www.americanexpress.com Open in urlscan Pro
23.202.131.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.americanexpress.com/a/hBkcBKmAQB6DpB97tcTNxUIeVLf/amex3
Effective URL:
https://www.americanexpress.com/en-au/travel/
Submission: On May 26 via manual (May 26th 2023, 11:07:46 pm UTC) from AU — Scanned from AU

Summary HTTP 175 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 175 HTTP transactions. The main IP is 23.202.131.98, located in Singapore and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 15773.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 14th 2022. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.117.228.68 65.117.228.68	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
2	104.18.14.160 104.18.14.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	23.39.8.236 23.39.8.236	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.227.254.101 13.227.254.101	16509 (AMAZON-02) (AMAZON-02)
8	104.18.30.121 104.18.30.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	23.202.131.98 23.202.131.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.227.254.116 13.227.254.116	16509 (AMAZON-02) (AMAZON-02)
2	198.217.251.251 198.217.251.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	125.56.219.3 125.56.219.3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	139.71.116.44 139.71.116.44	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	23.202.130.237 23.202.130.237	16625 (AKAMAI-AS) (AKAMAI-AS)
10	139.71.118.118 139.71.118.118	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
6	23.21.213.237 23.21.213.237	14618 (AMAZON-AES) (AMAZON-AES)
10	139.71.113.137 139.71.113.137	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
3	13.55.4.2 13.55.4.2	16509 (AMAZON-02) (AMAZON-02)
1	63.140.48.134 63.140.48.134	16509 (AMAZON-02) (AMAZON-02)
2	43.251.41.15 43.251.41.15	11054 (LIVEPERSON) (LIVEPERSON)
3	43.251.41.5 43.251.41.5	11054 (LIVEPERSON) (LIVEPERSON)
1	151.101.129.192 151.101.129.192	54113 (FASTLY) (FASTLY)
6	103.42.133.35 103.42.133.35	11054 (LIVEPERSON) (LIVEPERSON)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
3	18.203.241.111 18.203.241.111	() ()
175	22

1 65.117.228.68 (Blairstown, United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)

email.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.14.160 (None, )

ASN13335 (CLOUDFLARENET, US)

travel.americanexpress.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 23.39.8.236 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-8-236.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-101.sin52.r.cloudfront.net

js-cdn.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.30.121 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.switchfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.202.131.98 (Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-131-98.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-116.sin52.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.217.251.251 (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 125.56.219.3 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a125-56-219-3.deploy.static.akamaitechnologies.com

service.maxymiser.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.116.44 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: consumer-travel1.americanexpress.com

consumer-travel.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.202.130.237 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-130-237.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.71.118.118 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions1a.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.21.213.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-213-237.compute-1.amazonaws.com

lib-us-1.brilliantcollector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.71.113.137 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi11.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.55.4.2 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com

tms.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.48.134 (United States)

ASN16509 (AMAZON-02, US)

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.251.41.15 (Australia)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.251.41.5 (Australia)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.192 (United States)

ASN54113 (FASTLY, US)

publisher.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.42.133.35 (Australia)

ASN11054 (LIVEPERSON, US)

lpchat.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.241.111 (None, )

ASN- ()

bf44539bru.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 11755 icm.aexp-static.com — Cisco Umbrella Rank: 17091	2 MB
47	americanexpress.com 3 redirects email.americanexpress.com — Cisco Umbrella Rank: 125036 www.americanexpress.com — Cisco Umbrella Rank: 15773 tms.americanexpress.com — Cisco Umbrella Rank: 19698 Failed consumer-travel.americanexpress.com — Cisco Umbrella Rank: 137922 one-xp.americanexpress.com — Cisco Umbrella Rank: 21880 functions.americanexpress.com — Cisco Umbrella Rank: 20346 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 18680 omns.americanexpress.com — Cisco Umbrella Rank: 15712 lpchat.americanexpress.com — Cisco Umbrella Rank: 28098	541 KB
8	switchfly.com cdn.switchfly.com — Cisco Umbrella Rank: 263304	2 MB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3083 publisher.liveperson.net — Cisco Umbrella Rank: 11765 va.v.liveperson.net — Cisco Umbrella Rank: 3456	128 KB
6	brilliantcollector.com lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 16841 Failed	1 KB
5	dynatrace.com js-cdn.dynatrace.com — Cisco Umbrella Rank: 5809 bf44539bru.bf.dynatrace.com Failed	169 KB
4	maxymiser.net service.maxymiser.net — Cisco Umbrella Rank: 8513	76 KB
3	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 2989	6 KB
2	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 22221	115 KB
2	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2919	23 KB
2	americanexpress.com.au travel.americanexpress.com.au	308 KB
0	cloudfront.net Failed doug1izaerwt3.cloudfront.net Failed
0	kissmetrics.com Failed i.kissmetrics.com Failed
0	demdex.net Failed dpm.demdex.net — Cisco Umbrella Rank: 200 Failed
175	14

	Domain	Requested by
63	www.aexp-static.com	travel.americanexpress.com.au www.americanexpress.com www.aexp-static.com
15	icm.aexp-static.com	www.aexp-static.com www.americanexpress.com
10	iwmapapi.americanexpress.com	www.aexp-static.com
10	functions.americanexpress.com	www.aexp-static.com
8	www.americanexpress.com	2 redirects cdn.switchfly.com www.americanexpress.com www.aexp-static.com
8	cdn.switchfly.com	travel.americanexpress.com.au cdn.switchfly.com
6	lpchat.americanexpress.com	lptag.liveperson.net
6	lib-us-1.brilliantcollector.com	travel.americanexpress.com.au www.aexp-static.com
4	one-xp.americanexpress.com	www.aexp-static.com
4	consumer-travel.americanexpress.com	travel.americanexpress.com.au www.aexp-static.com
4	service.maxymiser.net	www.aexp-static.com
3	va.v.liveperson.net	lptag.liveperson.net
3	accdn.lpsnmedia.net	lptag.liveperson.net lpchat.americanexpress.com
3	bf44539bru.bf.dynatrace.com	js-cdn.dynatrace.com
3	tms.americanexpress.com	travel.americanexpress.com.au www.aexp-static.com
2	lptag.liveperson.net	www.aexp-static.com
2	songbird.cardinalcommerce.com	travel.americanexpress.com.au
2	nexus.ensighten.com	travel.americanexpress.com.au
2	js-cdn.dynatrace.com	travel.americanexpress.com.au www.aexp-static.com
2	travel.americanexpress.com.au	travel.americanexpress.com.au
1	publisher.liveperson.net	lptag.liveperson.net
1	omns.americanexpress.com	www.aexp-static.com
1	email.americanexpress.com	1 redirects
0	doug1izaerwt3.cloudfront.net Failed	travel.americanexpress.com.au
0	i.kissmetrics.com Failed	travel.americanexpress.com.au
0	dpm.demdex.net Failed	www.aexp-static.com
175	26

This site contains links to these domains. Also see Links.

Domain
global.americanexpress.com
www140.americanexpress.com
travel.americanexpress.com.au
www.amexglobalbusinesstravel.com
network.americanexpress.com
hotel-booking.americanexpress.com
consumer-travel.americanexpress.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
travel.americanexpress.co.uk DigiCert SHA2 Extended Validation Server CA	`2023-03-14` - `2024-03-12`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
js-cdn.dynatrace.com Amazon RSA 2048 M01	`2023-02-02` - `2024-03-02`	a year	crt.sh
switchfly.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.maxymiser.net DigiCert TLS RSA SHA256 2020 CA1	`2023-01-26` - `2024-01-26`	a year	crt.sh
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-14` - `2023-09-14`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
consumer-travel1.americanexpress.com DigiCert EV RSA CA G2	`2023-03-25` - `2024-03-21`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2022-09-13` - `2023-09-12`	a year	crt.sh
functions1a.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-21` - `2023-09-21`	a year	crt.sh
*.brilliantcollector.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-16`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-08-10` - `2023-08-09`	a year	crt.sh
tms.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
omns.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-10`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
liveperson.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-28` - `2024-01-29`	a year	crt.sh
lpchat.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-07-12` - `2023-07-11`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-02-13` - `2024-01-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.americanexpress.com/en-au/travel/
Frame ID: D0F46A60858AC62A6DBC52518E7394F5
Requests: 165 HTTP requests in this frame

Frame: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: B2E391894EA35675835AE1F2D3DC30F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Book Flights, Hotels, Cars | Amex Travel AU

Page URL History Show full URLs

https://email.americanexpress.com/a/hBkcBKmAQB6DpB97tcTNxUIeVLf/amex3 HTTP 307
https://travel.americanexpress.com.au/apps/shopping/ Page URL
https://www.americanexpress.com/en-au/travel/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Page Statistics

175
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

26
Subdomains

22
IPs

4
Countries

5294 kB
Transfer

21467 kB
Size

47
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://global.americanexpress.com/dashboard?inav=au_menu_myacct_acctsum
Title: Your Account

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/ocareg/japa/action?request_type=un_Activation&Face=en_AU&inav=au_menu_myacct_activate
Title: Activate a New Card

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/ocareg/japa/action?request_type=un_Register&Face=en_AU&inav=au_menu_myacct_register
Title: Register for Online Services

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=au_menu_smallbus_acctsum
Title: Your Account

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/ocareg/japa/action?request_type=un_Activation&Face=en_AU&inav=au_menu_smallbus_activate
Title: Activate a New Card

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/intl/acctsumm/japa/accountSummary.do?request_type=&Face=en_AU&inav=au_menu_smallbus_register
Title: Register for Online Services

Search URL Search Domain Scan URL

URL: https://www140.americanexpress.com/ATWORK/en_AU/atwork.do?pageAction=initialize&inav=au_menu_busacct_atwork
Title: American Express @Work

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/intl/mrpartner/japa/unauthMrPartner.do?request_type=un_MrPartner&Face=en_AU&searchType=Travel_1&intlink=mtsi-AU-book-travel-online-iNav-prod-int&inav=au_menu_travel_pt_booktrv
Title: Book Travel Online

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=destinationguide_homepage&intlink=mtsi-AU-destination-guides-iNav-prod-int&inav=au_menu_travel_pt_destinationguides
Title: Destination Guides

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/au?inav=au_menu_travel_bt_globbustrv
Title: Global Business Travel Solutions

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/travel/arc.cfm?inav=au_menu_travel_bt_smallbusiness
Title: Small Business Travel

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/gift-cards?inav=GblMRNav-GC
Title: Use Points for Gift Cards

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/globalnetwork/?ref=prop&inav=au_menu_business_network_home
Title: Global Network Home

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/apps/shopping/?linknav=au-travel-subnav-travel-logo

Search URL Search Domain Scan URL

URL: https://hotel-booking.americanexpress.com/en-au/fhr/welcome?linknav=au-travel-subnav-searchbook-fhr
Title: Fine Hotels + Resorts

Search URL Search Domain Scan URL

URL: https://hotel-booking.americanexpress.com/en-au/thc/welcome?linknav=au-travel-subnav-searchbook-thc
Title: The Hotel Collection

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=audomestic&linknav=au-travel-subnav-hotel-sale
Title: Discover Destinations

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=travel_guide_destination_guides&linknav=au-travel-subnav-explore-destinations
Title: Destination and Hotel Guides

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=travel_guide_inspiration&linknav=au-travel-subnav-explore-inspiration
Title: Inspiration Tips & Advice

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=travel_support&linknav=au-travel-subnav-support-contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=faq&linknav=au-travel-subnav-support-faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=terms&linknav=au-travel-subnav-support-termsconditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=qantastravelcredit&linknav=au-travel-subnav-support-qftravelcredit
Title: How to Use Your Qantas Travel Credit

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=paywithpoints&linknav=au-travel-subnav-support-paywithpoints
Title: How to Use Your Membership Rewards® Points

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com.au/service/static_page.cfm?page=travelcredit&linknav=au-travel-subnav-support-travelcredit
Title: How to Use Your Travel Credit

Search URL Search Domain Scan URL

URL: https://consumer-travel.americanexpress.com/en-au/travel/flights
Title: Explore Now.

Search URL Search Domain Scan URL

URL: https://hotel-booking.americanexpress.com/en-au/fhr/welcome
Title: Find out more.

