT
last-modified: Wed, 09 Oct 2024 16:05:28 GMT
content-type: image/avif
server: Akamai Image Manager
access-control-allow-headers: Content-Type

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ 36 KB
37 KB 205ms
56ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer: https://www.americanexpress.com/

Response headers

cache-control: max-age=15552000
timing-allow-origin: *
etag: "5b749111-9121"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Mon, 25 Jan 2021 11:07:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37153
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: font/woff
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
38 KB 290ms
141ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer: https://www.americanexpress.com/

Response headers

cache-control: max-age=15552000
timing-allow-origin: *
etag: "5b749111-94c5"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Tue, 02 Mar 2021 18:31:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38085
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: font/woff
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 481b5db4-48a0-4c43-ae8b-fd1a0b7cb481-3.woff
www.aexp-static.com/nav/ngn/fonts/ 34 KB
34 KB 250ms
101ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/481b5db4-48a0-4c43-ae8b-fd1a0b7cb481-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 761b183fee71a413d5cbefe4196ea222efda5a4295cd7c6254dfee22891d07e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer: https://www.americanexpress.com/

Response headers

cache-control: max-age=15552000
timing-allow-origin: *
etag: "5b749111-882e"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Sun, 07 Mar 2021 23:57:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34862
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: font/woff
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/ 470 KB
126 KB 278ms
132ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3404d578aac9a2f533e50fe62ca0a021f95c64c567079bb3fc2c20ccc9cd7cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66671a24-7597a"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 128907
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2024 15:22:12 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/ 16 KB
6 KB 147ms
146ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66671a24-3e70"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 5625
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2024 15:22:12 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/ 174 KB
55 KB 148ms
148ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45e6f3e6847536e5fb63d629bed17ffb329fe44699356518657491a69d74e869

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66671a24-2b640"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 55896
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2024 15:22:12 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 en-CA.js Show response
www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/i18n/ 3 KB
1 KB 160ms
159ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/i18n/en-CA.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24323f5746c5b13c13e34cf9ee63bebc972b7371f776bfabb66b7317b9b4636d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66671a24-da2"
access-control-allow-origin: https://www.americanexpress.com
content-length: 1300
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2024 15:22:12 GMT
vary: Origin, Accept-Encoding

GET
H2 200 axp-refer-root.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/ 831 KB
220 KB 160ms
159ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/axp-refer-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cc72ebf2733f38d61a6bd6e96c50008327682007bc692476c7e42a5c3a15d4d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67348a33-cfde6"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 224742
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 11:14:59 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-refer-hub.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-refer-hub/2.0.0/ 511 KB
133 KB 188ms
187ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-hub/2.0.0/axp-refer-hub.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a9fa0b54d7def7bbe2450027091de984a18fb53de96b6f43cc75857e326748cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66b088a9-7facc"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 135882
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 08:09:13 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-refer-prospect.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-refer-prospect/2.9.1/ 1 MB
350 KB 199ms
199ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-prospect/2.9.1/axp-refer-prospect.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee97bc4ea8ebeb26d22a1ba5278ba35a19219d8ea161b468b1a0638b2c5af989

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"673487e1-15995a"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 357539
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 11:05:05 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-footer.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.31.3/ 328 KB
85 KB 220ms
220ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.31.3/axp-footer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4e2a19b98bc21c22e95c1ef85600f2ec5f2e6562f9a65a2dc4a1d8a893db732

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"666a8bf4-51fc7"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 86128
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Thu, 13 Jun 2024 06:04:36 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-global-header.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.4.3/ 262 KB
60 KB 225ms
225ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.4.3/axp-global-header.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72491674ec27771c05a32274b5d8eab748fe34c799dfae4a8fde514e67c26822

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"666bbac9-4176d"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 61248
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Fri, 14 Jun 2024 03:36:41 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/ 137 KB
38 KB 232ms
232ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0259245f15c129a1bb6cae4e940200ccde42cd4a7a12e8d182580578446506c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66671a24-22390"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 38943
date: Fri, 13 Dec 2024 02:26:34 GMT
content-type: application/javascript
last-modified: Mon, 10 Jun 2024 15:22:12 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Ah4jUykB Show response
www.americanexpress.com/zpK5s8lMJy3yN/gD1jRGAaNXk/nN0/1E9hmGhJGwGb/C2ABPgcD/SyR4/ 335 KB
114 KB 144ms
144ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zpK5s8lMJy3yN/gD1jRGAaNXk/nN0/1E9hmGhJGwGb/C2ABPgcD/SyR4/Ah4jUykB

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

6f13ed083e9e121eb7aed85a09e1d6875b2ac8a19ae141d11c689fded2a31fab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=21600
content-encoding: br
stored-attribute-stored-attribute-sha-checksum: 6f13ed083e9e121eb7aed85a09e1d6875b2ac8a19ae141d11c689fded2a31fab
stored-attribute-stored-attribute-checksum: 9728f61ed50f1c61553ebdf626470e8e
stored-attribute-stored-attribute-uploaded-on: 2024-12-04T19:09:28.478594
content-length: 115944
stored-attribute-stored-attribute-uploaded-by: jenkins
date: Fri, 13 Dec 2024 02:26:34 GMT
last-modified: Wed, 04 Dec 2024 19:09:28 GMT
content-type: application/javascript
vary: Accept-Encoding
time-to-live-seconds: 1796472

OPTIONS
H2 200 member
global.americanexpress.com/api/servicing/v1/ 0
0 416ms
229ms Preflight 104.102.33.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/api/servicing/v1/member?refresh=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.33.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-33-179.deploy.static.akamaitechnologies.com

Software

BigIP /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
date: Fri, 13 Dec 2024 02:26:35 GMT
server: BigIP
strict-transport-security: max-age=15768000 ; includeSubDomains

OPTIONS
H2 200 ReadCustomerProducts.v2
functions.americanexpress.com/ 0
0 569ms
193ms Preflight 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/ReadCustomerProducts.v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Fri, 13 Dec 2024 02:26:35 GMT

GET
H2 401 member Show response
global.americanexpress.com/api/servicing/v1/ 222 B
1 KB 331ms
201ms Fetch
application/json 104.102.33.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/api/servicing/v1/member?refresh=true

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.33.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-33-179.deploy.static.akamaitechnologies.com

Software

Resource Hash

589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
access-control-allow-methods
expires: -1
access-control-allow-origin: https://www.americanexpress.com
correlation_id: cd44afb71734056795493
content-length: 222
date: Fri, 13 Dec 2024 02:26:35 GMT
content-type: application/json;charset=iso-8859-1
access-control-allow-headers

POST
H2 401 ReadCustomerProducts.v2 Show response
functions.americanexpress.com/ 228 B
975 B 551ms
202ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadCustomerProducts.v2

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
one-data-correlation-id: 5c780511-6f4e-4ce5-8cf0-eeeb91c049dc

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS,GET
x-content-type-options: nosniff
access-control-allow-origin: https://www.americanexpress.com
content-length: 199
date: Fri, 13 Dec 2024 02:26:35 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

POST
H2 201 Ah4jUykB Show response
www.americanexpress.com/zpK5s8lMJy3yN/gD1jRGAaNXk/nN0/1E9hmGhJGwGb/C2ABPgcD/SyR4/ 18 B
1 KB 232ms
231ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zpK5s8lMJy3yN/gD1jRGAaNXk/nN0/1E9hmGhJGwGb/C2ABPgcD/SyR4/Ah4jUykB

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/zpK5s8lMJy3yN/gD1jRGAaNXk/nN0/1E9hmGhJGwGb/C2ABPgcD/SyR4/Ah4jUykB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Response headers

x-frame-options: SAMEORIGIN
alb-failover-nimval: 0
access-control-allow-credentials: true
x_req_id: 8af1fe7c-32cc-44c1-8932-b1fd9f06bb61
access-control-allow-origin: https://www.americanexpress.com
content-length: 18
date: Fri, 13 Dec 2024 02:26:35 GMT
content-type: application/json
vary: Origin
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
www.americanexpress.com/ 1 KB
2 KB 53ms
53ms Other
image/x-icon 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

265d3f591d92fadfe95f4660c382ee64a23538a7353b9880434205a102833de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
x-dt-tracestate: a592b1a2-bb496006@dt
content-encoding: gzip
traceresponse: 00-cf8ee1a9afb0350538d97ec740badc60-7dd1e728ee6038c3-01
x-cnection: close
accept-ranges: bytes
content-length: 1381
date: Fri, 13 Dec 2024 02:26:34 GMT
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
vary: Accept-Encoding
content-type: image/x-icon
x-frame-options: SAMEORIGIN

POST
H2 200 pixel_42489344 Show response
www.americanexpress.com/akam/13/ 0
739 B 59ms
56ms XHR
text/html 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/pixel_42489344

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/akam/13/42489344

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS

Response headers

content-length: 0
date: Fri, 13 Dec 2024 02:26:35 GMT
content-type: text/html
alb-failover-nimval: 0
x-frame-options: SAMEORIGIN

OPTIONS
H/1.1 200
OK vAIBHCNWgp
rfprospectpage.americanexpress.com/refer/api/v2/content/mgmee/ca/en/ 0
0 583ms
148ms Preflight 139.71.6.183
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://rfprospectpage.americanexpress.com/refer/api/v2/content/mgmee/ca/en/vAIBHCNWgp?xLink=MIMNS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.6.183 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

rfprospectpage-euse1-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: browser-area,hardware-concurrency,max-touch-points,page-id,plugin-touch-points,referring-url,resolution
Access-Control-Request-Method: GET
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Transfer-Encoding: chunked
access-control-allow-credentials: true
access-control-allow-headers: browser-area, hardware-concurrency, max-touch-points, page-id, plugin-touch-points, referring-url, resolution
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: https://www.americanexpress.com
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
date: Fri, 13 Dec 2024 02:26:36 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 14
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ 0
0 396ms
234ms Preflight 104.102.60.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.60.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-60-45.deploy.static.akamaitechnologies.com
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 13 Dec 2024 02:26:36 GMT
Expires: Fri, 13 Dec 2024 02:26:36 GMT
Pragma: no-cache
Server: BigIP

