www.americanexpress.com
Open in
urlscan Pro
23.79.152.202
Public Scan
Submission: On June 10 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 22nd 2020. Valid for: a year.
This is the only time www.americanexpress.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 23.79.152.202 23.79.152.202 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 18.195.42.228 18.195.42.228 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 184.30.19.42 184.30.19.42 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
17 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-202.deploy.static.akamaitechnologies.com
www.americanexpress.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-19-42.deploy.static.akamaitechnologies.com
icm.aexp-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
americanexpress.com
www.americanexpress.com |
39 KB |
7 |
aexp-static.com
icm.aexp-static.com web.aexp-static.com Failed |
41 KB |
1 |
ensighten.com
nexus.ensighten.com |
22 KB |
17 | 3 |
Domain | Requested by | |
---|---|---|
8 | www.americanexpress.com |
www.americanexpress.com
|
7 | icm.aexp-static.com |
www.americanexpress.com
|
1 | nexus.ensighten.com |
www.americanexpress.com
|
0 | web.aexp-static.com Failed |
www.americanexpress.com
|
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2020-10-22 - 2021-11-22 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2021-06-08 - 2022-07-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.americanexpress.com/mx/privacy-statement.html
Frame ID: 2F8E4B2776B92A578DBF819999820F3A
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
American Express México - Principios de Privacidad y Protección de Datos de American ExpressDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
privacy-statement.html
www.americanexpress.com/mx/ |
56 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-include-screen.css
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedcss/ |
938 B 802 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-include-high.css
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedcss/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template-e-high.css
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedcss/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/amex/intl_amexhead/ |
85 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inav_responsive_intl.css
icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/ |
113 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btnSpriteStyles.css
icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/ |
28 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.gif
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
43 B 233 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_bluebox-55x54.svg
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
atg_icon_small.gif
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
838 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MGM_Icon.png
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
838 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonFunctionsResponsive_Intl.js
icm.aexp-static.com/content/dam/Navigation/nav/ngn/js/ |
104 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-include.js
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedjs/ |
40 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
include-template-e.js
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedjs/ |
661 B 609 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-include-print.css
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedcss/ |
1 KB 979 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-include-light.css
www.americanexpress.com/content/dam/amex/mx/staticassets/sharedcss/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
button_styles.css
web.aexp-static.com/fr/content/sharedcss/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- web.aexp-static.com
- URL
- https://web.aexp-static.com/fr/content/sharedcss/button_styles.css