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/intl/mrpartner/japa/unauthMrPartner.do?request_type=un_MrPartner&Face=en_AU&searchType=Travel_1&intlink=mtsi-AU-HP-Footer-prod-int&inav=au_sitefooter_book_travek
Title: Book Travel

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/en/atm_locator/?ref=prop&inav=au_sitefooter_atm
Title: ATM Locator

Search URL Search Domain Scan URL

URL: https://www.facebook.com/americanexpressaustralia?inav=au_sitefooter_facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.facebook.com/americanexpressaustralia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amexau

Search URL Search Domain Scan URL

URL: https://twitter.com/amexau

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpressAU

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.americanexpress.com/a/hBkcBKmAQB6DpB97tcTNxUIeVLf/amex3 HTTP 307
https://travel.americanexpress.com.au/apps/shopping/ Page URL
https://www.americanexpress.com/en-au/travel/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://email.americanexpress.com/a/hBkcBKmAQB6DpB97tcTNxUIeVLf/amex3 HTTP 307
https://travel.americanexpress.com.au/apps/shopping/

Request Chain 4

https://www.americanexpress.com/ensighten-head-intl HTTP 301
https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js

Request Chain 19

https://www.americanexpress.com/adobetrackingintl?ens_mk=au_en HTTP 301
https://www.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=au_en

Request Chain 25

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1685142445258 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1685142445258

175 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
travel.americanexpress.com.au/apps/shopping/
Redirect Chain

https://email.americanexpress.com/a/hBkcBKmAQB6DpB97tcTNxUIeVLf/amex3
https://travel.americanexpress.com.au/apps/shopping/

2 MB
308 KB

1795ms
1156ms

Document
text/html

104.18.14.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e15ab3816c7164c3612973e38d18eac9d84d1740dd478c1629bf06a5fdab75c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cd9ac793862aadb-SYD
content-encoding: br
content-language: en-AU
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Fri, 26 May 2023 23:07:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge

Redirect headers

Cache-Control: no-cache="set-cookie", private, no-cache
Connection: close
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 26 May 2023 23:07:19 GMT
Expires: Sun, 06 Nov 1994 08:49:37 GMT
Location: https://travel.americanexpress.com.au/apps/shopping/#/search/air
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests

GET
H2 200 mmcore.js Show response
www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/ 18 KB
7 KB 1025ms
271ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b706a37d3b4005875071e3743fab073a7722c698bcda3bf8eee83a70d7e9bd2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:22 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 13:25:17 GMT
etag: W/"5e43fcbd-48d8"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 6771

GET
H2 200 6ca3e714188238c8_complete.js Show response
js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/ 210 KB
82 KB 600ms
215ms Script
application/javascript 13.227.254.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/6ca3e714188238c8_complete.js
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-101.sin52.r.cloudfront.net
Software: /
Resource Hash: 115dd089cb8596cb0c05b851f13fbc7dc0ce551e8e20a67689275b5b1ae8ffe1

Request headers

Referer: https://travel.americanexpress.com.au/
Origin: https://travel.americanexpress.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:42:49 GMT
content-encoding: gzip
via: 1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1473
x-cache: Hit from cloudfront
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-id: 85GR0FBXCUS8
dynatrace-response-source: Cluster
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
x-amz-cf-id: cHi8Bd0WMgpj2JLDjoVbHgCV6Ja7uR405cbfZiB34H2_LbN7ml08fA==
expires: Fri, 26 May 2023 23:42:49 GMT

GET
H2 200 americanexpress-theme.base.css
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/ 425 KB
49 KB 318ms
110ms Stylesheet
text/css 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/americanexpress-theme.base.css

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab63f7b580437f3236cbd0bf39fe8577f711a90f09b132b092dc9208fc2d543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 14:55:12 GMT
server: cloudflare
age: 3466
etag: W/"646e2550-6a241"
vary: Accept-Encoding
content-type: text/css
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac874a92aadd-SYD
expires: Sat, 27 May 2023 01:07:22 GMT

GET
H2

200

Bootstrap.js Show response
nexus.ensighten.com/amex/intl_amexhead/
Redirect Chain

https://www.americanexpress.com/ensighten-head-intl
https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js

84 KB
22 KB

619ms
213ms

Script
application/javascript

13.227.254.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Server: 13.227.254.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-116.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: c6e826033b54380952e3a6342868f56eb60b1cc79e9fa4c30212df496a153a95

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 04:35:25 GMT
x-amz-version-id: Bm0BKTIGLZI2f0FaoSDc..y94u1BXYJ7
content-encoding: gzip
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 3263519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Apr 2023 04:33:17 GMT
server: CloudFront
etag: W/"e7b9f9e8f8c59efb8f845e8a4bdf917f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: 7IOIt5NVnJsle6sLed3Hb_RzIeoY2_Tdc7oOqJ4mzGzkXNiDIGP_sQ==

Redirect headers

location: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
date: Fri, 26 May 2023 23:07:22 GMT
server: AkamaiGHost
content-length: 0
x-frame-options: SAMEORIGIN

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
1 KB 216ms
214ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-962"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 989

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
922 B 215ms
214ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66e"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 743

GET
H2 200 dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
921 B 216ms
215ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66b"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 742

GET
H2 200 dls-flag-au.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/ 1 KB
846 B 219ms
218ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-au.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fcbe41a9db3653286c3acedee11eecdfe197ee65dec493d272477c1322c2ec3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 17:15:25 GMT
etag: W/"5f52762d-5db"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 667

GET
H2 200 navScript.js Show response
www.aexp-static.com/cdaas/one/statics/@americanexpress/axp-nav-partial-utility/1.0.1/package/dist/ 2 KB
1 KB 227ms
226ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/axp-nav-partial-utility/1.0.1/package/dist/navScript.js
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3002b7789afb7f37a8fe978ef834996ac8de9eab73e86e7c1a58a31c1f7acbc0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 01:51:04 GMT
etag: W/"61f9e388-95b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1097

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 2 KB
890 B 227ms
227ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 712

GET
H2 200 dls-flag-au.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/ 1 KB
875 B 768ms
211ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/dls-flag-au.svg
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fcbe41a9db3653286c3acedee11eecdfe197ee65dec493d272477c1322c2ec3

Request headers

Referer: https://travel.americanexpress.com.au/
Origin: https://travel.americanexpress.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:25 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-5db"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://travel.americanexpress.com.au
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 667

GET
H2 200 vendor.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/ 2 MB
415 KB 110ms
110ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/vendor.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08140ac3b44fe55950f3816f650fb4de0679abd5e90afb38fdc8e0b90ebc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 18:46:31 GMT
server: cloudflare
age: 95
etag: W/"63d81087-1c084e"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac8c58a1aadd-SYD
expires: Sat, 27 May 2023 01:07:22 GMT

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 517ms
130ms Script
application/javascript 198.217.251.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.217.251.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:23 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 887
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rNQquwsWO7IWyqkuqnhBD3rU%2B%2BsDFKMFn2CU1bfMWwsC2HmWi5lzlfv02GDkhNWUmnyDPKVdw%2BELeYvygjDqT1%2Bi5qXiyvmp2zvSTstD2UWKJ%2FHdFrkHjpF%2BVQazpcVDb81c8zGyeXTIziZALq0"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7cd9ac925faba971-SYD
expires: Sat, 27 May 2023 03:07:23 GMT

GET
H2 200 app.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/ 3 MB
569 KB 117ms
117ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/app.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c795e2a39d99d8c49ac122f66b4ca1efeed632ea83cac74f4b5f829555fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 22:26:02 GMT
server: cloudflare
age: 244
etag: W/"646d3d7a-2de722"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac93299caadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2 200 analytics-americanexpress-autravel.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/ 294 KB
63 KB 106ms
105ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/analytics-americanexpress-autravel.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa887f01c191bc2fa55fff1a1a5bc896df5d0f5e83bd37c3b52fdd42e979f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 21:55:35 GMT
server: cloudflare
age: 244
etag: W/"646d3657-49942"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac942aefaadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2 200 templates.common.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/ 2 MB
248 KB 110ms
110ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/templates.common.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d5c2cf4e26e38fb79b8836ea8252f465fd3f785a00c69f445ca2567c43d242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 21:55:35 GMT
server: cloudflare
age: 97
etag: W/"646d3657-23a036"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac94ebbeaadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2 200 templates.base.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/ 632 KB
73 KB 326ms
326ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/templates.base.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81cb121fb113120ebf77993bdda7aa738672437b5dbd6110031af2b77f3d9541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 21:55:35 GMT
server: cloudflare
content-encoding: br
etag: W/"646d3657-9df79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac95dd05aadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2 200 clients-americanexpress-autravel.base.js Show response
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/ 8 KB
2 KB 107ms
107ms Script
application/javascript 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/templates/clients-americanexpress-autravel.base.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e57f2799ec336394ea2ea632b603fa7a82adb18841349b3e6c1763543845646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 18:46:30 GMT
server: cloudflare
age: 111
etag: W/"63d81086-209c"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac95fd29aadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2

200

Bootstrap.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/amex/
Redirect Chain

https://www.americanexpress.com/adobetrackingintl?ens_mk=au_en
https://www.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=au_en

74 KB
21 KB

550ms
549ms

Script
application/javascript

23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=au_en
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1109d3782893c5f4020fe850feb00315a0f9fcaf67e8d8412910749402b4f9da

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:25 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 04:41:38 GMT
etag: W/"64363682-12648"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 21644

Redirect headers

location: https://www.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=au_en
date: Fri, 26 May 2023 23:07:24 GMT
server: AkamaiGHost
content-length: 0
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
service.maxymiser.net/cg/v5us/ 89 KB
13 KB 1228ms
551ms Script
text/javascript 125.56.219.3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://service.maxymiser.net/cg/v5us/?fv=dmn%3Damericanexpress.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Ftravel.americanexpress.com.au%252Fapps%252Fshopping%252F%2523%252Fsearch%252Fair%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.15&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=f

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.219.3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-219-3.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a32ee5d0e6b2ba1fd3feb7676f215c160a791ee1e940702bc18f4bd8f046d310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travel.americanexpress.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 23:07:24 GMT
last-modified: 05/26/2023 23:07:23
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
p3p: CP="DEV IND NOI OTC OUR PSA PSD"
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-length: 13394
x-xss-protection: 1; mode=block
expires: Sun, 06 Jan 1980 01:00:00 GMT

GET
H2 200 mmpackage-1.25.js Show response
service.maxymiser.net/platform/us/api/ 78 KB
24 KB 191ms
191ms Script
application/x-javascript 125.56.219.3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/platform/us/api/mmpackage-1.25.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 125.56.219.3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a125-56-219-3.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b

Request headers

Referer: https://travel.americanexpress.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 12:13:48 GMT
server: AkamaiNetStorage
etag: "b9f18659b30ebfd24842a8cf31daa2ee:1597407230.752156"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24788

GET
H2 200 americanexpress-theme.base-blessed1.css
cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/ 557 KB
274 KB 106ms
106ms Stylesheet
text/css 104.18.30.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/americanexpress-theme.base-blessed1.css?z=770

Requested by

Host: cdn.switchfly.com
URL: https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/americanexpress-theme.base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0345827ee73091390aed0139294e2e868fb1e6753810b2286e6c843abee1de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/css/americanexpress/americanexpress-theme.base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 14:55:12 GMT
server: cloudflare
age: 3467
etag: W/"646e2550-8b570"
vary: Accept-Encoding
content-type: text/css
content-encoding: br
cache-control: public, max-age=7200
timing-allow-origin: *
cf-ray: 7cd9ac963d82aadd-SYD
expires: Sat, 27 May 2023 01:07:24 GMT

GET
H2 200 visitorAPI-intl.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/ 62 KB
20 KB 574ms
574ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-intl.js
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 92d6902ebdba5d950efdcfb82128c9f96779f046bf85a648a2e906507fdf25ff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:25 GMT
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:58:23 GMT
etag: W/"634d435f-f6f2"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 20570

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
112 KB 496ms
116ms Script
application/javascript 198.217.251.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.217.251.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://travel.americanexpress.com.au/
Origin: https://travel.americanexpress.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:25 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4231423
cf-polished: origSize=397453
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLnxuEAzYnNX8ecWgUKTfYO3WU5ybNciKc2XCbMnuG%2FoIIlcRmDHiCdO5zLKwbpxEDsOzKbzrBthrb4Xrwncxe0LrgU%2BbxCH1MZh8wkNFdquwzkRn2DhkI%2FyvKhMnncDVte1X%2FTnajz43hjRg4nH"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 7cd9ac9af956a937-SYD
expires: Wed, 22 Nov 2023 23:07:25 GMT

GET

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1685142445258
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1685142445258

0
0

GET serverComponent.php
tms.americanexpress.com/amex/ 0
0

OPTIONS 1bb01419c6574813aea716cb0726f2e8
lib-us-1.brilliantcollector.com/collector/switch/ Frame 0
0

OPTIONS collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame 0
0

GET 1bb01419c6574813aea716cb0726f2e8
lib-us-1.brilliantcollector.com/collector/switch/ 0
0

POST collectorPost
lib-us-1.brilliantcollector.com/collector/ 0
0

POST
H2 200 register
travel.americanexpress.com.au/apps/shopping/ 84 B
656 B 436ms
436ms XHR
application/json 104.18.14.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.americanexpress.com.au/apps/shopping/register

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

CSRF_TOKEN: a7837947282c4b3fca9c739ffa09e11ceed34e67
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json; charset=utf-8
Referer: https://travel.americanexpress.com.au/apps/shopping/
X-Requested-With: XmlHttpRequest
ADRUM: isAjax:true