GET
H/1.1 200
OK en-CA.json Show response
referconfigexternal.americanexpress.com/frontend-configurations/refer-experiments/prop-tests/ 506 B
1 KB 1888ms
205ms Fetch
application/json 139.71.7.76
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://referconfigexternal.americanexpress.com/frontend-configurations/refer-experiments/prop-tests/en-CA.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.7.76 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: referconfigexternal-euse1-vip.americanexpress.com
Software: /
Resource Hash: 13f41ab18a921bc5c481ab835ad66199bd99b838f8b7f960e179fb04c7c8494f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-ecm-dc: e3_ipc2
x-dt-tracestate: 391d78c4-7cfa2f8e@dt
access-control-expose-headers: *
x-ecm-server: onboard-deployment-d788bccb7-vkw4m
x-envoy-upstream-service-time: 21
etag: "1804101390"
access-control-allow-credentials: true
traceresponse: 00-83e5402fdb9fb03bae3537a767e3278a-be228d062ba427c1-01
access-control-allow-origin: *
content-length: 506
x-config-index: 33824123
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/json
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,origin

GET
H/1.1 200
OK vAIBHCNWgp Show response
rfprospectpage.americanexpress.com/refer/api/v2/content/mgmee/ca/en/ 235 KB
48 KB 841ms
432ms Fetch
application/json 139.71.6.183
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://rfprospectpage.americanexpress.com/refer/api/v2/content/mgmee/ca/en/vAIBHCNWgp?xLink=MIMNS

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.6.183 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

rfprospectpage-euse1-vip.americanexpress.com

Software

Resource Hash

9758039d9550c37346a808f8766f9103e5249e8b0487f00530c6ff8c0311402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Hardware-Concurrency: 28
Page-Id: MGM_LANDING_PAGE
Referer
Device-Memory: 8
Max-Touch-Points: 0
Plugin-Touch-Points: PDF Viewer;Chrome PDF Viewer;Chromium PDF Viewer;Microsoft Edge PDF Viewer;WebKit built-in PDF;refresh
Referring-Url
Resolution: 1600X1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Browser-Area: 1600X1200

Response headers

Transfer-Encoding: chunked
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-envoy-upstream-service-time: 287
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: 0
access-control-allow-origin: https://www.americanexpress.com
date: Fri, 13 Dec 2024 02:26:37 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: DENY

GET
H2 200 dls-icon-close-filled.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 302 B
452 B 668ms
668ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-close-filled.svg

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-prospect/2.9.1/axp-refer-prospect.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

325f10740c230484078671ee380ed04e20326e6b286ab9fc3a25812b472e1281

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "12e-57d5d673d34ed-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 193
date: Fri, 13 Dec 2024 02:26:36 GMT
last-modified: Wed, 19 Dec 2018 10:23:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 axp-glyph-left.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 352 B
503 B 616ms
616ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-glyph-left.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

1035d322cba69e89d47322dc4b1e5b1b6b3b2e5079e3f3562591439fd2d52078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "160-5b957d419175d-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 245
date: Fri, 13 Dec 2024 02:26:36 GMT
last-modified: Wed, 20 Jan 2021 16:55:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 dls-icon-check-filled.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 308 B
480 B 750ms
750ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-check-filled.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

779b90e8d9fe2281d069988b6263ce3b5f8f1b9144c919f9492e7fbe6d026cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "134-57d5d673e3639-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 223
date: Fri, 13 Dec 2024 02:26:36 GMT
last-modified: Wed, 19 Dec 2018 10:23:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 470 B
486 B 204ms
204ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/axp-refer-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

453cfa88f8cfea4fdcdddeb8a374ac98ad2fab6bd27112e5159cc6a24c2eab94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 326
date: Fri, 13 Dec 2024 02:26:35 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 496 B
415 B 214ms
214ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dxt-script-supplier-helper&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/axp-refer-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

4b11fd93b88beb8b48a1c1974eb88cddf4722c002468996db1c77d07e0bac7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 325
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 525 B
2 KB 565ms
456ms Fetch
application/json 104.102.60.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://one-xp.americanexpress.com/variant/find

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.60.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-60-45.deploy.static.akamaitechnologies.com

Software

Resource Hash

23e9fe7e5ca1d75773857e1564e59048d94ea9c7bfe76e761e846a03824d7d70

Security Headers

Name	Value
Content-Security-Policy	default-src https://one-xp.americanexpress.com/wiEBLxom47ej/TKBPEX/5Ge4-O/aa5NXbLwLzQS/HxNednQ/cFt-USYg/SXYB 'nonce-160adbf256a6d2a46e0f6f409b075bbd' 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

Access-Control-Max-Age: 86400
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Expires: Fri, 13 Dec 2024 02:26:36 GMT
Date: Fri, 13 Dec 2024 02:26:36 GMT
Content-Type: application/json
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
strict-transport-security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src https://one-xp.americanexpress.com/wiEBLxom47ej/TKBPEX/5Ge4-O/aa5NXbLwLzQS/HxNednQ/cFt-USYg/SXYB 'nonce-160adbf256a6d2a46e0f6f409b075bbd' 'none'; frame-ancestors 'none'
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 82
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Length: 525

GET
H/1.1 200
OK eazynavlocale.json Show response
origin-gemapp.americanexpress.com/content/dam/Navigation/EazyNavLocale/prod/ 637 B
806 B 711ms
175ms Fetch
application/json 148.173.98.154
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://origin-gemapp.americanexpress.com/content/dam/Navigation/EazyNavLocale/prod/eazynavlocale.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.31.3/axp-footer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.173.98.154 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

origin-gemapp2.americanexpress.com

Software

Resource Hash

dc5e4eca7a50c8c8e6907ba9d79340c7ad825a442254949f145c2a4911cf7dac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src 'self'
Cache-Control: public, max-age=86400, must-revalidate
Content-Encoding: gzip
ETag: "27d-624ff7055dffe-gzip"
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 258
Date: Fri, 13 Dec 2024 02:26:36 GMT
Last-Modified: Mon, 21 Oct 2024 16:49:40 GMT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type

GET
H2 200 axp-footer.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.31.3/en-ca/ 8 KB
3 KB 76ms
76ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.31.3/en-ca/axp-footer.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: acd58ff5965a047540bd61471ac7cd3b79f3128f01d464fa35a3b667264f79e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"666a8be7-218b"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 2173
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/json
last-modified: Thu, 13 Jun 2024 06:04:23 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 ClickStreamVars.js Show response
icm.aexp-static.com/Internet/US/DARE/ 3 KB
1 KB 53ms
53ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/US/DARE/ClickStreamVars.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
content-security-policy: default-src 'self'
cache-control: public, must-revalidate, max-age=14244
content-encoding: br
etag: "bbe-5bc03519ae7d0-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 837
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 12:04:46 GMT
server: Akamai Resource Optimizer
access-control-allow-headers: Content-Type

POST
H/1.1 206
Partial Content v2clickStream Show response
aeopprodvip.acxiom.com/services/ 0
442 B 691ms
188ms XHR
text/html 198.160.127.57
ACXIOM

General

Check archive.org

Show headers Download Go to

Full URL

https://aeopprodvip.acxiom.com/services/v2clickStream

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/Internet/US/DARE/ClickStreamVars.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

198.160.127.57 , United States, ASN15026 (ACXIOM, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age:31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age:31536000
Access-Control-Max-Age: 1800
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.americanexpress.com
Date: Fri, 13 Dec 2024 02:26:36 GMT
Content-Type: text/html
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Referer

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 2 KB
890 B 51ms
50ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"5daa1799-693"
content-length: 712
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
vary: Origin, Accept-Encoding

GET
H2 200 dls-flag-ca.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/ 754 B
678 B 50ms
50ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/dls-flag-ca.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38e8d1f0a31a3297886ced526ea85641ba835f737ccdba53c6c96c201029be90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"60dde06f-2f2"
access-control-allow-origin: https://www.americanexpress.com
content-length: 473
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: image/svg+xml
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
vary: Origin, Accept-Encoding

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1985974bb54604254090ce6ac2267c7650f4cf9354edafcaaebd14ade3ce4d52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/user-consent-management/ucm/v1.14.4/ 330 KB
85 KB 51ms
51ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.14.4/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/axp-refer-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8fdc3754ff585f819232bdea28582b9eca7edae5e8ce225dcb744c8a409c1e5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"6736bbbe-5267a"
access-control-allow-origin: https://www.americanexpress.com
content-length: 86287
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 03:10:54 GMT
vary: Origin, Accept-Encoding

GET
H2 200 dxt-script-supplier-helper.js Show response
www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/ 66 KB
26 KB 61ms
61ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-refer-root/2.9.1/axp-refer-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9c2998a80501d02682f91794d2ab60f495195d119cf112da60340d8ba661fc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66f62491-108d9"
access-control-allow-origin: https://www.americanexpress.com
content-length: 26416
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 03:20:49 GMT
vary: Origin, Accept-Encoding

OPTIONS
H2 204 check
ucmapi.americanexpress.com/api/v1/geo_location/ 0
0 424ms
268ms Preflight 2.23.209.189
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://ucmapi.americanexpress.com/api/v1/geo_location/check
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.189 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-209-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: url
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: url
access-control-allow-origin: https://www.americanexpress.com
alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
date: Fri, 13 Dec 2024 02:26:36 GMT
expires: Fri, 13 Dec 2024 02:26:36 GMT
pragma: no-cache
server-timing: ak_p; desc="1734056796379_35115069_145369079_22448_2790_43_81_219";dur=1
vary: access-control-request-headers
x-envoy-upstream-service-time: 30