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| omn_hierarchy string| omn_pagename string| omn_language0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | connect-src https://assets.adobedtm.com/ 'self' https://performance.typekit.net/ https://*.liveperson.net/ https://*.contentsquare.net/ https://code.jquery.com/ https://www.google-analytics.com/ https://functions.aexp.com/ https://americanexpresscards.tt.omtrdc.net/ https://*.apollo.io/ https://s.delvenetworks.com/ https://siteintercept.qualtrics.com/ https://*.evidon.com/ https://www.aexp-static.com/ https://*.americanexpress.com/ https://dpm.demdex.net/ https://americanexpress-mx.custhelp.com/ http://dpm.demdex.net/ https://www.facebook.com/ https://*.acxiom.com/ wss://*.americanexpress.com/ https://*.akamaihd.net/ https://ajax.googleapis.com/; media-src https://ssl.gstatic.com/ https://lpcdn.lpsnmedia.net/ 'self'; frame-ancestors https://*.aexp.com/ https://*.americanexpress.com/; report-uri https://csp.tsrs.cloud/r/8213e3320410d8a1dda54abb5672c5227e1b1600; font-src https://cdnjs.cloudflare.com/ http://www.americanexpress.com/ http://www.aexp-static.com/ https://fonts.gstatic.com/ https://use.typekit.net/ 'self' http://fonts.gstatic.com/ https://fonts.googleapis.com/ https://*.bootstrapcdn.com/ https://*.aexp-static.com/ https://cloud.webtype.com/ data:; object-src 'self'; worker-src 'self' blob:; script-src http://assets.adobedtm.com/ 'self' https://*.delvenetworks.com/ https://analytics.twitter.com/ https://*.lpsnmedia.net/ https://www.gstatic.com/ https://www.googleadservices.com/ http://www.aexp-static.com/ https://secure.cmax.americanexpress.com/ https://report1.maritz.com/ https://*.google.com/ https://app.contentsquare.com/ https://va.v.liveperson.net/ https://static.doubleclick.net/ https://c.evidon.com/ https://fidoapi.com/ 'unsafe-eval' https://ajax.googleapis.com/ https://cdnjs.cloudflare.com/ https://assets.adobedtm.com/ 'unsafe-inline' https://use.typekit.net/ https://tpc.googlesyndication.com/ https://static.ads-twitter.com/ https://stags.bluekai.com/ https://*.liveperson.net/ https://www.cdn-net.com/ https://www.google-analytics.com/ https://service.maxymiser.net/ https://www.googletagmanager.com/ https://*.aexp-static.com/ https://www.youtube.com/ http://nexus.ensighten.com/ https://connect.facebook.net/ https://*.americanexpress.com/ https://cdn.appdynamics.com/ https://dpm.demdex.net/ https://ct.contentsquare.net/ https://nexus.ensighten.com/ https://contentsquare.com/ http://*.americanexpress.com/ https://*.acxiom.com/ https://*.akamaihd.net/; form-action https://www.cdn-net.com/ http://www.americanexpress.com/ https://www.facebook.com/ https://*.americanexpress.com/ 'self' https://www1.americanexpress.hr/ https://americanexpress-mx.custhelp.com/; style-src https://cdaas.americanexpress.com/ http://www.americanexpress.com/ https://secure.cmax.americanexpress.com/ 'unsafe-inline' 'self' https://fonts.googleapis.com/ https://*.aexp-static.com/ https://cloud.webtype.com/; frame-src https://connect.facebook.net/ https://icm.aexp-static.com/ https://*.americanexpress.com/ 'self' https://tpc.googlesyndication.com/ https://player.videosmart.com/ https://*.demdex.net/ https://*.liveperson.net/ https://www.youtube-nocookie.com/ https://lpcdn.lpsnmedia.net/ https://player.vimeo.com/ https://www.cdn-net.com/ https://fls.doubleclick.net/ https://www.facebook.com/ https://*.doubleclick.net/ https://www.payback.it/ https://service.maxymiser.net/ https://*.youtube.com/ https://youtube.com/ https://*.akamaihd.net/ https://unity.cadreon.com/; base-uri https://aeopprodvip.acxiom.com/ https://www.aexp-static.com/ https://ds-aksb-a.akamaihd.net/ 'self' https://iwmap.americanexpress.com/; plugin-types application/x-shockwave-flash; img-src 'self' data: https: http:; |
Strict-Transport-Security | max-age=15552000; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
icm.aexp-static.com
nexus.ensighten.com
web.aexp-static.com
www.americanexpress.com
web.aexp-static.com
18.195.42.228
184.30.19.42
23.79.152.202
0266fe41ef1dfce9ca21d8f33629b7312f612b40f2e7bb5ea88c3a0fe1d2fad4
02d9a1ffabf5798a292f4be744c698ef99d9f4a36ac72967a8aa88b1f375082a
079ac0f685062025834516ad3fa1bf4762cadaf463968148694c2bb5f49fa69c
1f9f9ff5cccfaed3f1c621581d1b3c9075fdd21acc77a48835c06fb3fe5d5804
24200008e8b94664aef5e74e0a47dc3777572abfb2beba0aac3da59b2391f2ed
2f32dacf378e89bc68f69d5e1cba344ceb8fc6054e0d8226a76551af8e9e3227
348db5d57bd1801eea0f3116afa4ca416939bd32dd68946f91e1e9e09dd7e2c8
5f9f4ccb7cfbc810dfade1040135d69b8cacf8c42dcae5b9ffd91b48d83a3711
6e49c50d3e33c9b55bfc4f208d91607bd307c8dcfdab640bd424c1f57e201a07
9bedfbcc3e602d182e232daca408a303b96620908e515e31743c2b431d416d74
abf5a0221eff45512931eabb6365ecba1f606280fa00b6fac3245b16325e45b8
ac442b9ab733783f211f85cd527a74d3165fba056e77b9fca5f4bce975a78a99
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d244bf45d93d02d5be07c7bbf4d314a8a77854a6cc6fdbd1b8e5c64a7f29b37d
df2e92078e99a3fa33062fbbae11c60e48172d79f690192fb6f9dc2fdbf0d8d0
dfbdb77ea7c4eb5406c3c3b63f45bf20cd10cbbcbe2bdf5ecb387d088d1b52d8