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:07:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
server: cloudflare
adrum_0: g:a76bec0b-d58d-44a9-acf8-e9e15fe4ce47
x-frame-options: SAMEORIGIN
adrum_1: n:Switchfly_c958c6de-08d3-4c34-b920-c28311ba19fb
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7cd9ac9ded17aadb-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Primary Request / Show response
www.americanexpress.com/en-au/travel/ 114 KB
25 KB 272ms
272ms Document
text/html 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/en-au/travel/

Requested by

Host: cdn.switchfly.com
URL: https://cdn.switchfly.com/static/9c40d75/resources/shopping/.build/scripts/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

7a4446627c9b449b1586419298b5498898ec45471bf1bbf03c0b9bb76538af63

Security Headers

Name	Value
Content-Security-Policy	report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-8281548303f70e081363e2f71e4865ae' 'self' .aexp.com .americanexpress.com .aexp-static.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-8281548303f70e081363e2f71e4865ae' 'nonce-9f024d94-8f80-401f-9a27-adebaefcdb21' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com; frame-ancestors none; frame-src .aexp-static.com .americanexpress.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn service.maxymiser.net; font-src .aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net .aexp-static.com *.aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travel.americanexpress.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 21238
content-security-policy: report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-8281548303f70e081363e2f71e4865ae' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-8281548303f70e081363e2f71e4865ae' 'nonce-9f024d94-8f80-401f-9a27-adebaefcdb21' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com *.americanexpress.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src *.aexp-static.com *.americanexpress.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn service.maxymiser.net; font-src *.aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net *.aexp-static.com *.aexp.com
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 23:07:26 GMT
etag: W/"1c6f1-P1xcyxER4QHWE40KTH1lS5z33IE"
one-app-version: 5.13.0-e28210f6
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 21138 0 pmb=mTOE,1
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST bf
bf44539bru.bf.dynatrace.com/ 0
0

POST collectorPost
lib-us-1.brilliantcollector.com/collector/ 0
0

GET i.js
i.kissmetrics.com/ 0
0

GET c871528fcdd6227631d23ee9ee9b6070d1468c78.1.js
doug1izaerwt3.cloudfront.net/ 0
0

GET
H2 200 serverComponent.php
nexus.ensighten.com/amex/intl_amexhead/ 291 B
599 B 195ms
195ms Script
text/javascript 13.227.254.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead/serverComponent.php?namespace=INTLamexhead&staticJsPath=nexus.ensighten.com/amex/intl_amexhead/code/&publishedOn=Wed%20Apr%2019%2004:33:14%20GMT%202023&ClientID=218&PageID=https%3A%2F%2Ftravel.americanexpress.com.au%2Fapps%2Fshopping%2F%23%2Fsearch%2Fair
Requested by: Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-116.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://travel.americanexpress.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 291
x-amz-cf-id: 3RWsmDE32HFiFAQobzxMmysdX38PG7OlAyGZdr_yG6dA3aisDunu5Q==
expires: Fri, 26 May 2023 23:07:25 GMT

GET da73fa0b72cf63269abf55638e50d0cd.js
nexus.ensighten.com/amex/intl_amexhead/code/ 0
0

POST
H/1.1 204
No Content csp-violation
consumer-travel.americanexpress.com/_/report/security/ 0
4 KB 2080ms
575ms Other
text/plain 139.71.116.44
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://consumer-travel.americanexpress.com/_/report/security/csp-violation

Requested by

Host: travel.americanexpress.com.au
URL: https://travel.americanexpress.com.au/apps/shopping/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.116.44 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

consumer-travel1.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com .aexp-static.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-5ef9e073-252f-4138-a227-31d1d6575be0' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com; frame-ancestors none; frame-src .aexp-static.com .americanexpress.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn service.maxymiser.net; font-src .aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net .aexp-static.com *.aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-5ef9e073-252f-4138-a227-31d1d6575be0' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com *.americanexpress.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src *.aexp-static.com *.americanexpress.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn service.maxymiser.net; font-src *.aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net *.aexp-static.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Fri, 26 May 2023 23:07:28 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 5.13.0-e28210f6
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 dls.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/ 343 KB
46 KB 199ms
199ms Stylesheet
text/css 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74015fccf87ad143f1285f9f7aee8f5199d88822239e1315f3f25cd131b47afc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 15:56:14 GMT
etag: W/"6349869e-55b53"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 46837

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/ 431 KB
114 KB 726ms
724ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 666482ae3f904190f36dbe56980a231b30659a19451a7e0da14f2fdfc17e0b8f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 18:25:24 GMT
etag: W/"620e9314-6bc54"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 116464

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/ 16 KB
6 KB 484ms
482ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 18:25:24 GMT
etag: W/"620e9314-3e70"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 5625

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/ 148 KB
49 KB 485ms
483ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c89cf198bfb7ee5661fe2ea31a5e6bd0799dd5486305b82167931045ef7b30a

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 18:25:25 GMT
etag: W/"620e9315-251b4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 49329

GET
H2 200 en-AU.js Show response
www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/i18n/ 3 KB
1 KB 611ms
609ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/i18n/en-AU.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 440f9c106d9833b9d87a14ad3468181bffe9314883046d11123e0942984db90d

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 18:25:25 GMT
etag: W/"620e9315-c21"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1123

GET
H2 200 axp-consumer-travel-root.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/ 3 MB
679 KB 804ms
802ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28706430e55b7747b20f2f919875cba6aa29d21da879dbfdd39c84e192a93a9e

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 09:12:56 GMT
etag: W/"645e0318-32ce33"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 693523

GET
H2 200 axp-travel-home.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-home/4.55.0/ 219 KB
61 KB 210ms
208ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-home/4.55.0/axp-travel-home.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b2e1fee7d63d1cd9fa7a622ea33c0e35365b039f899d783f735ec87d0b48efcf

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 14:14:47 GMT
etag: W/"6464e157-36aa4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 62356

GET
H2 200 axp-travel-page-wrapper.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/ 71 KB
21 KB 210ms
208ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/axp-travel-page-wrapper.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a810ffc6315b8f90ad39bf836900709d86beca9b67e6bfc86006502bcdd55fd1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 11:37:11 GMT
etag: W/"644bafe7-11ddb"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 20702

GET
H2 200 axp-footer.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.29.0/ 306 KB
81 KB 839ms
838ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.29.0/axp-footer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7037f212ce10d153643f274fdc2268892c713626fc4dd074261ba728fd2122ef

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 00:21:29 GMT
etag: W/"6452fa89-4c906"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 82545

GET
H2 200 axp-travel-navigation.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-navigation/4.13.0/ 75 KB
17 KB 783ms
781ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-navigation/4.13.0/axp-travel-navigation.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72528ea48d6d6959e677c8c2fbab95057a2d219c64a5c285256d06937344ea0b

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 13:05:21 GMT
etag: W/"6447d011-12a40"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 16662

GET
H2 200 axp-travel-home-search.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-home-search/4.5.0/ 72 KB
22 KB 616ms
615ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-home-search/4.5.0/axp-travel-home-search.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f2cd9cf34c04082673a819f406d26fc672875c1323cfbf5976d241d804429f9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 09:13:15 GMT
etag: W/"645e032b-11e22"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 22023

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/ 314 KB
95 KB 873ms
872ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e2401edc898f0ebd685f99752832539d5339729adaeb456f7398a14ccbe75510

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 18:25:24 GMT
etag: W/"620e9314-4e908"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 96388

GET
H2 200 YCNgNBs Show response
www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/ 199 KB
75 KB 313ms
312ms Script
application/javascript 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cfed35db387fc559b80db4c9c0fd4f633570aa6cf910cf7093cc696bfbd9e9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/en-au/travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:26 GMT
content-encoding: br
last-modified: Wed, 26 Apr 2023 15:12:22 GMT
etag: "b5b1e1099f9b704c0fa9fa1c4b07b6dcdfe6435adb2f0131905968e806913a8f"
stored-attribute-sha-checksum: 1cfed35db387fc559b80db4c9c0fd4f633570aa6cf910cf7093cc696bfbd9e9e
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21600
content-length: 75425

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 1202ms
458ms Preflight 23.202.130.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.130.237 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-130-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:28 GMT
Expires: Fri, 26 May 2023 23:07:28 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 445 B
403 B 1005ms
294ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1685142

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

22cdbc8c0a8d9a8b744512fd34adb445dc780e7030f29028cba604b5f037c266

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 317

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 445 B
401 B 1000ms
289ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-identity-session&version=%5E1.0.0&environment=e3&cache=1685142

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

a73cf9b2cc85da3ca2742718a6654e4cf0a5d4c548d2203d018127afa1015375

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 451 B
493 B 999ms
289ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-stream-data-handler&version=%5E0.1.2&environment=e3&cache=1685142

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

19a9d930e0e8c2d6c16d7d296cf2d5d341b4ca9d6df2f815e6ab11456de8ff1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 506 B
2 KB 1063ms
503ms Fetch
application/json 23.202.130.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.130.237 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-130-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34ecd07b88996279cfb342f9955757257a620678979fd72551a3492da348c9e0

Request headers

Accept: application/json
Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:30 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 506
Expires: Fri, 26 May 2023 23:07:30 GMT

GET
H2 404 axp-travel-page-wrapper.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/en-au/ 146 B
896 B 206ms
206ms Fetch
text/html 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/en-au/axp-travel-page-wrapper.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:27 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 146

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 444 B
414 B 998ms
296ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=1.0.0&environment=e3&cache=1685142

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

4fab777e0d88461765c83094d436b0acabbb7e944b76ab0d845078ec6eb7f511

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 328

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 431 B
401 B 996ms
293ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=maxymiser&version=2.0.0&environment=e3&cache=1685142

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

43ab8c145891f8208347411b1a9eda986f9698d45fb618bbe47840b4488f2d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 438 B
405 B 993ms
291ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=%5E0.1.0&environment=e3&cache=1685142

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

8cb6dfb5acd3a26783f6ea57c9675d15b91059f974c5414c9fc47fbc1592b24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 320

GET
H2 200 tealeaf.v1.amextravel.int.js Show response
www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/ 196 KB
60 KB 572ms
571ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d62c4b2d563b82577275467f393a560c48e35dfa78472cb3d18c4a6616fbb130

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 17:23:47 GMT
etag: W/"6102e423-30e9e"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *

GET
H2 200 6ca3e714188238c8_complete.js Show response
js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/ 210 KB
82 KB 210ms
210ms Script
application/javascript 13.227.254.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/6ca3e714188238c8_complete.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-101.sin52.r.cloudfront.net
Software: /
Resource Hash: 115dd089cb8596cb0c05b851f13fbc7dc0ce551e8e20a67689275b5b1ae8ffe1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:42:49 GMT
content-encoding: gzip
via: 1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1478
x-cache: Hit from cloudfront
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-id: 85GR0FBXCUS8
dynatrace-response-source: Cluster
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
x-amz-cf-id: 96ywAd8JtTh6IMWADTA3_wL7qvHe8RtFxBNgtszN6qE2kxeH3-lGnA==
expires: Fri, 26 May 2023 23:42:49 GMT

GET
H2 400 ReadUserSession.v1 Show response
functions.americanexpress.com/ 104 B
300 B 966ms
285ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadUserSession.v1

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

fc0ee9476197548dbfb6314915f5e97a80d1983e7dd441572ca23771f351a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:28 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 400
content-length: 123

POST
H2 201 YCNgNBs Show response
www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/ 18 B
843 B 621ms
620ms XHR
application/json 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-au/travel/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 6383fdb1-680c-44c2-aa18-28749dda5411
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 axp-travel-page-wrapper.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/en-us/ 38 B
900 B 212ms
212ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/en-us/axp-travel-page-wrapper.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28f23e474585e8c78c33fac7005a53939a789b385745f7297d17bac9a86dc639

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 11:37:05 GMT
etag: "644bafe1-26"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 49

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 988ms
437ms Preflight 23.202.130.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.130.237 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-130-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:28 GMT
Expires: Fri, 26 May 2023 23:07:28 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 506 B
2 KB 1052ms
445ms Fetch
application/json 23.202.130.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.130.237 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-130-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34ecd07b88996279cfb342f9955757257a620678979fd72551a3492da348c9e0

Request headers

Accept: application/json
Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:30 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 506
Expires: Fri, 26 May 2023 23:07:30 GMT

GET
H2 200 axp-global-header.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.6/ 218 KB
46 KB 196ms
196ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.6/axp-global-header.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0046b29b4fd29215318f4d42bd1b249ab569c60f715e7fb343a098d767554712

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 01:58:49 GMT
etag: W/"64531159-366ae"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 46826

GET
H2 200 seo-meta.json Show response
icm.aexp-static.com/Internet/travel/consumer-travel/en-au/ 2 KB
1 KB 345ms
198ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/consumer-travel/en-au/seo-meta.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

cfef5e1b7dc00872d6c472e0166c26a86b9c2ae60ece9d2c59fd8f4edc402ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 13:56:28 GMT
etag: "64a-5e3b026ce1580-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9050
accept-ranges: bytes
content-length: 555