POST
H3 200 check Show response
ucmapi.americanexpress.com/api/v1/geo_location/ 35 B
61 B 305ms
258ms Fetch
application/json 2.23.209.189
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://ucmapi.americanexpress.com/api/v1/geo_location/check
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.14.4/UCM.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.23.209.189 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-209-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82742d4fbb5680aa966ecaa06a9dfb79960d6bf6ed224305ced29de98e958f44

Request headers

url: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 20
pragma: no-cache
access-control-allow-credentials: true
quic-version: 0x00000001
expires: Fri, 13 Dec 2024 02:26:36 GMT
access-control-allow-origin: https://www.americanexpress.com
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=134, ak_p; desc="1734056796729_35115069_145369187_21533_3912_-_-_-";dur=1
content-length: 35
alt-svc: h3=":443"; ma=93600
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/json
vary: origin

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 468 B
409 B 197ms
196ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=datapoint-script&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

deaeff144c065ecf5de6ce5eecee5dd83b3df983265f74c5966c22567d3262c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 320
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 496 B
429 B 195ms
194ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-stream-data-handler&version=%5E0.1.2&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

6990e72381e9dfa3490075f6c3c212929f27908e46ef3e74769aae3500a1585a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 339
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 467 B
420 B 203ms
202ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dynatrace&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

dab7d2b6fa33cbbcee4804a95db6018d2343aa6df0684e7c6f4bb1382622e929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 330
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 467 B
413 B 217ms
216ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-identity-session&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

0989c4b6301c4a9498b7cf0a4e4825157600389489becec861ddfb81b9d22cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 323
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 486 B
430 B 208ms
207ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=acquisition-pznid&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

7c312e22281a77b02dfc1a7f8c9954d0344bd6fa86242ebf616e2a6f6c01f470

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 340
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 482 B
426 B 204ms
204ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=contentsquare&version=%5E1.0.2&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

552c3805747637b67bf7e04603181f56a50f525ce2855a5e3780c5e3a801b3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 336
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 471 B
425 B 210ms
210ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

3a250b26f0dff0668618e704e90b15f00ae11b538a6bccb79078837288112895

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 335
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 473 B
426 B 214ms
214ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=%5E1.0.0&environment=e3&cache=1734056

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

e586121e607c7d7a8d7277f14a5b3043406dc1f140b85e30e601336b15f0e824

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
http_status_code: 200
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
content-length: 336
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 oneStream.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/ 2 KB
1 KB 80ms
79ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0833876323a5664a12f47570443cf4fe37daa0dacd6d0006b1c7744ce2a61040

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66ce1a74-931"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 1039
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 18:27:00 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 entrypoint-15983.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/ 75 KB
24 KB 65ms
65ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 447ca59fe275a60d1c770bcbc6f14482ca1fde1d2bd7eded98d40873b817650d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592008-12db6"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 24282
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:52 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 timeout.js Show response
www.aexp-static.com/cdaas/one/one-identity-session/1.42.2/ 39 KB
12 KB 109ms
109ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.42.2/timeout.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2987d3332770688f9edaeb8d7eb1b0c597eb35b90f5b2917d92571a06491f349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"6733865c-9b63"
access-control-allow-origin: https://www.americanexpress.com
content-length: 12346
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 16:46:20 GMT
vary: Origin, Accept-Encoding

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 534ms
172ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
408 B 695ms
334ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 699ms
335ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 698ms
338ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 699ms
335ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 697ms
335ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 695ms
334ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 696ms
334ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 696ms
334ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 531ms
169ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 534ms
173ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 532ms
170ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 532ms
170ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 533ms
171ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 532ms
171ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ 0
0 532ms
170ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/ 82 KB
21 KB 81ms
80ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 93b42bbb842957205e2919d437303c71bbecdd7e18a2f8157162c4331e113fae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-148e6"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 20915
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/ 44 KB
33 KB 82ms
82ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29b6a526f09421e1c4243c6fc5631d86b19f009ce01dc594fe8264ac8e4f9f8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-b12b"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 33447
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/ 22 KB
6 KB 83ms
83ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.138.0/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c79f4e5beda58417f3ca53f5dd63cb394b0b39c6f96cd40e08e8783f869d34f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-58be"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 5369
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/ 206 B
556 B 83ms
83ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: "67592006-ce"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
accept-ranges: bytes
access-control-allow-origin: https://www.americanexpress.com
content-length: 165
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/ 283 B
611 B 84ms
84ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-11b"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 226
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/ 238 B
571 B 84ms
83ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.138.0/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: "67592006-ee"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
accept-ranges: bytes
access-control-allow-origin: https://www.americanexpress.com
content-length: 181
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

OPTIONS
H2 200 UpdateUserSession.v1
functions.americanexpress.com/ 0
0 182ms
182ms Preflight 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type
access-control-allow-methods: POST,OPTIONS,GET
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Fri, 13 Dec 2024 02:26:36 GMT

POST
H2 401 UpdateUserSession.v1 Show response
functions.americanexpress.com/ 228 B
291 B 202ms
201ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/UpdateUserSession.v1

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.42.2/timeout.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
one-data-correlation-id: 13d675bb-ba5b-4ffe-8998-a2ddb0ae6c91

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS,GET
x-content-type-options: nosniff
access-control-allow-origin: https://www.americanexpress.com
content-length: 199
date: Fri, 13 Dec 2024 02:26:36 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 info.filled.svg
www.aexp-static.com/one/universal-session-manager-assets/ 361 B
416 B 535ms
535ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/one/universal-session-manager-assets/info.filled.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"64645ea9-169"
content-length: 235
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: image/svg+xml
last-modified: Wed, 17 May 2023 04:57:13 GMT
vary: Origin, Accept-Encoding

GET
H2 200 tag-589813-sha256-wC3Ro2rcCpLmH_ZOkVmDJ2p7JdAM69iZPEQeL7uXPtE=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 487 B
647 B 146ms
146ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-589813-sha256-wC3Ro2rcCpLmH_ZOkVmDJ2p7JdAM69iZPEQeL7uXPtE=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c02dd1a36adc0a92e61ff64e915983276a7b25d00cebd8993c441e2fbb973ed1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-1e7"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 262
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 tag-616307-sha256-xZN2gDttKSv1IKGvC1T_ihC87zyaPxVcFRD0eNTe_ag=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 426 B
649 B 52ms
52ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-616307-sha256-xZN2gDttKSv1IKGvC1T_ihC87zyaPxVcFRD0eNTe_ag=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c59376803b6d292bf520a1af0b54ff8a10bcef3c9a3f155c1510f478d4defda8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"6736cbe2-1aa"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 263
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 04:19:46 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 tag-1-sha256-gLiBpLl0WXM5qkh3QSzur2kz0yJLiBD8BfENWEaxLj4=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 16 KB
3 KB 52ms
52ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-1-sha256-gLiBpLl0WXM5qkh3QSzur2kz0yJLiBD8BfENWEaxLj4=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80b881a4b974597339aa4877412ceeaf6933d3224b8810fc05f10d5846b12e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-3eaf"
access-control-allow-origin: https://www.americanexpress.com
content-length: 2597
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding

GET
H2 200 tag-507585-sha256-93RwMgPNPEC-rW_9mV4xzWKm3ViYw5nKBDcFAw7x2TE=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 1 KB
857 B 54ms
53ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-507585-sha256-93RwMgPNPEC-rW_9mV4xzWKm3ViYw5nKBDcFAw7x2TE=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f774703203cd3c40bead6ffd995e31cd62a6dd5898c399ca043705030ef1d931

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-53b"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 471
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK ac.js Show response
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/1.0.0/ 3 KB
1 KB 980ms
245ms Script
application/javascript 139.71.113.91
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdaas.americanexpress.com/api/axpi/ensighten/adchoice/1.0.0/ac.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.113.91 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: cdaas11.americanexpress.com
Software: /
Resource Hash: 339c0acde101c56998e20064e031667b66a17f8979b7ac5aef6fcb3215e97b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=31536000, must-revalidate
Timing-Allow-Origin: *
Content-Encoding: br
ETag: W/"5ea72c40-d5f"
Connection: keep-alive
Date: Fri, 13 Dec 2024 02:26:37 GMT
Content-Type: application/javascript
Last-Modified: Mon, 27 Apr 2020 19:02:24 GMT
Vary: Origin

GET
H2 200 tag-589814-sha256-PnUHreohyV02jNkp9qe8rilvO4Etd5MpEqU100DpAxM=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 5 KB
1 KB 132ms
132ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-589814-sha256-PnUHreohyV02jNkp9qe8rilvO4Etd5MpEqU100DpAxM=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e7507adea21c95d368cd929f6a7bcae296f3b812d77932912a535d340e90313

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"6736cbe2-121c"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 1034
date: Fri, 13 Dec 2024 02:26:36 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 04:19:46 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 tag-600702-sha256-ZsmA1rzdyhVS2eKNzJ-qhCcxxV8kDH8q7nmGUTmG8Sg=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 5 KB
1 KB 211ms
211ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-600702-sha256-ZsmA1rzdyhVS2eKNzJ-qhCcxxV8kDH8q7nmGUTmG8Sg=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66c980d6bcddca1552d9e28dcc9faa842731c55f240c7f2aee7986513986f128

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67592006-121b"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 1039
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 05:15:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 datapoint.js Show response
www.aexp-static.com/cdaas/datapoint-script/datapoint/v1.64.0/ 105 KB
34 KB 51ms
50ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/datapoint-script/datapoint/v1.64.0/datapoint.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d985da9c001d2d53c0294fec26cf165c32ab365b499d72524193ec0e56f27f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66fc2667-1a51a"
access-control-allow-origin: https://www.americanexpress.com
content-length: 34347
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 16:42:15 GMT
vary: Origin, Accept-Encoding