GET
H2 200 homepage.json Show response
icm.aexp-static.com/Internet/travel/consumer-travel/en-au/ 332 B
848 B 346ms
201ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/consumer-travel/en-au/homepage.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

687aae7960b19955003b5dcbb53524bf6b81542043a50308dae097fbae63bb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 May 2023 14:23:28 GMT
etag: "14c-5fbd050a46ee4-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=4900
accept-ranges: bytes
content-length: 188

GET
H2 200 axp-travel-home.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-home/4.55.0/en-au/ 1 KB
1 KB 205ms
205ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-home/4.55.0/en-au/axp-travel-home.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec66c0dede654509bba30765cf2daa6182ec873c75276ed60bd0b1a789dbccea

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 14:14:35 GMT
etag: W/"6464e14b-496"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 522

GET
H2 200 axp-footer.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.29.0/en-au/ 6 KB
2 KB 195ms
195ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.29.0/en-au/axp-footer.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2356b8ef71a9f274586cbd858feef8715ca019ccb4d873fcc3381d4975d410a1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 00:21:19 GMT
etag: W/"6452fa7f-18c2"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1607

GET
H2 200 mobile-travel-logo_en-us.svg
icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/ 9 KB
3 KB 1113ms
1012ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/mobile-travel-logo_en-us.svg

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

be3907ff66a59b452d049f2b1ae18b3813c530a8d9ca69337d3bd454e3925819

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Wed, 03 May 2023 13:02:15 GMT
etag: "24f6-5fac9aa478a47-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=784
accept-ranges: bytes
content-length: 3213

GET
H2 200 desktop-travel-logo_en-us.svg
icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/ 4 KB
1 KB 1112ms
1011ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/Internet/travel/global-travel-navigation/en-us/desktop-travel-logo_en-us.svg

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

e073e22baceade70200ef4d9b29eba20d6d61908ec35b27966bd048356bd8119

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 May 2023 13:21:30 GMT
etag: "ece-5fac9ef2350fa-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=784
accept-ranges: bytes
content-length: 1288

POST
H2 201 YCNgNBs Show response
www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/ 18 B
856 B 571ms
571ms XHR
application/json 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-au/travel/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 777763a5-c645-4a53-8df5-71f37db54efc
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 2 KB
890 B 207ms
207ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 712

GET
H2 200 dls-flag-au.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/ 1 KB
872 B 206ms
205ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/dls-flag-au.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fcbe41a9db3653286c3acedee11eecdfe197ee65dec493d272477c1322c2ec3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-5db"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 667

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame 0
0 286ms
286ms Preflight 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods: POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 26 May 2023 23:07:28 GMT
server: istio-envoy
vary: Accept-Encoding,Origin
x-envoy-upstream-service-time: 0

POST
H/1.1 204
No Content csp-violation
consumer-travel.americanexpress.com/_/report/security/ 0
4 KB 274ms
274ms Other
text/plain 139.71.116.44
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://consumer-travel.americanexpress.com/_/report/security/csp-violation

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.116.44 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

consumer-travel1.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com .aexp-static.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-5bf4b00f-8d8a-4710-9212-746b7fc49a48' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com; frame-ancestors none; frame-src .aexp-static.com .americanexpress.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn service.maxymiser.net; font-src .aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net .aexp-static.com *.aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-5bf4b00f-8d8a-4710-9212-746b7fc49a48' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com *.americanexpress.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src *.aexp-static.com *.americanexpress.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn service.maxymiser.net; font-src *.aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net *.aexp-static.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Fri, 26 May 2023 23:07:28 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 5.13.0-e28210f6
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET 1bb01419c6574813aea716cb0726f2e8
lib-us-1.brilliantcollector.com/collector/switch/ 0
0

POST
H2 200 collectorPost Show response
lib-us-1.brilliantcollector.com/collector/ 38 B
365 B 287ms
287ms XHR
application/json 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-Tealeaf-SyncXHR: false
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.0.0.1960
accept-language: en-AU,en;q=0.9
X-Tealeaf-MessageTypes: 2,5,14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 1bb01419c6574813aea716cb0726f2e8
X-Tealeaf-SaaS-TLTSID: 33136333481512050262923085738971
X-Requested-With: XMLHttpRequest
X-TealeafType: GUI
X-PageId: P.R9SEAKP58K6VJNU63T578QGRRH8C
X-TeaLeaf-Page-Url: /en-au/travel/
Referer

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
dcname: prod-dal
server: istio-envoy
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
tltsid: 33136333481512050262923085738971
nodeid: wscollector-7bb4c876c7-vr49m
content-length: 38
expires: Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 200 axp-travel-advisory.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-advisory/3.2.0/ 10 KB
4 KB 271ms
271ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-advisory/3.2.0/axp-travel-advisory.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aad23e3b2e9dcb5f769061f94267c22a4d327797caa5792d6b7b52b2d9163507

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 12:15:00 GMT
etag: W/"63bd56c4-2779"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 3497

GET
H2 200 axp-travel-search-redirect.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-redirect/3.7.0/ 84 KB
22 KB 262ms
262ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-redirect/3.7.0/axp-travel-search-redirect.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 347fca797b8281eca748382485227493100e5d3875f8b57f637cd8499cbeb226

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 11:37:10 GMT
etag: W/"64675f66-150f8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 22164

GET
H2 200 axp-travel-search-interstitial.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-interstitial/4.2.0/ 20 KB
6 KB 262ms
262ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-interstitial/4.2.0/axp-travel-search-interstitial.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0278d9b6ce855dd92265507d1bfbc3ad10459d3f8fa85a4ae0c05d2b8bb374b

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 13:04:04 GMT
etag: W/"63bd6244-4e42"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 5704

GET
H2 200 axp-travel-search-date-picker.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-date-picker/7.8.0/ 159 KB
39 KB 263ms
263ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-date-picker/7.8.0/axp-travel-search-date-picker.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 825f0698b93b45375cb81f1710b431cdb29afc8acc451323dd61e67f6b0d75a6

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 14:49:00 GMT
etag: W/"646397dc-27bda"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 39242

GET
H2 200 axp-travel-search-rooms-travelers.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-rooms-travelers/4.11.0/ 38 KB
9 KB 260ms
260ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-rooms-travelers/4.11.0/axp-travel-search-rooms-travelers.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ded449df61ff5731e10c1f14b3059f97fad23d64c0afdb3355af4688e66879e1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 15:12:49 GMT
etag: W/"6453cb71-97bc"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 9130

GET
H2 200 axp-travel-search-locations.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-locations/4.10.0/ 51 KB
10 KB 259ms
258ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-locations/4.10.0/axp-travel-search-locations.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 125ed8c73e983ed029ba252fa9409ce3fd6f910b5b06c06002c4081d543765a5

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 09:40:47 GMT
etag: W/"6464a11f-cdab"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 10068

GET
H2 200 axp-travel-home-search.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-home-search/4.5.0/en-au/ 210 B
1018 B 459ms
459ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-home-search/4.5.0/en-au/axp-travel-home-search.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2e46280bcc6fdf951da10cb42264b02b79088c0c8295d97d57e2861e1b1950c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 09:13:09 GMT
etag: "645e0325-d2"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 200 guest.json Show response
icm.aexp-static.com/Internet/travel/consumer-travel/en-au/homepagecardoffers/ 4 KB
2 KB 253ms
253ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/consumer-travel/en-au/homepagecardoffers/guest.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

6bb856c878e9030dbedf11f791711172fe10036e6f472f8563bdce9e3fd6a6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 May 2023 13:18:41 GMT
etag: "110f-5fbcf68fc8743-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9005
accept-ranges: bytes
content-length: 1261

GET
H2 200 axp-travel-terms-and-conditions.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-terms-and-conditions/7.5.0/ 15 KB
5 KB 260ms
259ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-terms-and-conditions/7.5.0/axp-travel-terms-and-conditions.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 78f7d56bc9d8ffa4c8b162ca59061fe2751f1c446bca8491ad08b20927ba74be

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:47:26 GMT
etag: W/"6421ac7e-3d80"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 5090

GET
H2 200 axp-travel-agent-legal.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-agent-legal/5.2.0/ 12 KB
4 KB 300ms
300ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-agent-legal/5.2.0/axp-travel-agent-legal.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: edc03586f2e7b8d06a064951246815101535c845136132c71d5b48eeb35f6a09

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 12:15:00 GMT
etag: W/"63bd56c4-30bf"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 3958

GET
H2 200 L1_AU_Header.jpg
icm.aexp-static.com/Internet/travel/homepage/images/headerImages/ 140 KB
140 KB 224ms
224ms Image
image/webp 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/headerImages/L1_AU_Header.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 300de999e3a817cb856e6f7f23973b898fd644ef0ac88afadf644a8d346fa601

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
last-modified: Sat, 24 Sep 2022 15:58:43 GMT
server: Akamai Image Manager
etag: "35da5-5de2edae04160-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=57769
content-length: 143004
expires: Sat, 27 May 2023 15:10:17 GMT

POST
H2 201 YCNgNBs Show response
www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/ 18 B
837 B 667ms
666ms XHR
application/json 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-au/travel/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: ff7d0156-453e-493f-b735-c791ba0c6f17
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 oneStream.js Show response
www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/ 2 KB
1 KB 196ms
196ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/oneStream.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abfc249f54bfeee500682e375f1b07d4b5719688a7775330c68cc371e1a5223c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 18:10:56 GMT
etag: W/"5ff4abb0-7eb"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 885

GET
H2 200 timeout.js Show response
www.aexp-static.com/cdaas/one/one-identity-session/1.21.0/ 33 KB
11 KB 220ms
220ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.21.0/timeout.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5da603c8e1f9e6e1f57ca1589b461fb136df63cce39bcfa1aef1406f7986be6

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 18:06:41 GMT
etag: W/"644ab9b1-84d3"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 10921

GET
H2 200 Bootstrap.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/ 83 KB
23 KB 220ms
220ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0424c7e6c9b03aeaf511229e2d8875ea33528cf131a38d1f9e6d1729ff88ed2

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 04:46:28 GMT
etag: W/"643637a4-14cf3"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 23484

GET
H2 200 mmcore.js Show response
www.aexp-static.com/cdaas/api/testtarget/maxymiser/2.0.0/ 13 KB
5 KB 219ms
219ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/2.0.0/mmcore.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f7f1d724a3d940f1c1adb0ff85abe606e1ba9379da54fb5c4002e3d5f03feaf

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 17:45:19 GMT
etag: W/"5f985caf-34c7"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5367

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/one/user-consent-management/1.8.1/ 132 KB
42 KB 207ms
207ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/user-consent-management/1.8.1/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40797884b4889d1cfac07274cb34e9b8cfe703d39fe98e5173f0e1909d0dffc5

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 22:02:14 GMT
etag: W/"6446fc66-211a0"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 42517

GET
H2 200 launch-b363d6c28b7c.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.6/ 280 KB
67 KB 210ms
210ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.6/launch-b363d6c28b7c.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-consumer-travel-root/5.38.0/axp-consumer-travel-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c41045763f8a0e31f29b4bf145cffaaeb675355a17681dd86cf8eac3be038c1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:28 GMT
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 03:24:20 GMT
etag: W/"6423af64-4605d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 67990

POST
H2 201 YCNgNBs Show response
www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/ 18 B
823 B 441ms
441ms XHR
application/json 23.202.131.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/831SGd/2y1Mfj/txoogf/UCQw/zF/uLf9S2fL0b/DS92/UUY5/YCNgNBs

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.131.98 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-131-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-au/travel/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: bd24a7e9-3fc0-427f-bcda-258fa158d778
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 L1_MaldivesIsland_Guest.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 82 KB
82 KB 229ms
229ms Image
image/avif 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/L1_MaldivesIsland_Guest.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a0d6caa1657cad7ebcd8ca4f0831e5e5a5a1897d4923f9046f42c767434acc66

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Sun, 14 May 2023 19:38:18 GMT
server: Akamai Image Manager
etag: "3153b-5dffca32d94fe-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=57368
content-length: 84092
expires: Sat, 27 May 2023 15:03:37 GMT

GET
H2 200 L1_howtopwp_560x440.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 21 KB
22 KB 196ms
196ms Image
image/webp 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/L1_howtopwp_560x440.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4cf9082c47ac5eb0f534713d1c55e274821a3ec213e74721dd85e878660a5f62

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Thu, 13 Oct 2022 12:14:55 GMT
server: Akamai Image Manager
etag: "26717-5de9351228e49-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=37202
content-length: 21970
expires: Sat, 27 May 2023 09:27:31 GMT

GET
H2 200 L4_WhyATO_Default_430x180.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 19 KB
20 KB 326ms
326ms Image
image/webp 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/L4_WhyATO_Default_430x180.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db0cd0a987ee027279fc571c3d15fe6751d52118f1989759ad40db53e0ed77dc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Tue, 21 Jun 2022 04:33:42 GMT
server: Akamai Image Manager
etag: "12d49-5de2ee64bc9c8-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=22932
content-length: 19742
expires: Sat, 27 May 2023 05:29:41 GMT