GET
H2 200 dynatrace.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/ 451 B
716 B 52ms
51ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/dynatrace.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 290a5433663937d2eb7372cd4b6d2f62c6c4a8ebc5f317c1b6b8e8ca7e8d7939

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"65413395-1c3"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 330
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 17:04:21 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 contentsquare.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/v1.0.52/ 742 B
701 B 52ms
51ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/v1.0.52/contentsquare.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8343c0a21485be3b849d25d763bb7984c67718931c3d8ed3a796596b17e7a6d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"672ced28-2e6"
access-control-allow-origin: https://www.americanexpress.com
content-length: 490
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 16:39:04 GMT
vary: Origin, Accept-Encoding

GET
H2 200 pznid.js Show response
www.aexp-static.com/cdaas/digital-acquisition/scripts/@americanexpress/pznid/1.0.0/ 349 B
673 B 524ms
524ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/digital-acquisition/scripts/@americanexpress/pznid/1.0.0/pznid.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c7e0f5644c4e38e06f81ae776f698e65417d68c141be3cc12421a2a4deb56c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"66ffb5fb-15d"
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: https://www.americanexpress.com
content-length: 285
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 09:31:39 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 adobe-wrapper.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/adobe-wrapper/v1.10.0/ 4 KB
1 KB 52ms
52ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/adobe-wrapper/v1.10.0/adobe-wrapper.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.2/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a87df0d1b012a59773ea451acf48d696d4e3445f8eeee24376baf6f0018e46e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67341df0-f79"
access-control-allow-origin: https://www.americanexpress.com
content-length: 1093
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 03:33:04 GMT
vary: Origin, Accept-Encoding

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 22 KB
6 KB 65ms
65ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.138.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e9b1fcd035d2310a60a9d365ff66db5cff884a8d57c483bbc152a4414f8f5f49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"670d8a18-565b"
content-length: 5656
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 21:16:08 GMT
vary: Origin, Accept-Encoding

GET
H/1.1 200
OK BF05EF884B484FAE_complete.js Show response
dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/ 227 KB
87 KB 908ms
223ms Script
application/javascript 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/dynatrace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 39cf537c7d81a73e36743746f302744e484a987db6229c6e77d681c3447344c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=3600
Timing-Allow-Origin: *
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods
Expires: Fri, 13 Dec 2024 02:59:49 GMT
Access-Control-Allow-Origin: *
Date: Fri, 13 Dec 2024 02:26:37 GMT
Content-Type: application/javascript;charset=utf-8
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Headers

GET
H2 200 uxa.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ 486 KB
101 KB 172ms
41ms Script
application/javascript 2600:9000:2490:6400:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/uxa.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/v1.0.52/contentsquare.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6ddccc264c30cdd602670a4adb0c7e05e08fdb9b481f7f5e6229f8cb0ecca23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

content-encoding: br
etag: "4b924c4d46f3690b9845f5b3431597f1"
x-amz-version-id: daezVE7qC_gmzvyZO4shHVX0qbpHsfuK
age: 0
x-cache: Hit from cloudfront
x-amz-cf-id: tHGYzlmmBrEZt-Bx0RlRkTu8Pee_YRUbubwrmVc36BgnS_M4jWT1vQ==
date: Thu, 12 Dec 2024 12:33:13 GMT
content-type: application/javascript;charset=utf-8
last-modified: Tue, 05 Nov 2024 20:48:05 GMT
cache-control: max-age=900
timing-allow-origin: *
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 103178
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 0
907 B 795ms
224ms XHR
text/plain 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 38
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

GET 071cfbb2-d5a2-4f71-9a70-5447850cf5d7
https://www.americanexpress.com/ 0
0

GET
H2 200 ptc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ 74 KB
15 KB 39ms
38ms Script
application/javascript 2600:9000:2490:6400:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ptc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/uxa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b04f1a9c4011776a24833098f87e721f07f92f926c1195a2dcdcb655a764389e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

content-encoding: br
etag: "7d6913d63894dc90add44a20ad93a89e"
x-amz-version-id: EzMAzHl4yYd7RnS0Jpb9Pdxjmttt.urr
age: 0
x-cache: Hit from cloudfront
x-amz-cf-id: znBCU1Y1s1_0yDn-doZxOZWQHuarRVKpxYUVRTlvCkmEzmPVhdBhlA==
date: Thu, 12 Dec 2024 12:33:14 GMT
content-type: application/javascript;charset=utf-8
last-modified: Tue, 05 Nov 2024 20:47:39 GMT
cache-control: max-age=900
timing-allow-origin: *
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15269
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pcc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ 77 KB
18 KB 38ms
38ms Script
application/javascript 2600:9000:2490:6400:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/pcc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3914d751cc5211511ff02b1fdf2270d83a4e574db117281b7f9bdaed44b0f91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

content-encoding: br
etag: "6a05053e5412a29add4862350bc5a2ba"
x-amz-version-id: 0gwSA3juGKZoPY0ARUy1A.n2UP3uQDXu
age: 0
x-cache: Hit from cloudfront
x-amz-cf-id: CEOyIByJngXbQShjdXaFkRRddSgw8jc_y22rsCXkMrcbV-QqG8N1Tg==
date: Thu, 12 Dec 2024 12:33:14 GMT
content-type: application/javascript;charset=utf-8
last-modified: Tue, 05 Nov 2024 20:47:39 GMT
cache-control: max-age=900
timing-allow-origin: *
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18206
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 wr.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ 6 KB
2 KB 39ms
39ms Script
application/javascript 2600:9000:2490:6400:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/wr.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/67/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3a62edc0a5fdf2d6d0da4bc51c5f6d52a7861d5322c42973f0b7f54d8711a4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

content-encoding: br
etag: "acdad5669eca6df263dbbaa466b5fe48"
x-amz-version-id: GN9iadTx2BNYuOtz2iUiiFvuZNs5pbYS
age: 0
x-cache: Hit from cloudfront
x-amz-cf-id: VfVmtWAWYLwsoRb-yXNJY2237P_VQyK8xqxZaFficWtJQQA1CaM4Mg==
date: Thu, 12 Dec 2024 12:33:14 GMT
content-type: application/javascript;charset=utf-8
last-modified: Tue, 05 Nov 2024 20:47:39 GMT
cache-control: max-age=900
timing-allow-origin: *
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2015
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 launch-b363d6c28b7c.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/ 300 KB
70 KB 49ms
49ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/launch-b363d6c28b7c.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/adobe-wrapper/v1.10.0/adobe-wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 784ea8ae39edcb80a82d3ee349ed0c0e622b15b8629cdac59cdb031237ff9876

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67340cb2-4b11a"
access-control-allow-origin: https://www.americanexpress.com
content-length: 71299
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 02:19:30 GMT
vary: Origin, Accept-Encoding

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 246ms
245ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 246ms
245ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 444ms
198ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 436ms
192ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 434ms
190ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 442ms
198ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 axp-icon-right.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 359 B
506 B 582ms
582ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-icon-right.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

8008eae0acfd6a4be7b95adce8ff58503d61f96d3441ea1d9592b2e7a52a8e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=424
content-encoding: gzip
etag: "167-5b957df95661b-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 248
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Wed, 20 Jan 2021 16:59:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
37 KB 80ms
80ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.americanexpress.com
Referer: https://www.americanexpress.com/

Response headers

cache-control: max-age=15552000
timing-allow-origin: *
etag: "5b749111-943d"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Fri, 27 Nov 2020 03:31:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37949
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: font/woff
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 416ms
190ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 412ms
185ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 dls-icon-statement-ready.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 567 B
602 B 741ms
741ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-statement-ready.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

4fdc0e5ff774e1bf1c64652445a8053aa2458b9805f5323fcbe2c960e910703c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "237-57d4b541a6d2d-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 344
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Tue, 18 Dec 2018 12:49:30 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 dls-glyph-info.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 466 B
529 B 589ms
589ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-glyph-info.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

b162dbabfada73e57e88095de1d82cceeab1b7a9bd4a3ecd9034d60649a6cab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "1d2-5c56c58af74f5-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 272
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Wed, 23 Jun 2021 10:26:58 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 dls-icon-airplane.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 1 KB
1 KB 502ms
501ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-airplane.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

8d8b9c4f7a7c8f2a62d3c57cf39419d3518692978599c1116ad42020a4d79030

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=125
content-encoding: gzip
etag: "5e3-57d4ca5001367-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 831
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Tue, 18 Dec 2018 14:23:42 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 dls-icon-cart-new.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 656 B
637 B 862ms
861ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-cart-new.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

0a11e85b6e1009170a6d997bec823455d0733d2bbe442bce819860ab6fa7eec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "290-59f6942458d58-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 379
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Tue, 25 Feb 2020 16:48:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 200 dls-icon-gift-card.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 817 B
717 B 670ms
670ms XHR
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-gift-card.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

9e298e66d23d3c5d9153336782ef0ff04b1ef2d7d9518d0ee9a9977883f19475

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
cache-control: public, must-revalidate, max-age=900
content-encoding: gzip
etag: "331-57d5d4072f80f-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
content-length: 458
date: Fri, 13 Dec 2024 02:26:38 GMT
last-modified: Wed, 19 Dec 2018 10:12:30 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-headers: Content-Type

GET
H2 401 member Show response
global.americanexpress.com/api/servicing/v1/ 222 B
1 KB 258ms
258ms Fetch
application/json 104.102.33.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/api/servicing/v1/member?refresh=true

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.33.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-33-179.deploy.static.akamaitechnologies.com