GET
H2 200 Guest_L8_Nanuku-Resort-Fiji_Pacific_Harbour_Fiji_13993.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 114 KB
114 KB 318ms
318ms Image
image/avif 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/Guest_L8_Nanuku-Resort-Fiji_Pacific_Harbour_Fiji_13993.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 977f02b07c0e3910372c995fe94a1764ab437281337d36dcc3eadbba6488a827

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Mon, 15 May 2023 20:04:24 GMT
server: Akamai Image Manager
etag: "dc27e-5fbbf4ea50fa8-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=58780
content-length: 116664
expires: Sat, 27 May 2023 15:27:09 GMT

GET
H2 200 L2_Servicing_Gold_290x215.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 11 KB
11 KB 404ms
404ms Image
image/webp 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/L2_Servicing_Gold_290x215.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c09b08d04c0c7148b415769cb06faae91e1c249a2d38dd238c95bb7c5cc60251

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Mon, 05 Dec 2022 11:35:33 GMT
server: Akamai Image Manager
etag: "f55e-5de950d652a8a-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=57606
content-length: 11148
expires: Sat, 27 May 2023 15:07:35 GMT

GET
H2 200 L3_Lowcost_Default_290x215px.jpg
icm.aexp-static.com/Internet/travel/homepage/images/offers/ 6 KB
6 KB 265ms
265ms Image
image/avif 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/travel/homepage/images/offers/L3_Lowcost_Default_290x215px.jpg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 338c73013136d8e400cf2821df7c66f9c7d67825de9f67d5fa5e2f6a7fc92c33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Thu, 12 Jan 2023 13:54:37 GMT
server: Akamai Image Manager
x-serial: 325
x-check-cacheable: YES
etag: "22a8-5de2ee3429135-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=57718
content-length: 5937
expires: Sat, 27 May 2023 15:09:27 GMT

GET
H2 200 325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ 68 KB
69 KB 217ms
217ms Font
font/woff 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9

Request headers

Referer: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-11086"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 69766

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ 36 KB
37 KB 214ms
214ms Font
font/woff 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-9121"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 37153

GET
H2 200 axp-travel-search-rooms-travelers.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-rooms-travelers/4.11.0/en-au/ 1 KB
1 KB 199ms
199ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-rooms-travelers/4.11.0/en-au/axp-travel-search-rooms-travelers.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8cc3d1a13c887fac8777318d7155880245ae54cdfbcebab4eb4584c6e4d7d166

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 15:12:43 GMT
etag: W/"6453cb6b-537"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 600

GET
H2 200 terms.json Show response
icm.aexp-static.com/Internet/travel/common/en-au/ 23 KB
6 KB 195ms
195ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/common/en-au/terms.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

1efe5ebea972341df876bb196277e116af82ecd46f6eff42d8ba6741d45234d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 23:07:29 GMT
last-modified: Tue, 16 May 2023 09:29:21 GMT
etag: "5d6b-5fbcc34cdaf38-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9050
accept-ranges: bytes
content-length: 5721

GET
H2 200 axp-travel-terms-and-conditions.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-terms-and-conditions/7.5.0/en-au/ 164 B
984 B 433ms
433ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-terms-and-conditions/7.5.0/en-au/axp-travel-terms-and-conditions.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f92ee09503ed3c069863cd8efd0f3ab0da0331d4a8a0344632cdebe573822edf

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:47:19 GMT
etag: "6421ac77-a4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 135

GET
H2 200 axp-travel-search-date-picker.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-date-picker/7.8.0/en-au/ 522 B
1 KB 199ms
198ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-date-picker/7.8.0/en-au/axp-travel-search-date-picker.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09957894546097b92d8d89bc4dab3ddd4b4e38084fc1529454ae3b8f696cbd0a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 14:48:51 GMT
etag: W/"646397d3-20a"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 266

POST
H/1.1 202
Accepted beacon Show response
iwmapapi.americanexpress.com/ 0
588 B 1105ms
304ms XHR
text/plain 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:31 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 202
Accepted beacon Show response
iwmapapi.americanexpress.com/ 0
588 B 1090ms
292ms XHR
text/plain 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:31 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 202
Accepted beacon Show response
iwmapapi.americanexpress.com/ 0
588 B 1115ms
316ms XHR
text/plain 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:31 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 202
Accepted beacon Show response
iwmapapi.americanexpress.com/ 0
588 B 1104ms
306ms XHR
text/plain 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:31 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200
OK beacon
iwmapapi.americanexpress.com/ Frame 0
0 1371ms
294ms Preflight 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:30 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK beacon
iwmapapi.americanexpress.com/ Frame 0
0 1375ms
299ms Preflight 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:30 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK beacon
iwmapapi.americanexpress.com/ Frame 0
0 1380ms
303ms Preflight 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:30 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK beacon
iwmapapi.americanexpress.com/ Frame 0
0 1368ms
291ms Preflight 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:30 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
service.maxymiser.net/cg/v5us/ 91 KB
14 KB 615ms
614ms Script
text/javascript 125.56.219.3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://service.maxymiser.net/cg/v5us/?fv=dmn%3Damericanexpress.com%3Bref%3Dhttps%253A%252F%252Ftravel.americanexpress.com.au%252F%3Burl%3Dhttps%253A%252F%252Fwww.americanexpress.com%252Fen-au%252Ftravel%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=2.0&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=f

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/2.0.0/mmcore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

125.56.219.3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a125-56-219-3.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cd2a7b64684c0a3f94f4d6430411faf92ddaf77fdc2ae4e56ed766aff8e6babb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 23:07:29 GMT
last-modified: 05/26/2023 23:07:29
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
p3p: CP="DEV IND NOI OTC OUR PSA PSD"
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-length: 14029
x-xss-protection: 1; mode=block
expires: Sun, 06 Jan 1980 01:00:00 GMT

OPTIONS
H2 200 UpdateUserSession.v1
functions.americanexpress.com/ Frame 0
0 332ms
331ms Preflight 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions1a.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-b3-sampled,one-data-risk-assessment-token,x-b3-parentspanid,x-requested-with,x-b3-spanid,credentials,ce-type,x-mitigator-status,ax-correlation-id,content-type,access-control-allow-credentials,event-type,x-b3-traceid,access-control-expose-headers,x-mitigator-recommended-action,ax-operation-mode,access-control-max-age,authorization,content-encoding,x-one-data-host,access-control-allow-headers,user-agent,x-one-data-forward-address,accept,one-data-context,origin,ax-event-type,access-control-request-headers,baggage-one-data-correlation-id,access-control-allow-origin,ax-rtf-filter,sub-event-type,one-data-correlation-id,x-mitigator-finger-print,ce-source,content-length,ax-rtf-dynamic-uri-override,vary
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Fri, 26 May 2023 23:07:29 GMT

POST
H2 401 UpdateUserSession.v1 Show response
functions.americanexpress.com/ 228 B
285 B 287ms
287ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions1a.americanexpress.com
Software: /
Resource Hash: 40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Request headers

one-data-correlation-id: 63808d60-5520-4a8a-9d9f-c53edff8487f
Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.americanexpress.com
date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 199

GET
H2 200 info.filled.svg
www.aexp-static.com/one/universal-session-manager-assets/ 361 B
508 B 528ms
527ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/one/universal-session-manager-assets/info.filled.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 04:57:13 GMT
etag: W/"64645ea9-169"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 235

POST
H/1.1 204
No Content csp-violation
consumer-travel.americanexpress.com/_/report/security/ 0
4 KB 295ms
295ms Other
text/plain 139.71.116.44
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://consumer-travel.americanexpress.com/_/report/security/csp-violation

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.116.44 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

consumer-travel1.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com .aexp-static.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-c4789b40-a676-45e1-8b1b-860ed98cca10' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com; frame-ancestors none; frame-src .aexp-static.com .americanexpress.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn service.maxymiser.net; font-src .aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net .aexp-static.com *.aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-c4789b40-a676-45e1-8b1b-860ed98cca10' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com *.americanexpress.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src *.aexp-static.com *.americanexpress.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn service.maxymiser.net; font-src *.aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net *.aexp-static.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Fri, 26 May 2023 23:07:29 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 5.13.0-e28210f6
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET id
dpm.demdex.net/ 0
0

GET
H2 200 EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.6/dcb19cbd6cbf/b4385da1798a/74e098123439/ 58 KB
21 KB 227ms
226ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.6/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.6/launch-b363d6c28b7c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b282bac17179f62690db1eabfaaaafe82a2325ccd2134c930818210f3ef811a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Tue, 28 Mar 2023 14:04:46 GMT
etag: W/"6422f3fe-e969"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 20796

GET
H2 200 global.min.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/ 16 KB
3 KB 497ms
496ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/global.min.js?vr=1.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:28:28 GMT
etag: W/"63be651c-3ee4"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 2415

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 19 KB
5 KB 491ms
489ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:33:52 GMT
etag: W/"64358bf0-4aae"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5153

GET
H2 200 serverComponent.php Show response
tms.americanexpress.com/amex/amexcom/ 391 B
578 B 117ms
115ms Script
text/javascript 13.55.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.americanexpress.com%2Fen-au%2Ftravel%2F%3Fens_env%3D3%26ensMarket%3Den-AU%26ensApp%3Dtravel%26deviceType%3Dlarge
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.55.4.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 7987ec7a48754288479cec21ff488e27ade98be223f8b7f9e93d6e48e68db1c2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
via: 1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: SYD1-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: b-ojj1XaLWNCjlzW46MysUGds5L_G_WU5tkubtwVdezfxIQXg1mE3Q==
expires: Fri, 26 May 2023 23:07:28 GMT

GET
H2 200 id Show response
omns.americanexpress.com/ 48 B
476 B 740ms
190ms XHR
application/x-javascript 63.140.48.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=17281920398384816992928323537953526499&ts=1685142449560

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.134 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

73aa176327ca3dfe096d23caca1e16e1cd53cdd2aa3745e83dcd4617e36a9d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.americanexpress.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 axp-travel-search-hotels.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-hotels/5.5.0/ 33 KB
10 KB 196ms
196ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-hotels/5.5.0/axp-travel-search-hotels.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ad320591eba4c4543c78467f4497c9407cf97c9fd6a4e8634c9835703defa60

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 11:34:35 GMT
etag: W/"642eae4b-82fb"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 9473

GET
H2 200 b9542b61f613ebbde4f3983526bec953.js Show response
tms.americanexpress.com/amex/amexcom/code/ 2 KB
1 KB 104ms
103ms Script
application/javascript 13.55.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/b9542b61f613ebbde4f3983526bec953.js?conditionId0=4920746
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.55.4.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com
Software: CloudFront /
Resource Hash: c6e664c70856e498e475f2c52e12f18f74e3bd9f24b2792a2cee7d8851d0c82e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
x-amz-version-id: 1yesmo4azjd.U.JXw0LKrUmt.yXZLfEA
content-encoding: gzip
via: 1.1 4acb5efdd4b252788b64d73e2726c236.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 910042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Mar 2022 10:20:52 GMT
server: CloudFront
etag: W/"f13d526b46966d403d19925c5c64fdc2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: OUiBXuBLXzbOK5d0smyhaTxen2rNCNb5_W_zrvro4DkKbq5H42FAng==

GET
H2 200 fe63bf27e2c0e7ba75765fc8af48766f.js Show response
tms.americanexpress.com/amex/amexcom/code/ 11 KB
4 KB 103ms
103ms Script
application/javascript 13.55.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/fe63bf27e2c0e7ba75765fc8af48766f.js?conditionId0=421808
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.55.4.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
x-amz-version-id: pZOQgqFNxPOGtiZI4rb1GR_NSN41scWK
content-encoding: gzip
via: 1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 1029689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 May 2023 03:21:13 GMT
server: CloudFront
etag: W/"d3605580e68458a8c9209b69ed427ab6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 4EuN1qWOXtB7Fbpud2C3H3UQd_Z3CDhOXRxzqvnuaMMbA2uZWNp0JQ==

GET
H2 200 legal.json Show response
icm.aexp-static.com/Internet/travel/common/en-au/ 271 B
881 B 197ms
197ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/common/en-au/legal.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc930c25191cbb24cb6c7a2578e9b066d29aa06c32cd5b66e81d919cebe6a0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 13:55:15 GMT
etag: "10f-5e3b0227235fb-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2201
accept-ranges: bytes
content-length: 221

GET
H2 200 axp-travel-agent-legal.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-agent-legal/5.2.0/en-au/ 128 B
969 B 397ms
396ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-agent-legal/5.2.0/en-au/axp-travel-agent-legal.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65c875fb4d50169464f3e2b23bd3e461e02b32ad6b354ac9e8f2a5f53ad88537