Software

Resource Hash

589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-methods
expires: -1
access-control-allow-origin: https://www.americanexpress.com
correlation_id: 3034d5821734056797758
content-length: 222
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/json;charset=iso-8859-1
access-control-allow-headers

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 405ms
198ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 401 ReadCustomerProducts.v2 Show response
functions.americanexpress.com/ 228 B
291 B 191ms
190ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadCustomerProducts.v2

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
one-data-correlation-id: 8bbd9bc0-7c1f-48e3-9cd3-39ac8bce5bfd

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 86400
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS,GET
x-content-type-options: nosniff
access-control-allow-origin: https://www.americanexpress.com
content-length: 199
date: Fri, 13 Dec 2024 02:26:37 GMT
vary: origin
access-control-allow-headers: one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type

GET
H2 200 favicon.ico
www.americanexpress.com/ 1 KB
0 0ms
0ms Other
image/x-icon 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

265d3f591d92fadfe95f4660c382ee64a23538a7353b9880434205a102833de0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.americanexpress.com/en-ca/referral/intl/cobalt?CORID=v~A~I~B~H~C~N~W~g~p-1734056797223-871293952&CPID=100358119&GENCODE=349993245563677&XL=MIMNS&ref=vAIBHCNWgp&v=2

Response headers

x-dt-tracestate: a592b1a2-bb496006@dt
content-encoding: gzip
traceresponse: 00-cf8ee1a9afb0350538d97ec740badc60-7dd1e728ee6038c3-01
x-cnection: close
accept-ranges: bytes
content-length: 1381
date: Fri, 13 Dec 2024 02:26:34 GMT
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
vary: Accept-Encoding
content-type: image/x-icon
x-frame-options: SAMEORIGIN

GET
H2 200 id Show response
omns.americanexpress.com/ 48 B
475 B 172ms
50ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=92213745575299622581325789189854717412&d_coppa=true&ts=1734056797644

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/launch-b363d6c28b7c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

d6973dc1f55b8f0e944e2bbee956ceaf9bad95098329f24eebf66f23b2259a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.americanexpress.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Fri, 13 Dec 2024 02:26:37 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2 200 EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/dcb19cbd6cbf/b4385da1798a/74e098123439/ 34 KB
13 KB 54ms
53ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.7.1/launch-b363d6c28b7c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a9785fb3a44d2a2bff34dbf471260c1a69baa9cb6c57cce93bc5435241d06d51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"67340cc3-87ab"
content-length: 12668
date: Fri, 13 Dec 2024 02:26:37 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 02:19:47 GMT
vary: Origin, Accept-Encoding

GET
H/1.1 200
OK ac.css
cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ 1 KB
728 B 536ms
536ms Stylesheet
text/css 139.71.113.91
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ac.css
Requested by: Host: cdaas.americanexpress.com
URL: https://cdaas.americanexpress.com/api/axpi/ensighten/adchoice/1.0.0/ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.113.91 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: cdaas11.americanexpress.com
Software: /
Resource Hash: 3cb2123d72526921d061f97774650561fe2b1ff95ec8a38d7ae38a3a584df99f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=31536000, must-revalidate
Timing-Allow-Origin: *
Content-Encoding: br
ETag: W/"5e44143b-4c3"
Connection: keep-alive
Date: Fri, 13 Dec 2024 02:26:38 GMT
Content-Type: text/css
Last-Modified: Wed, 12 Feb 2020 15:05:31 GMT
Vary: Origin

GET
H2 200 s09866251255291
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
329 B 51ms
51ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s09866251255291?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=consent-checkbox%3Anull&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Econsent-checkbox%3Anull&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Econsent-checkbox%3Anull&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c75=Launch&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858618081476608-4618244567814488318
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:37 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:37 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:37 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 525 B
2 KB 409ms
408ms Fetch
application/json 104.102.60.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://one-xp.americanexpress.com/variant/find

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.25.0-61e4465e/app.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.60.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-60-45.deploy.static.akamaitechnologies.com

Software

Resource Hash

23e9fe7e5ca1d75773857e1564e59048d94ea9c7bfe76e761e846a03824d7d70

Security Headers

Name	Value
Content-Security-Policy	default-src https://one-xp.americanexpress.com/wiEBLxom47ej/TKBPEX/5Ge4-O/aa5NXbLwLzQS/HxNednQ/cFt-USYg/SXYB 'nonce-8508deed31ba9b2e9cf470a1e934ae61' 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

Access-Control-Max-Age: 86400
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Expires: Fri, 13 Dec 2024 02:26:38 GMT
Date: Fri, 13 Dec 2024 02:26:38 GMT
Content-Type: application/json
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
strict-transport-security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src https://one-xp.americanexpress.com/wiEBLxom47ej/TKBPEX/5Ge4-O/aa5NXbLwLzQS/HxNednQ/cFt-USYg/SXYB 'nonce-8508deed31ba9b2e9cf470a1e934ae61' 'none'; frame-ancestors 'none'
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 106
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Length: 525

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 367ms
366ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:38 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
84 B 366ms
364ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:38 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
87 B 368ms
367ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/one-stream-data-handler/v0.1.7/oneStream.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: 0
date: Fri, 13 Dec 2024 02:26:38 GMT
content-type: text/plain;charset=ISO-8859-1
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: default-src 'self'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 s09145166452377
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 50ms
50ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s09145166452377?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=acq&country=ca&language=en&cpid=100358119&.omn&.c&cc=USD&server=www.americanexpress.com&events=event140&h1=ca%7Cacq%7Creferral%7Cintl&c3=en&c4=CA&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=ca%7Cacq&c24=ca%7Cacq%7Creferral&v27=CA&c30=ca%7Cacq%7Creferral%7Cintl&c31=ca&c38=ca%7Cacq%7Creferral%7Cintl&v41=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c75=Launch&v75=92213745575299622581325789189854717412&v82=0.1377330664364418_1734056797853&v94=D%3Dagent-id&v140=UCM%3A%20en-CA%7C%20docEle%3A%20en-CA%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858616904253440-4618235712484127011
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:37 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:37 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:37 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H/1.1 200
OK adchoice_icon_mob.png
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/1.0.0/ 1 KB
2 KB 543ms
204ms Image
image/png 139.71.113.91
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdaas.americanexpress.com/api/axpi/ensighten/adchoice/1.0.0/adchoice_icon_mob.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.113.91 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: cdaas11.americanexpress.com
Software: /
Resource Hash: 4af55f80c23c121748e347557ca1d6291a9f32275b7457a33ed66daa767bcd85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.americanexpress.com/

Response headers

Cache-Control: max-age=31536000, must-revalidate
Timing-Allow-Origin: *
ETag: "5e441339-5ea"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1514
Date: Fri, 13 Dec 2024 02:26:38 GMT
Content-Type: image/png
Last-Modified: Wed, 12 Feb 2020 15:01:13 GMT
Vary: Origin

GET
H2 200 s08065518612815
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
316 B 51ms
51ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s08065518612815?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=v2Srl&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ev2Srl&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ev2Srl&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858618966310912-4618562287177855346
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s04715990443800
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 52ms
51ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s04715990443800?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=prospect-short-url-identifier&lob=acq&detail=vAIBHCNWgp&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Eprospect-short-url-identifier%3E%3EvAIBHCNWgp&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Eprospect-short-url-identifier%3E%3EvAIBHCNWgp&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619051737088-4618587556205015605
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s09392982934610
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 51ms
51ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s09392982934610?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=prospect-source-code&lob=acq&detail=A0000HJ4NC&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Eprospect-source-code%3E%3EA0000HJ4NC&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Eprospect-source-code%3E%3EA0000HJ4NC&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858620291710976-4618298659557809911
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s03564104729860
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 52ms
52ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s03564104729860?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=business-unit%3APERSONAL&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ebusiness-unit%3APERSONAL&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ebusiness-unit%3APERSONAL&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858618702233600-4618562719981431969
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s07960325214002
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 55ms
55ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s07960325214002?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=MGMPoid%7C%7CA3OE%7CSPONSOR&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EMGMPoid%7C%7CA3OE%7CSPONSOR&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EMGMPoid%7C%7CA3OE%7CSPONSOR&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619106492416-4618519814615198844
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s03696373831189
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 52ms
52ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s03696373831189?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=welcome-popup&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ewelcome-popup&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ewelcome-popup&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858618702233600-4618457166865165734
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H/1.1 200
OK adchoice_close.png
cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ 590 B
894 B 298ms
211ms Image
image/png 139.71.113.91
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/adchoice_close.png
Requested by: Host: cdaas.americanexpress.com
URL: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ac.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.113.91 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: cdaas11.americanexpress.com
Software: /
Resource Hash: 9a29963f44e616be6e1660261aab4bb26e7dc1a54b948c2bf89ae8cb205e97f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ac.css

Response headers

Cache-Control: max-age=31536000, must-revalidate
Timing-Allow-Origin: *
ETag: "5e441339-24e"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 590
Date: Fri, 13 Dec 2024 02:26:38 GMT
Content-Type: image/png
Last-Modified: Wed, 12 Feb 2020 15:01:13 GMT
Vary: Origin

GET
H/1.1 200
OK adchoice_icon_mob.png
cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ 1 KB
2 KB 413ms
215ms Image
image/png 139.71.113.91
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/adchoice_icon_mob.png
Requested by: Host: cdaas.americanexpress.com
URL: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ac.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.113.91 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: cdaas11.americanexpress.com
Software: /
Resource Hash: 4af55f80c23c121748e347557ca1d6291a9f32275b7457a33ed66daa767bcd85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdaas.americanexpress.com/cdaas/api/axpi/ensighten/adchoice/1.0.0/ac.css

Response headers

Cache-Control: max-age=31536000, must-revalidate
Timing-Allow-Origin: *
ETag: "5e441339-5ea"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1514
Date: Fri, 13 Dec 2024 02:26:38 GMT
Content-Type: image/png
Last-Modified: Wed, 12 Feb 2020 15:01:13 GMT
Vary: Origin

GET
H2 200 s08810728399614
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 52ms
52ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s08810728399614?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=consent-checkbox%3Acobalt_credit&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Econsent-checkbox%3Acobalt_credit&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Econsent-checkbox%3Acobalt_credit&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619051737088-4618235712484127930
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s01520726249908
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 49ms
49ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s01520726249908?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&visitorCheck=VisitorAPI%20Present&omn.&ppvpage=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&ppvtotal=34&ppvinitial=34&lob=acq&country=ca&language=en&.omn&cm.&ssf=1&.cm&.c&cc=USD&server=www.americanexpress.com&events=event140&h1=ca%7Cacq%7Creferral%7Cintl&c3=en&c4=CA&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=ca%7Cacq&c24=ca%7Cacq%7Creferral&v27=CA&c30=ca%7Cacq%7Creferral%7Cintl&c31=ca&c38=ca%7Cacq%7Creferral%7Cintl&v41=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c75=Launch&v75=92213745575299622581325789189854717412&v82=0.1377330664364418_1734056797853&v94=D%3Dagent-id&v140=UCM%3A%20en-CA%7C%20docEle%3A%20en-CA%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858620150284288-4618508459045171087
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s09847433281917
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 50ms
50ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s09847433281917?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=WelcomePopupExperiment%3Avalid-url%3Afalse&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EWelcomePopupExperiment%3Avalid-url%3Afalse&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EWelcomePopupExperiment%3Avalid-url%3Afalse&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&c75=Launch&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619051737088-4618235712484128127
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s0112496199182
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
248 B 51ms
51ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s0112496199182?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&pznid=80101500129032825290295584807491654133%7C9&identifier=axp-refer-prospect&element=100358119%3Acobalt_credit&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3E100358119%3Acobalt_credit&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3E100358119%3Acobalt_credit&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619106492416-4618343892754755349
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 s03337083120425
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
247 B 54ms
54ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s03337083120425?AQB=1&ndh=1&pf=1&t=13%2F11%2F2024%203%3A26%3A37%205%20-60&mid=92213745575299622581325789189854717412&ce=UTF-8&cl=34214400&pageName=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fintl%2Fcobalt%3FCORID%3Dv%7EA%7EI%7EB%7EH%7EC%7EN%7EW%7Eg%7Ep-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=pznRequestId&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=CA&v4=axp-refer-prospect&v5=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EpznRequestId&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=ca%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EpznRequestId&v27=CA&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.7.1AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-11-13&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=ca%7Cacq%7Creferral%7Cintl%7Ccobalt&v75=92213745575299622581325789189854717412&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723858619106492416-4618519814615199615
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 02:26:38 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 13 Dec 2024 02:26:38 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Dec 2024 02:26:38 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 204 pageview
c.contentsquare.net/ 0
272 B 203ms
58ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?ex=&dt=236&pvt=n&cvars=%7B%226%22%3A%5B%22Page%20Name%22%2C%22ca%7Cacq%7Creferral%7Cintl%7Ccobalt%22%5D%7D&cvarp=%7B%226%22%3A%5B%22Page%20Name%22%2C%22ca%7Cacq%7Creferral%7Cintl%7Ccobalt%22%5D%7D&la=it-IT&uc=1&url=https%3A%2F%2Fwww.americanexpress.com%2Fen-ca%2Freferral%2Fcobalt%3FCORID%3Dv~A~I~B~H~C~N~W~g~p-1734056797223-871293952%26CPID%3D100358119%26GENCODE%3D349993245563677%26XL%3DMIMNS%26ref%3DvAIBHCNWgp%26v%3D2&dr=&dw=1600&dh=3567&ww=1600&wh=1200&sw=1600&sh=1200&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&sn=1&hd=1734056799&v=15.33.7&pid=3776&pn=1&r=823096
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 pageEvent
c.contentsquare.net/ 0
19 B 196ms
60ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBgQEAMAwBsJsow%2F%2BPLRmJi%2ByY2yNdHJ0OXa0gAj%2BDPViUJgAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&r=230253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 pageEvent
c.contentsquare.net/ 0
19 B 194ms
58ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA0tOrElMLqwpSk1LLSpKzKnJzCvJqUnOT0rMKQEA5SdkDhsAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&r=775774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 pageEvent
c.contentsquare.net/ 0
19 B 195ms
60ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA3NMTw%2Fwq0lOrElMLqwpSk1LLSpKzKnJzCvJqUnOT0rMKQEAHt%2F5NCEAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&r=952024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 pageEvent
c.contentsquare.net/ 0
19 B 195ms
60ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwvydaxJTrSzS6wo0C1KTUst0i0oyi8uSE0usbPLzC0oSi0uzszPs7MrqMoLSi0sTS0u8UwBAMJTPBI0AAAA&ct=2&isETR=false&isCustomHashId=false&v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&r=092211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 pageEvent
c.contentsquare.net/ 0
19 B 193ms
60ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBCQEAIAgDwEryzjpDoH8E79RggiNKbp1hZ%2FLmmoLWM6%2BchfD4HNGQyCgAAAA%3D&ct=2&isETR=false&isCustomHashId=true&v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&r=087773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 204 dvar
c.contentsquare.net/ 0
19 B 59ms
59ms Image
text/plain 34.249.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=15.33.7&pid=3776&pn=1&sn=1&uu=76af1e07-2b6e-a202-ab31-7364cd89aee1&dv=H4sIAAAAAAAAAy3QW2vCQBQE4L%2By7FMFE3P2vvZJFNqigYL2ArWENZ7o4jaRJIJW%2FO%2FdljKv8zEwV%2FrSYTvZYd3TMc2bbx%2BCG8k0I3fvAPdk4evTmZyNKpQYkMnxGPANN3PfjyTXKVfkbv64yhdDEvwByQOWh2ZApvu2%2BcIRcEiz35Clq1zr%2Fwkd0rLLXV%2Fufb2b4yXuZilwrTnPlBJcCQGmAM1FJpW22kgeST59fZrFqmUsdoWUWjJrFWPSAGdSGwvGGik0aAEsgslzXsxWxRK7zjf1n9XKVYCZTthGYeJYxhK34ZDouFlujXWIkEK0lcewLVztwqX3ZVdUpxCiv67pscUqXoTbNR1%2FfN7o7QeuHpOxQQEAAA%3D%3D&ct=2&r=444542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.87.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 02:26:39 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H/1.1

200
OK

8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/
Redirect Chain

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&fla...
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

28 B
335 B

183ms
183ms

Fetch
text/plain

139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.1
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Length: 28
Date: Fri, 13 Dec 2024 02:26:39 GMT
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Headers

Redirect headers

location: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
content-length: 0
date: Fri, 13 Dec 2024 02:26:39 GMT
alb-failover-nimval: 0
server: AkamaiGHost
x-frame-options: SAMEORIGIN

GET
H/1.1

200
OK

8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/
Redirect Chain

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&fla...
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

28 B
335 B

182ms
181ms

Fetch
text/plain

139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.1
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Length: 28
Date: Fri, 13 Dec 2024 02:26:40 GMT
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Headers

Redirect headers

location: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
content-length: 0
date: Fri, 13 Dec 2024 02:26:39 GMT
alb-failover-nimval: 0
server: AkamaiGHost
x-frame-options: SAMEORIGIN

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 0
907 B 230ms
229ms XHR
text/plain 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 45
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
date: Fri, 13 Dec 2024 02:26:40 GMT
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 0
907 B 453ms
222ms XHR
text/plain 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 38
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 0
date: Fri, 13 Dec 2024 02:26:40 GMT
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 43 B
2 KB 790ms
789ms XHR
image/gif 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 605
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 43
date: Fri, 13 Dec 2024 02:26:41 GMT
content-type: image/gif;charset=UTF-8
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 43 B
2 KB 811ms
810ms XHR
image/gif 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 625
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 43
date: Fri, 13 Dec 2024 02:26:41 GMT
content-type: image/gif;charset=UTF-8
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 200
OK captureIntl.do Show response
gct.americanexpress.com/gct/ 43 B
2 KB 1241ms
891ms XHR
image/gif 139.71.125.239
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureIntl.do

Requested by

Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.125.239 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-eusw1-vip.americanexpress.com

Software

Resource Hash

4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 3600
content-security-policy: default-src 'self'; frame-ancestors 'self'
x-envoy-upstream-service-time: 708
access-control-allow-credentials: true
access-control-allow-methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
access-control-allow-origin: https://www.americanexpress.com
content-length: 43
date: Fri, 13 Dec 2024 02:26:41 GMT
content-type: image/gif;charset=UTF-8
access-control-allow-headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers

GET
H/1.1

200
OK

8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/
Redirect Chain

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR&svrid=-92&fla...
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

28 B
335 B

184ms
184ms

Fetch
text/plain

139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.1
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Length: 28
Date: Fri, 13 Dec 2024 02:26:41 GMT
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Headers

Redirect headers

location: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
content-length: 0
date: Fri, 13 Dec 2024 02:26:41 GMT
alb-failover-nimval: 0
server: AkamaiGHost
x-frame-options: SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.americanexpress.com
URL: blob:https://www.americanexpress.com/071cfbb2-d5a2-4f71-9a70-5447850cf5d7