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 12:14:57 GMT
etag: "63bd56c1-80"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 117

GET
H2 200 le-mtagconfig.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/ 2 KB
1023 B 196ms
195ms Script
application/javascript 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.10/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:29 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 13:24:48 GMT
etag: W/"5e43fca0-75b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 832
expires: Sun, 14 Feb 2021 08:01:05 GMT

GET
H2 200 axp-travel-search-hotels.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-hotels/5.5.0/en-au/ 2 KB
1 KB 422ms
421ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-hotels/5.5.0/en-au/axp-travel-search-hotels.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17e10ec6a8e09b1ed4fd27f355ecf177bd0b9b45abd1539fa6e056768d573377

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 11:34:31 GMT
etag: W/"642eae47-771"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 704

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 630ms
95ms Script
application/javascript 43.251.41.15
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=14106077

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.15 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

GET
H2 200 mmpackage-1.25.js Show response
service.maxymiser.net/platform/us/api/ 78 KB
24 KB 190ms
190ms Script
application/x-javascript 125.56.219.3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/platform/us/api/mmpackage-1.25.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/2.0.0/mmcore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 125.56.219.3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a125-56-219-3.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 12:13:48 GMT
server: AkamaiNetStorage
etag: "b9f18659b30ebfd24842a8cf31daa2ee:1597407230.752156"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24788

POST
H/1.1 204
No Content csp-violation
consumer-travel.americanexpress.com/_/report/security/ 0
4 KB 272ms
272ms Other
text/plain 139.71.116.44
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://consumer-travel.americanexpress.com/_/report/security/csp-violation

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.116.44 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

consumer-travel1.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com .aexp-static.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-1c60cfd8-899a-44f7-8423-7988eb4a99b8' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost .bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com; frame-ancestors none; frame-src .aexp-static.com .americanexpress.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn service.maxymiser.net; font-src .aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net .aexp-static.com *.aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://consumer-travel.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com; script-src 'nonce-1c60cfd8-899a-44f7-8423-7988eb4a99b8' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com d2whcypojkzby.cloudfront.net www.cfmedia.vfmleonardo.com i.travelapi.com photos.hotelbeds.com pix6.agoda.net www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn images.trvl-media.com insight.adsrvr.org maps.googleapis.com maps.gstatic.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com *.americanexpress.com wss://*.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src *.aexp-static.com *.americanexpress.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn service.maxymiser.net; font-src *.aexp-static.com fonts.gstatic.com; media-src s2.content.video.llnw.net production.smedia.lvp.llnw.net *.aexp-static.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Fri, 26 May 2023 23:07:30 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 5.13.0-e28210f6
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET id
dpm.demdex.net/ 0
0

GET
H2 200 travel-advisory.json Show response
icm.aexp-static.com/Internet/travel/common/en-au/ 792 B
1 KB 195ms
195ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/travel/common/en-au/travel-advisory.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-8-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c990e534479397423631c750dc7e915d8335645654b926268710958b1c5c689

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Feb 2023 09:36:20 GMT
etag: "318-5f51e6543cede-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9074
accept-ranges: bytes
content-length: 426

GET
H2 200 dls-icons.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/ 55 KB
56 KB 200ms
199ms Font
font/woff 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052

Request headers

Referer: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Origin: https://www.americanexpress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
last-modified: Mon, 01 Aug 2022 18:53:07 GMT
etag: "62e82113-ddf8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 56824

GET
H2 200 axp-travel-search-locations.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-locations/4.10.0/en-au/ 414 B
1 KB 213ms
213ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-search-locations/4.10.0/en-au/axp-travel-search-locations.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e71c665f7fc1e12d43ea195d7ba881bad6e31f809ce96f3ead41b8b428a29474

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 09:40:42 GMT
etag: W/"6464a11a-19e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 230

GET
H2 200 axp-global-header.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.6/en-au/ 13 KB
4 KB 196ms
196ms Fetch
application/json 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.6/en-au/axp-global-header.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a4cf98f0a006037894bfa6cf4120d9984b833729516544d9fbfa09753e3b2b1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 01:58:35 GMT
etag: W/"6453114b-334e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 2782

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/ 319 KB
115 KB 191ms
191ms Script
application/x-javascript 43.251.41.15
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.15 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

b54b5183c2864302472c612c260cdb653ae8562bdd3003f95961cb7d561cdb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 400 ReadUserSession.v1 Show response
functions.americanexpress.com/ 104 B
208 B 277ms
277ms Fetch 139.71.118.118
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadUserSession.v1

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.0-e28210f6/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.118.118 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions1a.americanexpress.com

Software

Resource Hash

fc0ee9476197548dbfb6314915f5e97a80d1983e7dd441572ca23771f351a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Fri, 26 May 2023 23:07:31 GMT
access-control-max-age: 86400
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 400
content-length: 123

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
1 KB 197ms
197ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:31 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-962"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 989

GET
H2 200 dls-flag-au.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/ 1 KB
846 B 198ms
198ms Image
image/svg+xml 23.39.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-au.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-au/travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.8.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fcbe41a9db3653286c3acedee11eecdfe197ee65dec493d272477c1322c2ec3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:31 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 17:15:25 GMT
etag: W/"5f52762d-5db"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 667

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/ 6 KB
2 KB 724ms
94ms Script
application/javascript 43.251.41.5
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.5 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

e2beb45d64660b05b0304cc0eca05ede7f69a74a2531f8f884d7c84c7f41a9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.sykube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 26 May 2023 23:07:43 GMT

GET
H2 200 travel_mexico_sp.js Show response
publisher.liveperson.net/external-project/14106077/js/ 3 KB
2 KB 1268ms
233ms Script
application/javascript 151.101.129.192
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.liveperson.net/external-project/14106077/js/travel_mexico_sp.js
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 151.101.129.192 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: ws /
Resource Hash: ca637da7876bfe9cb02d93646f4e0557c2f5c5366a739866fc367cdc883632c1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-object-meta-lp-version: 1.0.622
content-encoding: gzip
x-openstack-request-id: tx4cd95ffc1d5d431ca2646-006470db30
date: Fri, 26 May 2023 23:07:32 GMT
via: 1.1 varnish
age: 113
x-cache: HIT
x-trans-id: tx4cd95ffc1d5d431ca2646-006470db30
content-length: 1160
x-served-by: cache-bfi-kbfi7400032-BFI
last-modified: Fri, 26 May 2023 16:07:56 GMT
server: ws
x-timer: S1685142453.550986,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT
content-type: application/javascript
x-object-meta-mtime: 1685116961.000000
x-timestamp: 1685117275.99646
cache-control: max-age=600
access-control-allow-credentials: true
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
x-object-meta-lp-project: public
x-cache-hits: 1

GET
H2 200 ui-framework.js Show response
lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ 40 KB
15 KB 1526ms
614ms Script
application/javascript 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ui-framework.js?version=10.27.0.0-release_5563

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:55:14 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 25 May 2024 23:07:32 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ 89 KB
30 KB 1737ms
825ms Script
application/javascript 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/UMSClientAPI.min.js?version=10.27.0.0-release_5563

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

859bc4211e3119cc7d51b174c5326aabc4eff82eda99e9f7eccfb1796cfdca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:55:12 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 25 May 2024 23:07:32 GMT

GET
H2 200 lpChatV3.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ 92 KB
31 KB 1630ms
719ms Script
application/javascript 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/lpChatV3.min.js?version=10.27.0.0-release_5563

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:55:13 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 25 May 2024 23:07:32 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ 8 KB
3 KB 1843ms
932ms Script
application/javascript 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/surveylogicinstance.min.js?version=10.27.0.0-release_5563

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:55:13 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 25 May 2024 23:07:32 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ 6 KB
2 KB 811ms
188ms Script
application/javascript 43.251.41.5
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.5 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

44849fbed5c2615ea1e7fcb46805cca9c0d3824a3938953701e59fc5bff8d26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.sykube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 26 May 2023 23:08:23 GMT

GET
H2 200 storage.secure.min.html Show response
lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/ Frame B2E3 39 KB
16 KB 407ms
297ms Document
text/html 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Fri, 26 May 2023 23:07:32 GMT
expires: Sat, 25 May 2024 23:07:32 GMT
last-modified: Fri, 17 Mar 2023 01:15:42 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/ Frame B2E3 3 KB
2 KB 189ms
188ms Script
application/javascript 43.251.41.5
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/refererrestrictions?cb=lpCb7762x81054

Requested by

Host: lpchat.americanexpress.com
URL: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.5 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

152435374b428b81d609e20b65cbf66d097bd7dca24ec68c12317191b307aac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lpchat.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.sykube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 26 May 2023 23:07:32 GMT

GET
H2 200 desktopEmbedded.js Show response
lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/ 981 KB
306 KB 315ms
315ms Script
application/javascript 103.42.133.35
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.27.0.0-release_5563/desktopEmbedded.js?version=10.27.0.0-release_5563

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.42.133.35 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

e657268ba684ef5a61067b71c177f321f23bc5cc0c2aacc4617b1938a1291295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:55:15 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 25 May 2024 23:07:32 GMT

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 243 B
1 KB 1860ms
634ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?&cb=lpCb55834x98902&t=sp&ts=1685142453770&pid=183307778&tid=7202890228&pt=Book%20Flights%2C%20Hotels%2C%20Cars%20%7C%20Amex%20Travel%20AU&u=https%3A%2F%2Fwww.americanexpress.com%2Fen-au%2Ftravel%2F&r=https%3A%2F%2Ftravel.americanexpress.com.au%2F&sec=%5B%22AU%20Travel%20en-au%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

93bfc9515de5a2f40e14812cf6d401b6af1213531f413be56d65ca5ba79dd3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 collectorPost Show response
lib-us-1.brilliantcollector.com/collector/ 38 B
365 B 288ms
288ms XHR
application/json 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-Tealeaf-SyncXHR: false
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.0.0.1960
accept-language: en-AU,en;q=0.9
X-Tealeaf-MessageTypes: 1,5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 1bb01419c6574813aea716cb0726f2e8
X-Tealeaf-SaaS-TLTSID: 33136333481512050262923085738971
X-Requested-With: XMLHttpRequest
X-TealeafType: GUI
X-PageId: P.R9SEAKP58K6VJNU63T578QGRRH8C
X-TeaLeaf-Page-Url: /en-au/travel/
Referer

Response headers

date: Fri, 26 May 2023 23:07:35 GMT
dcname: prod-dal
server: istio-envoy
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
tltsid: 33136333481512050262923085738971
nodeid: wscollector-7bb4c876c7-vr49m
content-length: 38
expires: Fri, 31 Dec 1998 12:00:00 GMT

OPTIONS
H2 200 collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame 0
0 287ms
287ms Preflight 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods: POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 26 May 2023 23:07:34 GMT
server: istio-envoy
vary: Accept-Encoding,Origin
x-envoy-upstream-service-time: 0

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 321ms
320ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=f_OkwVxtQPKReSwnGHxewA&cb=lpCb44278x44963&t=pl&ts=1685142453775&pid=183307778&tid=7202890228&vid=Y1NjgzMTgyMTc3NmEyN2I3

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

5c3186c09728c18de25ab9cf547ee06a7c289bac9460da374aff8504ab7f6342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 bf Show response
bf44539bru.bf.dynatrace.com/ 2 KB
2 KB 1087ms
363ms XHR
text/plain 18.203.241.111

General

Check archive.org

Show headers Download Go to

Full URL: https://bf44539bru.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D27_sn_FCGES9R9R4H1G2UVPDPRHRP49PB3L750&svrid=-27&flavor=cors&vi=RTNAAKCDVKBBJWGCLTBUJBNTMGUFCGEQ-0&modifiedSince=1684793670944&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-au%2Ftravel%2F&bp=3&app=6ca3e714188238c8&crc=2749889285&en=qbnmdoe3&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/6ca3e714188238c8_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.111 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ebefdb9eaec7dbb072216b5220839e8f3b5d40a0581c39f610a72bef776635c

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.americanexpress.com
x-oneagent-js-injection: true
date: Fri, 26 May 2023 23:07:37 GMT
cache-control: no-cache
content-length: 1775
content-type: text/plain;charset=utf-8

OPTIONS
H/1.1 200
OK beacon
iwmapapi.americanexpress.com/ Frame 0
0 281ms
281ms Preflight 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 23:07:36 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

POST
H/1.1 202
Accepted beacon Show response
iwmapapi.americanexpress.com/ 0
588 B 278ms
278ms XHR
text/plain 139.71.113.137
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.113.137 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi11.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:07:36 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H2 200 bf Show response
bf44539bru.bf.dynatrace.com/ 2 KB
2 KB 389ms
388ms XHR
text/plain 18.203.241.111