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: TS01b3a5dc Value: 01368fc6df89533f6527019ef00bfe3d6c13d92f505219ae85ee084f012255f0dbd7778a5ac4a21bf42c9d4855d44e1f4464fa2dfb
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: JSESSIONID Value: N7MCqpSOIWdPbkk6rfJ-UK6vxd0SdLhoYrrd6QNQ.loyment-b45c8b875-w7lbc
.americanexpress.com/	1970-01-21 10:26:32	Name: agent-id Value: c6073b2b-5cc3-4cbb-92bf-38bf41ac9a93
.americanexpress.com/	1970-01-21 10:26:32	Name: _abck Value: B3436EA5F1B8833CB3D113FBF50685F4~0~YAAQrOIlFyYwdqqTAQAA0NvWvQ2q0u6VnEu98qvUlN+p0wHQGPwPtb63Yqt+pzcaNdVFG70dAatRrysw0UGFVVIE3cVOv3amkLdv3i22L/KVAg88zqxFP40hCNEA9rHW9VvqkM8mTigXBNjgvzGejBqp+A6vgCkp3HSdFVk/0SLsGUKY8O5lnZrq8b+YExE4l4Yb2QmDDUZUmY1m5NUPpdQGfe2aUYHMvNoW96JY82s/Yoq8P1Viutx+Xa0c2jgWxB0Vv+E53wV223Bksq/PB6T4n3SRuyPAL7VOX4AP/ykHdekS6a1Rx1tfey+OtmUZHtdIq68027Z/yAqSK5In2YT6GbjBueA6q421cXDfkzCf6o03HaDCYYvgkKsoF/uojNhNOQmkv+aQs8FsbJo6f9cLT9oTHWThDGuakZMTyTIC+gbVyZEorLm/dU+ypdjZML4gFAW0uJwPjb1LNgUUmLQn5c8nYOhvMKB61yviN6fQTQr7vAjYMf9QIRUSrAJZdfyE~-1~\|\|0\|\|~-1
.americanexpress.com/	1970-01-21 01:41:11	Name: bm_sz Value: 25F625FE0114719183D611AEF6B5753F~YAAQrOIlFycwdqqTAQAA0NvWvRqfWUCBT0ofXum8sK/KLDPlKs/fFiy7HlIAzWOVTJjMagM+RwrLxD1D4c8ZdTGGvwlSM/fDDSgTlFmcdCRv2k9gv/41BQVurIxaL3RMH2i0Z7X/iHAdpyOiQCE03+LKp0cqeArXWP7DeR7TnCQntqKuoR1+1/O4Zf2H83+e8NsEJhB2DiFxdLNDKMfTiqrGxyR+uof5m3EAiELIa+288oJ2R5qjnmh8xPKnurLTs60AZDLBA+t9J6LC3GnqQJV6krdyspeWqWNk56oabFS+NKJvLKgQzTu5F+G30Slw/ph+Dqn+VtC9jIBmKFxujPpa4lsA0RCVpz5/OmQUjhejnRN/jcRzuS7SeMWlZcAI61m8UB9+vrcMI8X8+4yazb8mzFKKaUEX00risxA=~4601909~4276546
.americanexpress.com/	1970-01-21 01:41:03	Name: ak_bmsc Value: C5E603536B55D3AF568A535F2FB53E0D~000000000000000000000000000000~YAAQrOIlFykwdqqTAQAAL93WvRrD/0TRSMgIw3SMWkoXF+KrEWitp1yz+UHqPyChYXe+cIb7jEQ3nZAU8ohHoGrDSqnSq7ERykpIVMdhgS1XGqNCf7iRkCVZenmbSr/Y32tCgOWt1LwHrfe8XrzFfAilinwCWB/5lGPDlIZPUBZS9CmGLbJHi+k8eX6JDnxwJi/kvoh2n53ADaCfrRjtx3uGu9iqQN5qEaDzY2tRlzvVoFXRXWnOUYZZme/0bzuQPU+HSa9cqo8/nAgiEUZto0G8g+o8Hbh8JAvXNS5v+C6l/dGBWEQqXiudXGJ+my/s+sRprRX0RWC2FLUlSzN3AGP04qqTB5B1wojkRctKg17b6YphlECfK8b4gWg/gkgyc5w2ucCtR5EdNuOvyd7HAcYBIOrCYwZzJGaq1TnqDpkUnmescdY9WM57o9/Hms3Y+ir1b1Dg34UJJwPGMYu97s/GmzAXQqVA
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: en-CA
one-xp.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 01188f33bef9e6a031be761e52d33a1426845d8daa792d78e309616d4422248612bba49f5d6f2e6bc2cabf04ca7b2670307d71bf2d
.americanexpress.com/	1970-01-21 11:10:20	Name: _cs_c Value: 1
.americanexpress.com/	1970-01-21 11:16:56	Name: pznid Value: 80101500129032825290295584807491654133\|9
.americanexpress.com/	1969-12-31 23:59:59	Name: mgmsession_id Value: 5y1lBDCG0tJLp03
.americanexpress.com/	1970-01-21 11:11:11	Name: s_ecid Value: MCMID%7C92213745575299622581325789189854717412
global.americanexpress.com/	1970-01-21 01:40:57	Name: akaalb_global Value: 1734057397~op=global_bDaas_member_LBM:bdaas-member-e3-hydra\|~rv=61~m=bdaas-member-e3-hydra:0\|~os=fd3a3bfff9e217a4b692205b139915f8~id=36d3d489b21e7f52081572fa8b3fcbb3
.americanexpress.com/	1970-01-21 01:40:58	Name: _cs_mk Value: 0.1377330664364418_1734056797853
.americanexpress.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_tp%3D3567%3B%20s_ppv%3Dca%25257Cacq%25257Creferral%25257Cintl%25257Ccobalt%252C34%252C34%252C1200%3B%20omn_cpid%3D100358119%3B%20s_dedupeCM%3DGCT%2520CPID100358119n%252Fan%252Fa%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1970-01-21 11:11:11	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C92213745575299622581325789189854717412%7CMCAID%7CNONE%7CMCOPTOUT-1734063997s%7CNONE%7CvVersion%7C5.0.0
gct.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 01368fc6df89533f6527019ef00bfe3d6c13d92f505219ae85ee084f012255f0dbd7778a5ac4a21bf42c9d4855d44e1f4464fa2dfb
.americanexpress.com/	1970-01-21 11:11:11	Name: s_pers Value: %20s_tslv%3D1734056797719%7C1797128797719%3B%20s_tbm%3Dtrue%7C1734058597852%3B%20s_tbm365%3Dtrue%7C1765594597852%3B%20gpv_v41%3Dca%257Cacq%257Creferral%257Cintl%257Ccobalt%7C1734058597953%3B
.americanexpress.com/	1970-01-21 01:41:03	Name: bm_sv Value: 14EA2E6F2A977835F75BDDE0E46C427F~YAAQkfAQAlMdCrGTAQAAYOjWvRo+z5HXsZuMVrd72eTFPEU2nXSA/SsyxEBga+Hl99Vj3Gepy9RWoU6Vr1LmNwty7sMru8XJzpH290wpcDux74DJkNZw4coDpLO5Vcg4vIWMtHh8IUJpWIB94UgbeEWY8W5W8IfbUt3nkZdH87OIh5dWiIUuTY+IT+5zIVczJGFtWm9upA/r7BrhId7xgCLWt5yBAmQ8yMkdyr++PiYahpJb0XeumR3+EyMG2cBZnvg+q8v0GEnk~1
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D92_sn_5JS48HTJ4380MIHAO09UB361UPRP2TAR
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1734056798418ELMUKLDEQ57RGS0MR408RCLTJTC2J9LF
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1734058598422\|1734056798418
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: -92$56798417_382h-vOGSMWDHPPGRLTQKDCIDMFHOEIHCAERLU-0e0
.americanexpress.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%226%22%3A%5B%22Page%20Name%22%2C%22ca%7Cacq%7Creferral%7Cintl%7Ccobalt%22%5D%7D
.americanexpress.com/	1970-01-21 11:10:20	Name: _cs_id Value: 76af1e07-2b6e-a202-ab31-7364cd89aee1.1734056799.1.1734056799.1734056799.1.1768220799419.1
.americanexpress.com/	1970-01-21 01:40:58	Name: _cs_s Value: 1.5.0.9.1734058599793
.americanexpress.com/	1969-12-31 23:59:59	Name: TS0114bdae Value: 01368fc6df89533f6527019ef00bfe3d6c13d92f505219ae85ee084f012255f0dbd7778a5ac4a21bf42c9d4855d44e1f4464fa2dfb
.americanexpress.com/	1970-01-21 11:16:56	Name: gctrac Value: "gctvid=2024-12-13/03:26:37:083-3b2bc18b-125f-6dce-9c13-f68845a33274&apprid=100358119&appcpid=100358119&appaffid=&vencpid=100358119&venaffid=&applno=3&lno=3&lcpid=100358119&laffid=&lts=2024-12-12/21:26:41:077&appcpidlts=2024347&venlno=3&aaffid=&vaffid=&AttPartnerNm=Mgm Pull&lan=1"

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS(Line 24) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'nonce-4072517c-3d19-4875-af98-024745ea50f3' 'self' .aexp.com .aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com". Either the 'unsafe-inline' keyword, a hash ('sha256-hSgmHkuVXsiZzdokiXwLb3ZpZhY+71bYY3HAgTUus20='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://global.americanexpress.com/api/servicing/v1/member?refresh=true Message: Failed to load resource: the server responded with a status of 401 ()
rendering	warning	URL: https://www.americanexpress.com/en-ca/referral/cobalt?ref=vAIBHCNWgp&XL=MIMNS Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C0E44130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://functions.americanexpress.com/ReadCustomerProducts.v2 Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://functions.americanexpress.com/UpdateUserSession.v1 Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://functions.americanexpress.com/ReadCustomerProducts.v2 Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://global.americanexpress.com/api/servicing/v1/member?refresh=true Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'self' .aexp.com wss://.americanexpress.com .aexp-static.com .americanexpress.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-1ab85cf6610cb872c0a12731f1c799b6' 'nonce-4072517c-3d19-4875-af98-024745ea50f3' 'self' .aexp.com .aexp-static.com c.evidon.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com secure.adnxs.com go.affec.tv .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com cdn.optimizely.com gct-qa.americanexpress.com gctv4-qaeusw1.americanexpress.com .americanexpress.com logx.optimizely.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeopprodvip.acxiom.com
americanexpress.com
c.contentsquare.net
cdaas.americanexpress.com
ct.contentsquare.net
dynatracepsg.americanexpress.com
functions.americanexpress.com
gct.americanexpress.com
global.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
omns.americanexpress.com
one-xp.americanexpress.com
origin-gemapp.americanexpress.com
referconfigexternal.americanexpress.com
referral.americanexpress.com
rfprospectpage.americanexpress.com
ucmapi.americanexpress.com
www.aexp-static.com
www.americanexpress.com
www.americanexpress.com
104.102.33.179
104.102.60.45
104.102.62.18
139.71.113.91
139.71.125.239
139.71.16.158
139.71.182.30
139.71.21.230
139.71.6.183
139.71.7.76
139.71.89.13
148.173.98.154
198.160.127.57
2.23.209.189
23.212.203.180
23.212.221.34
2600:9000:2490:6400:c:7c62:1240:93a1
34.249.87.52
63.140.62.17
0259245f15c129a1bb6cae4e940200ccde42cd4a7a12e8d182580578446506c0
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
0833876323a5664a12f47570443cf4fe37daa0dacd6d0006b1c7744ce2a61040
0989c4b6301c4a9498b7cf0a4e4825157600389489becec861ddfb81b9d22cff
0a11e85b6e1009170a6d997bec823455d0733d2bbe442bce819860ab6fa7eec2
1035d322cba69e89d47322dc4b1e5b1b6b3b2e5079e3f3562591439fd2d52078
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028
13f41ab18a921bc5c481ab835ad66199bd99b838f8b7f960e179fb04c7c8494f
1985974bb54604254090ce6ac2267c7650f4cf9354edafcaaebd14ade3ce4d52
1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f
23e9fe7e5ca1d75773857e1564e59048d94ea9c7bfe76e761e846a03824d7d70
24323f5746c5b13c13e34cf9ee63bebc972b7371f776bfabb66b7317b9b4636d
265d3f591d92fadfe95f4660c382ee64a23538a7353b9880434205a102833de0
290a5433663937d2eb7372cd4b6d2f62c6c4a8ebc5f317c1b6b8e8ca7e8d7939
2987d3332770688f9edaeb8d7eb1b0c597eb35b90f5b2917d92571a06491f349
29b6a526f09421e1c4243c6fc5631d86b19f009ce01dc594fe8264ac8e4f9f8b
325f10740c230484078671ee380ed04e20326e6b286ab9fc3a25812b472e1281
339c0acde101c56998e20064e031667b66a17f8979b7ac5aef6fcb3215e97b36
38e8d1f0a31a3297886ced526ea85641ba835f737ccdba53c6c96c201029be90
39cf537c7d81a73e36743746f302744e484a987db6229c6e77d681c3447344c9
3a250b26f0dff0668618e704e90b15f00ae11b538a6bccb79078837288112895
3cb2123d72526921d061f97774650561fe2b1ff95ec8a38d7ae38a3a584df99f
3e7507adea21c95d368cd929f6a7bcae296f3b812d77932912a535d340e90313
40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b
4169bc21e9a01b4091e544d8cda09876801fd0a3a0bc75c64de3da5ee131faac
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
447ca59fe275a60d1c770bcbc6f14482ca1fde1d2bd7eded98d40873b817650d
453cfa88f8cfea4fdcdddeb8a374ac98ad2fab6bd27112e5159cc6a24c2eab94
45e6f3e6847536e5fb63d629bed17ffb329fe44699356518657491a69d74e869
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
4a87df0d1b012a59773ea451acf48d696d4e3445f8eeee24376baf6f0018e46e
4af55f80c23c121748e347557ca1d6291a9f32275b7457a33ed66daa767bcd85
4b11fd93b88beb8b48a1c1974eb88cddf4722c002468996db1c77d07e0bac7c8
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fdc0e5ff774e1bf1c64652445a8053aa2458b9805f5323fcbe2c960e910703c
53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a
53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6
552c3805747637b67bf7e04603181f56a50f525ce2855a5e3780c5e3a801b3fa
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5d985da9c001d2d53c0294fec26cf165c32ab365b499d72524193ec0e56f27f0
66c980d6bcddca1552d9e28dcc9faa842731c55f240c7f2aee7986513986f128
6990e72381e9dfa3490075f6c3c212929f27908e46ef3e74769aae3500a1585a
6f13ed083e9e121eb7aed85a09e1d6875b2ac8a19ae141d11c689fded2a31fab
7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640
713f125a8619c83181567974e20e45c2ae6c9a2bd78728f2db628b041277c5e1
72491674ec27771c05a32274b5d8eab748fe34c799dfae4a8fde514e67c26822
761b183fee71a413d5cbefe4196ea222efda5a4295cd7c6254dfee22891d07e8
779b90e8d9fe2281d069988b6263ce3b5f8f1b9144c919f9492e7fbe6d026cb3
784ea8ae39edcb80a82d3ee349ed0c0e622b15b8629cdac59cdb031237ff9876
7c312e22281a77b02dfc1a7f8c9954d0344bd6fa86242ebf616e2a6f6c01f470
8008eae0acfd6a4be7b95adce8ff58503d61f96d3441ea1d9592b2e7a52a8e3a
80b881a4b974597339aa4877412ceeaf6933d3224b8810fc05f10d5846b12e3e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82742d4fbb5680aa966ecaa06a9dfb79960d6bf6ed224305ced29de98e958f44
8343c0a21485be3b849d25d763bb7984c67718931c3d8ed3a796596b17e7a6d9
8c7e0f5644c4e38e06f81ae776f698e65417d68c141be3cc12421a2a4deb56c2
8d8b9c4f7a7c8f2a62d3c57cf39419d3518692978599c1116ad42020a4d79030
8fdc3754ff585f819232bdea28582b9eca7edae5e8ce225dcb744c8a409c1e5c
93b42bbb842957205e2919d437303c71bbecdd7e18a2f8157162c4331e113fae
9758039d9550c37346a808f8766f9103e5249e8b0487f00530c6ff8c0311402a
9a29963f44e616be6e1660261aab4bb26e7dc1a54b948c2bf89ae8cb205e97f7
9e298e66d23d3c5d9153336782ef0ff04b1ef2d7d9518d0ee9a9977883f19475
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a9785fb3a44d2a2bff34dbf471260c1a69baa9cb6c57cce93bc5435241d06d51
a9fa0b54d7def7bbe2450027091de984a18fb53de96b6f43cc75857e326748cb
acd58ff5965a047540bd61471ac7cd3b79f3128f01d464fa35a3b667264f79e9
b04f1a9c4011776a24833098f87e721f07f92f926c1195a2dcdcb655a764389e
b162dbabfada73e57e88095de1d82cceeab1b7a9bd4a3ecd9034d60649a6cab8
b3404d578aac9a2f533e50fe62ca0a021f95c64c567079bb3fc2c20ccc9cd7cf
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c02dd1a36adc0a92e61ff64e915983276a7b25d00cebd8993c441e2fbb973ed1
c3914d751cc5211511ff02b1fdf2270d83a4e574db117281b7f9bdaed44b0f91
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c59376803b6d292bf520a1af0b54ff8a10bcef3c9a3f155c1510f478d4defda8
c79f4e5beda58417f3ca53f5dd63cb394b0b39c6f96cd40e08e8783f869d34f1
cc72ebf2733f38d61a6bd6e96c50008327682007bc692476c7e42a5c3a15d4d7
d3a62edc0a5fdf2d6d0da4bc51c5f6d52a7861d5322c42973f0b7f54d8711a4d
d4e2a19b98bc21c22e95c1ef85600f2ec5f2e6562f9a65a2dc4a1d8a893db732
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d6973dc1f55b8f0e944e2bbee956ceaf9bad95098329f24eebf66f23b2259a29
dab7d2b6fa33cbbcee4804a95db6018d2343aa6df0684e7c6f4bb1382622e929
dc5e4eca7a50c8c8e6907ba9d79340c7ad825a442254949f145c2a4911cf7dac
deaeff144c065ecf5de6ce5eecee5dd83b3df983265f74c5966c22567d3262c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586121e607c7d7a8d7277f14a5b3043406dc1f140b85e30e601336b15f0e824
e6ddccc264c30cdd602670a4adb0c7e05e08fdb9b481f7f5e6229f8cb0ecca23
e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe
e9b1fcd035d2310a60a9d365ff66db5cff884a8d57c483bbc152a4414f8f5f49
ee97bc4ea8ebeb26d22a1ba5278ba35a19219d8ea161b468b1a0638b2c5af989
f13f8e07f0791297d73ea8672c50466c5cbc949d8ce7d3cd50eab77a7f9d9c1a
f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91
f774703203cd3c40bead6ffd995e31cd62a6dd5898c399ca043705030ef1d931
f9c2998a80501d02682f91794d2ab60f495195d119cf112da60340d8ba661fc2
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519
ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

www.americanexpress.com Open in urlscan Pro 23.212.221.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

98 %HTTPS

5 %IPv6

4 Domains

20 Subdomains

19 IPs

3 Countries

2121 kBTransfer

7331 kBSize

30 Cookies

6 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

98 %
HTTPS

5 %
IPv6

4
Domains

20
Subdomains

19
IPs

3
Countries

2121 kB
Transfer

7331 kB
Size

30
Cookies

161 HTTP transactions
6 data transactions