General

Check archive.org

Show headers Download Go to

Full URL: https://bf44539bru.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D27_sn_FCGES9R9R4H1G2UVPDPRHRP49PB3L750&svrid=-27&flavor=cors&vi=RTNAAKCDVKBBJWGCLTBUJBNTMGUFCGEQ-0&modifiedSince=1684793670944&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-au%2Ftravel%2F&bp=3&app=6ca3e714188238c8&crc=266986582&en=qbnmdoe3&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/6ca3e714188238c8_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.111 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ebefdb9eaec7dbb072216b5220839e8f3b5d40a0581c39f610a72bef776635c

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.americanexpress.com
x-oneagent-js-injection: true
date: Fri, 26 May 2023 23:07:37 GMT
cache-control: no-cache
content-length: 1775
content-type: text/plain;charset=utf-8

POST
H2 200 bf Show response
bf44539bru.bf.dynatrace.com/ 207 B
485 B 724ms
723ms XHR
text/plain 18.203.241.111

General

Check archive.org

Show headers Download Go to

Full URL: https://bf44539bru.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_3_sn_FCGES9R9R4H1G2UVPDPRHRP49PB3L750_app-3A6ca3e714188238c8_1_ol_0_perc_100000_mul_1&svrid=3&flavor=cors&vi=RTNAAKCDVKBBJWGCLTBUJBNTMGUFCGEQ-0&modifiedSince=1685011380025&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-au%2Ftravel%2F&bp=3&app=6ca3e714188238c8&crc=3697629403&en=qbnmdoe3&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf44539bru/6ca3e714188238c8_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.111 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd0d6b98b02d2db6966c675abf556088aa11eb99e67135b04f01969de9eb9d91

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.americanexpress.com
x-oneagent-js-injection: true
date: Fri, 26 May 2023 23:07:39 GMT
cache-control: no-cache
content-length: 207
content-type: text/plain;charset=utf-8

POST
H2 200 collectorPost Show response
lib-us-1.brilliantcollector.com/collector/ 38 B
365 B 287ms
287ms XHR
application/json 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-Tealeaf-SyncXHR: false
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.0.0.1960
accept-language: en-AU,en;q=0.9
X-Tealeaf-MessageTypes: 5,7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 1bb01419c6574813aea716cb0726f2e8
X-Tealeaf-SaaS-TLTSID: 33136333481512050262923085738971
X-Requested-With: XMLHttpRequest
X-TealeafType: GUI
X-PageId: P.R9SEAKP58K6VJNU63T578QGRRH8C
X-TeaLeaf-Page-Url: /en-au/travel/
Referer

Response headers

date: Fri, 26 May 2023 23:07:41 GMT
dcname: prod-dal
server: istio-envoy
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
tltsid: 33136333481512050262923085738971
nodeid: wscollector-7bb4c876c7-vr49m
content-length: 38
expires: Fri, 31 Dec 1998 12:00:00 GMT

OPTIONS
H2 200 collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame 0
0 288ms
288ms Preflight 23.21.213.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.213.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-213-237.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods: POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 26 May 2023 23:07:40 GMT
server: istio-envoy
vary: Accept-Encoding,Origin
x-envoy-upstream-service-time: 0

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 72 B
868 B 633ms
632ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=f_OkwVxtQPKReSwnGHxewA&cb=lpCb1939x53291&t=ip&ts=1685142465963&pid=183307778&tid=7202890228&vid=Y1NjgzMTgyMTc3NmEyN2I3

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=AU%20Travel%20en-au&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

44b72620b788338e762b5b7a40f832c857d2d389cd56097d6dafde62398e00d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:07:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1685142445258

Domain: tms.americanexpress.com
URL: https://tms.americanexpress.com/amex/serverComponent.php?clientID=218&PageID=https%3A%2F%2Ftravel.americanexpress.com.au%2Fapps%2Fshopping%2F%3FensMarket%3Dau_en%26ens_env%3D3%26e_pageId%3D16741%26deviceType%3Dlarge%23%2Fsearch%2Fair

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/switch/1bb01419c6574813aea716cb0726f2e8

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/switch/1bb01419c6574813aea716cb0726f2e8

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost

Domain: bf44539bru.bf.dynatrace.com
URL: https://bf44539bru.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D2_sn_GU954U1425VA3LKKD5BQN4G5169I19U2&svrid=-2&flavor=cors&vi=LLNSCSSAPPPIEWCQESBGHFRKJSEKRALE-0&modifiedSince=1684793670944&rf=https%3A%2F%2Ftravel.americanexpress.com.au%2Fapps%2Fshopping%2F%23%2Fsearch%2Fair&bp=3&app=6ca3e714188238c8&crc=1036203172&en=qbnmdoe3&end=1

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.7BKDXQ3WKQLAN3LDH67F32TV5XW7&X-Tealeaf=device%20(UIC)%20Lib%2F6.0.0.1960&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Fapps%2Fshopping%2F&X-Tealeaf-SyncXHR=false&X-Tealeaf-MessageTypes=1%2C12%2C17&X-Tealeaf-SaaS-AppKey=1bb01419c6574813aea716cb0726f2e8&X-Tealeaf-SaaS-TLTSID=45258579269341325429695988033667&Content-Encoding=gzip

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.7BKDXQ3WKQLAN3LDH67F32TV5XW7&X-Tealeaf=device%20(UIC)%20Lib%2F6.0.0.1960&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Fapps%2Fshopping%2F&X-Tealeaf-SyncXHR=false&X-Tealeaf-MessageTypes=2%2C5&X-Tealeaf-SaaS-AppKey=1bb01419c6574813aea716cb0726f2e8&X-Tealeaf-SaaS-TLTSID=45258579269341325429695988033667&Content-Encoding=gzip

Domain: i.kissmetrics.com
URL: https://i.kissmetrics.com/i.js

Domain: doug1izaerwt3.cloudfront.net
URL: https://doug1izaerwt3.cloudfront.net/c871528fcdd6227631d23ee9ee9b6070d1468c78.1.js

Domain: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/code/da73fa0b72cf63269abf55638e50d0cd.js?conditionId0=421808

Domain: lib-us-1.brilliantcollector.com
URL: https://lib-us-1.brilliantcollector.com/collector/switch/1bb01419c6574813aea716cb0726f2e8

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1685142449485

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&d_mid=17281920398384816992928323537953526499&ts=1685142450304

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.americanexpress.com/	1970-01-20 12:48:54	Name: cm.BkcBKmAQB6DpB97tcTNxUIeVLfhamex3 Value: 1685142439
travel.americanexpress.com.au/	1969-12-31 23:59:59	Name: EZ_SESSION Value: 859fd5bc-471d-4150-af1d-a3d26f734c17
travel.americanexpress.com.au/	1969-12-31 23:59:59	Name: RELEASE_VERSION Value: 232
travel.americanexpress.com.au/	1970-01-20 12:07:08	Name: EZ_COBRAND Value: autravel
travel.americanexpress.com.au/	1969-12-31 23:59:59	Name: EZ_SESSION_TRACK Value: 0f9bde3d-fb23-4cfd-9853-6377bf59f6e9
travel.americanexpress.com.au/	1970-01-20 12:15:47	Name: AWSALBAPP-1 Value: _remove_
travel.americanexpress.com.au/	1970-01-20 12:15:47	Name: AWSALBAPP-2 Value: _remove_
travel.americanexpress.com.au/	1970-01-20 12:15:47	Name: AWSALBAPP-3 Value: _remove_
.travel.americanexpress.com.au/	1970-01-20 12:05:44	Name: __cf_bm Value: JllO.Bd6r8YAgyODD12AizC.cBWMF9WTH2rY2MRu1Vg-1685142440-0-AczvHxAgPVzwH+w9pn7nws0Hy2JD6rIFQqMm4x3dRGk5F4uEGH5+4o3wO0a//HiJUJ1R+of01MQ0bLiXOkWpTKg=
.switchfly.com/	1970-01-20 12:05:44	Name: __cf_bm Value: ZUkh6c7nFmIR6JW5M6IvYYxrEFNb3JJCSf9f0v_YQzo-1685142442-0-ActEMoCDRZbwvos87Or95flICmATj0ynyjym8k5yoGQY1AIlkMD3VidtekMevM+mp7e7JbXT66RdYIr8t4q/weY=
.americanexpress.com.au/	1970-01-20 20:51:18	Name: mmapi.p.pd Value: %22YcD2wNkFJwmcYuQ26raWYNPCxGkrFV1baQLbQujRMsQ%3D%7CAQAAAApDH4sIAAAAAAAEAGNhWP9ZJz9V_M0zBuaCjApGIQZGJ4ag7df5GRnsfR2_28bd9oDRDEDwHwoY2Fwyi1KTSxhTxRlB4mAAkwTRDAyMDHekGRkMgDKMrgB3NJ2JZgAAAA%3D%3D%22
.americanexpress.com.au/	1970-01-20 12:05:43	Name: mmapi.p.bid Value: %22prodphxcgus05%22
.americanexpress.com.au/	1970-01-20 20:51:18	Name: mmapi.p.srv Value: %22prodphxcgus05%22
.americanexpress.com.au/	1970-01-20 20:51:18	Name: mmapi.p.uat Value: %7B%22CPID%22%3A%22None%22%2C%22User_Type%22%3A%22Prospect%22%2C%22GenerationPage%22%3A%22%2Fapps%2Fshopping%2F%22%7D
.americanexpress.com.au/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D2_sn_GU954U1425VA3LKKD5BQN4G5169I19U2
.americanexpress.com.au/	1969-12-31 23:59:59	Name: rxVisitor Value: 1685142444432DIHA4DDTAIBLOBE50GEEJDH3ES0QO04L
.americanexpress.com.au/	1969-12-31 23:59:59	Name: dtLatC Value: 934
.americanexpress.com.au/	1969-12-31 23:59:59	Name: rxvt Value: 1685144244444\|1685142444434
.americanexpress.com.au/	1969-12-31 23:59:59	Name: TLTSID Value: 45258579269341325429695988033667
.americanexpress.com.au/	1969-12-31 23:59:59	Name: dtSa Value: false%7C_load_%7C1%7C_load_%7C-%7C1685142437960%7C342444428_627%7Chttps%3A%2F%2Ftravel.americanexpress.com.au%2Fapps%2Fshopping%2F%7C%7C%7C%2Fsearch%2Fair%7C
travel.americanexpress.com.au/	1970-01-20 12:15:47	Name: AWSALBAPP-0 Value: AAAAAAAAAAAFi8K2VlFf4p/w2BMZzLAlsOOvvjrzujzgMi4TSXAIQqzQTaTA7lcPajwhFWt+GVzoL+Cb+9cd+t4Mv8VYBMTYJkjccgODXxQreLJIZwTHMKfLA8FQ7U7wVMc8vFU/3OQJDA==
.demdex.net/	1970-01-20 16:24:54	Name: demdex Value: 56850293345825789813823734737207051497
travel.americanexpress.com.au/	1969-12-31 23:59:59	Name: EZ_SESSION_EXPIRATION_WARNING Value: Fri%2C%2026%20May%202023%2023%3A17%3A26%20GMT
.americanexpress.com/	1970-01-20 20:51:18	Name: agent-id Value: 95b28baa-dd07-476d-afe7-03fb96b0ef3d
.americanexpress.com/	1970-01-20 12:05:49	Name: ak_bmsc Value: B4386AC870FB64C73D0FD34101E67F19~000000000000000000000000000000~YAAQDB0gFyzx30uIAQAALCBRWhM1XXyac0+TmgMXIsOw/mm6gSRarrnrDdWI/iI0pniFoxF/Pfhsfaj22kEEZehdeiejIRyzehdObzKkr/CQpxY15j2q3mkyqGyvj9YQX3ZThH96gzVxtno3FMRxKZruCFBzjWBJsI0krrvBta7KFWNv3c6mds2KWFDdUcITZQ6TCGzu8984OAn2BHZVb9VB3zmqAdkZCrsJcUjN4gnl1ne4+k4NK33EMs93p94hSuAArvFyqhrNJ62DL8aEMeLYHygaH5z8o9jXLBDsUyJtCXPVR80N+zCF93BNGLRtVwtfFCLacCFfcSP3Wfh2IlpbMWB8vk6TLzWUEHYYlVjcaR1K7N/OtEaCj9AlXLKIOoeE+R9eIgqw98Lk5DHOCDslhyE=
.americanexpress.com/	1970-01-20 12:05:56	Name: bm_sz Value: 633D4C133ED741967ADBA700A68611A6~YAAQDB0gFy3x30uIAQAALCBRWhOIqz00O8PQRLhxJdAbV1kglNxcdwxNFdUWIW17zx4xQUOV/3trbK4Gf/FYdpkJsXU0rQeQ0l318+h1vY7R+0i3rCl6K+/sk8lbyUFIICmHS8U5MwvRLfBR5C6GKYj/8DQu0ivyl4vAnyybrigB0ItDQPAIANExRgRVrvHRUfhfxQ0Uf+544wXBPYtSYhrKAe1TA+94excNWXa4HjlAYV402YpjJ19hE9a8BKqYTZdwjmI0b0zR4YYEL0Y6X/MI7F9qvrnVUx60Pjuji+Jh6XPHa2jPgQTSoco=~3553350~3621945
.americanexpress.com.au/	1969-12-31 23:59:59	Name: dtPC Value: -2$342444428_627h-vLLNSCSSAPPPIEWCQESBGHFRKJSEKRALE-0e0
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D27_sn_FCGES9R9R4H1G2UVPDPRHRP49PB3L750
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 16851424481620DE12456R81LM15J4LQTC2HCGCVKMFD3
.americanexpress.com/	1969-12-31 23:59:59	Name: dtLatC Value: 1
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.americanexpress.com/	1969-12-31 23:59:59	Name: TLTSID Value: 33136333481512050262923085738971
.americanexpress.com/	1970-01-20 20:51:18	Name: _abck Value: 38899D5252D94DC5D90C0F6AC429AC1A~-1~YAAQDB0gFw3z30uIAQAAuCxRWgm6XlD2UAMJ2EaoLk/E3eCNFVtFJCLinSsiA9nMVFxRyBhVNJZJjNLUkVsP4s96Xuhh1SJjkFGS/sMwyTJNm3XS7jpx08FBhOuzrI7ph8CHmhftHj1nnqYGhBIZ/L/bzpj4A0cPqeb8vDv0vBMA1/UXvUBMsUzy9gkNKVlk8bGOWOChsdOEAo0ZvrS3/rUulSP9SoITGsfMLB6SxPeScbgkrJiaN2HYgoEZMUL0mmtnIB9qJY4OSL3rLi069vj0nzvEVpaOTIp3prbRtBi7mMRNTnk0iFqxRPxiltr9uqhxuFAV0FqBBFNKRN+BwmYLssvJxCtbtJsaYKTFQsyLf9rvhVSDH8cNxvTFVFAIr4yapoVnVuKf9m+6/J9ggBgn5w==~-1~\|\|-1\|\|~-1
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: en-AU
one-xp.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0144d4a839aa5c253925b2bca496358dd2ddd70dcc5844b4c7bf1fe1c3f8a281cce2f15dca0ed9000879440c1697a96a752eb9eb0d
.americanexpress.com/	1970-01-20 12:05:49	Name: bm_sv Value: 76BFFE05F885CA2FD965418D27C3397F~YAAQF7QRYMK+vVOIAQAAfi9RWhMB2yV0kUxUJs3y/2FVUATthHbQXdIJ6hrgYLDm0xgcVPQwXokQk3++EgLU49Bemk6ftdhYN4/PNU7oCurbijkFNBornvw6wycft6qaTX8tk9oyI0jDrEUwtzffSXAi3lxeucaWmMxplcQQCPHx11wU3mhdVvOr7IOHn7a08YendbrWS3eXfEIySxSeNKMA1mUsOzZ21WwzqIui2HuBNYiA0ZQ0IsiiUg+LnXJe+vVyzLOZUfn7~1
.americanexpress.com/	1970-01-20 21:41:42	Name: s_ecid Value: MCMID%7C17281920398384816992928323537953526499
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1970-01-20 21:41:42	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C17281920398384816992928323537953526499%7CMCAID%7CNONE%7CMCOPTOUT-1685149650s%7CNONE%7CvVersion%7C5.0.0
.americanexpress.com/	1970-01-20 20:51:18	Name: mmapi.p.pd Value: %22suBX03qEY7jd-H1vXVmjt2kUrI88-MySWgc2u35qA40%3D%7CAQAAAApDH4sIAAAAAAAEAGNhmHHyc2WquMYuBuaCjApGIQZGJ4bqhwqyjAxPRc7-so277QGjGYDgPxQwyJYUJZal5ugl5qYWZSYn5qVWFBSlFhfrJefn6iWWMqeKM4KUgwFMD4hmYGBiuCPNyCAkI8bIsAoozegKAAylKneCAAAA%22
.americanexpress.com/	1970-01-20 12:05:43	Name: mmapi.p.bid Value: %22prodphxcgus06%22
.americanexpress.com/	1970-01-20 20:51:18	Name: mmapi.p.srv Value: %22prodphxcgus06%22
.americanexpress.com/	1970-01-20 20:51:18	Name: mmapi.p.uat Value: %7B%22CPID%22%3A%22None%22%2C%22User_Type%22%3A%22Prospect%22%2C%22GenerationPage%22%3A%22%2Fen-au%2Ftravel%2F%22%7D
.americanexpress.com/	1970-01-20 20:51:18	Name: LPVID Value: Y1NjgzMTgyMTc3NmEyN2I3
.americanexpress.com/	1969-12-31 23:59:59	Name: LPSID-14106077 Value: f_OkwVxtQPKReSwnGHxewA
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1685144255966\|1685142448163
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: -27$342448160_698h-vRTNAAKCDVKBBJWGCLTBUJBNTMGUFCGEQ-0e0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/cg/v5us/?fv=dmn%3Damericanexpress.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Ftravel.americanexpress.com.au%252Fapps%252Fshopping%252F%2523%252Fsearch%252Fair%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.15&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=f, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/cg/v5us/?fv=dmn%3Damericanexpress.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Ftravel.americanexpress.com.au%252Fapps%252Fshopping%252F%2523%252Fsearch%252Fair%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.15&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=f, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/platform/us/api/mmpackage-1.25.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.aexp-static.com/cdaas/api/testtarget/maxymiser/1.15.0/mmcore.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/platform/us/api/mmpackage-1.25.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-travel-page-wrapper/5.1.0/en-au/axp-travel-page-wrapper.json Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js(Line 93) Message: Refused to connect to 'https://lib-us-1.brilliantcollector.com/collector/switch/1bb01419c6574813aea716cb0726f2e8' because it violates the following Content Security Policy directive: "connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com".
network	error	URL: https://functions.americanexpress.com/ReadUserSession.v1 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js(Line 97) Message: Refused to connect to 'https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1685142449485' because it violates the following Content Security Policy directive: "connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com".
network	error	URL: https://functions.americanexpress.com/UpdateUserSession.v1 Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://www.aexp-static.com/cdaas/tls/premiumhotel/tealeaf/tealeaf.v1.amextravel.int.js(Line 97) Message: Refused to connect to 'https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&d_mid=17281920398384816992928323537953526499&ts=1685142450304' because it violates the following Content Security Policy directive: "connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com .americanexpress.com wss://.americanexpress.com lib-us-1.brilliantcollector.com/collector/collectorPost *.bf.dynatrace.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net apim.expedia.com amex-promotion-service-stg.iseatz.com amex-promotion-service.iseatz.com maps.googleapis.com".
network	error	URL: https://functions.americanexpress.com/ReadUserSession.v1 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
bf44539bru.bf.dynatrace.com
cdn.switchfly.com
consumer-travel.americanexpress.com
doug1izaerwt3.cloudfront.net
dpm.demdex.net
email.americanexpress.com
functions.americanexpress.com
i.kissmetrics.com
icm.aexp-static.com
iwmapapi.americanexpress.com
js-cdn.dynatrace.com
lib-us-1.brilliantcollector.com
lpchat.americanexpress.com
lptag.liveperson.net
nexus.ensighten.com
omns.americanexpress.com
one-xp.americanexpress.com
publisher.liveperson.net
service.maxymiser.net
songbird.cardinalcommerce.com
tms.americanexpress.com
travel.americanexpress.com.au
va.v.liveperson.net
www.aexp-static.com
www.americanexpress.com
bf44539bru.bf.dynatrace.com
doug1izaerwt3.cloudfront.net
dpm.demdex.net
i.kissmetrics.com
lib-us-1.brilliantcollector.com
nexus.ensighten.com
tms.americanexpress.com
103.42.133.35
104.18.14.160
104.18.30.121
125.56.219.3
13.227.254.101
13.227.254.116
13.55.4.2
139.71.113.137
139.71.116.44
139.71.118.118
151.101.129.192
18.203.241.111
198.217.251.251
208.89.12.87
23.202.130.237
23.202.131.98
23.21.213.237
23.39.8.236
43.251.41.15
43.251.41.5
63.140.48.134
65.117.228.68
0046b29b4fd29215318f4d42bd1b249ab569c60f715e7fb343a098d767554712
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
0345827ee73091390aed0139294e2e868fb1e6753810b2286e6c843abee1de55
09957894546097b92d8d89bc4dab3ddd4b4e38084fc1529454ae3b8f696cbd0a
0b706a37d3b4005875071e3743fab073a7722c698bcda3bf8eee83a70d7e9bd2
0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0e57f2799ec336394ea2ea632b603fa7a82adb18841349b3e6c1763543845646
1109d3782893c5f4020fe850feb00315a0f9fcaf67e8d8412910749402b4f9da
115dd089cb8596cb0c05b851f13fbc7dc0ce551e8e20a67689275b5b1ae8ffe1
125ed8c73e983ed029ba252fa9409ce3fd6f910b5b06c06002c4081d543765a5
152435374b428b81d609e20b65cbf66d097bd7dca24ec68c12317191b307aac0
17e10ec6a8e09b1ed4fd27f355ecf177bd0b9b45abd1539fa6e056768d573377
19a9d930e0e8c2d6c16d7d296cf2d5d341b4ca9d6df2f815e6ab11456de8ff1e
1cfed35db387fc559b80db4c9c0fd4f633570aa6cf910cf7093cc696bfbd9e9e
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1efe5ebea972341df876bb196277e116af82ecd46f6eff42d8ba6741d45234d8
22cdbc8c0a8d9a8b744512fd34adb445dc780e7030f29028cba604b5f037c266
2356b8ef71a9f274586cbd858feef8715ca019ccb4d873fcc3381d4975d410a1
28706430e55b7747b20f2f919875cba6aa29d21da879dbfdd39c84e192a93a9e
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
28f23e474585e8c78c33fac7005a53939a789b385745f7297d17bac9a86dc639
3002b7789afb7f37a8fe978ef834996ac8de9eab73e86e7c1a58a31c1f7acbc0
300de999e3a817cb856e6f7f23973b898fd644ef0ac88afadf644a8d346fa601
338c73013136d8e400cf2821df7c66f9c7d67825de9f67d5fa5e2f6a7fc92c33
347fca797b8281eca748382485227493100e5d3875f8b57f637cd8499cbeb226
34ecd07b88996279cfb342f9955757257a620678979fd72551a3492da348c9e0
3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052
3a4cf98f0a006037894bfa6cf4120d9984b833729516544d9fbfa09753e3b2b1
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3f2cd9cf34c04082673a819f406d26fc672875c1323cfbf5976d241d804429f9
40797884b4889d1cfac07274cb34e9b8cfe703d39fe98e5173f0e1909d0dffc5
40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
43ab8c145891f8208347411b1a9eda986f9698d45fb618bbe47840b4488f2d50
440f9c106d9833b9d87a14ad3468181bffe9314883046d11123e0942984db90d
44849fbed5c2615ea1e7fcb46805cca9c0d3824a3938953701e59fc5bff8d26b
44b72620b788338e762b5b7a40f832c857d2d389cd56097d6dafde62398e00d5
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d
4b282bac17179f62690db1eabfaaaafe82a2325ccd2134c930818210f3ef811a
4cf9082c47ac5eb0f534713d1c55e274821a3ec213e74721dd85e878660a5f62
4fab777e0d88461765c83094d436b0acabbb7e944b76ab0d845078ec6eb7f511
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5c3186c09728c18de25ab9cf547ee06a7c289bac9460da374aff8504ab7f6342
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5c990e534479397423631c750dc7e915d8335645654b926268710958b1c5c689
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
65c875fb4d50169464f3e2b23bd3e461e02b32ad6b354ac9e8f2a5f53ad88537
666482ae3f904190f36dbe56980a231b30659a19451a7e0da14f2fdfc17e0b8f
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
67c795e2a39d99d8c49ac122f66b4ca1efeed632ea83cac74f4b5f829555fdaf
687aae7960b19955003b5dcbb53524bf6b81542043a50308dae097fbae63bb90
6ad320591eba4c4543c78467f4497c9407cf97c9fd6a4e8634c9835703defa60
6bb856c878e9030dbedf11f791711172fe10036e6f472f8563bdce9e3fd6a6a6
6f08140ac3b44fe55950f3816f650fb4de0679abd5e90afb38fdc8e0b90ebc4c
7037f212ce10d153643f274fdc2268892c713626fc4dd074261ba728fd2122ef
7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640
72528ea48d6d6959e677c8c2fbab95057a2d219c64a5c285256d06937344ea0b
73aa176327ca3dfe096d23caca1e16e1cd53cdd2aa3745e83dcd4617e36a9d11
74015fccf87ad143f1285f9f7aee8f5199d88822239e1315f3f25cd131b47afc
78f7d56bc9d8ffa4c8b162ca59061fe2751f1c446bca8491ad08b20927ba74be
7987ec7a48754288479cec21ff488e27ade98be223f8b7f9e93d6e48e68db1c2
7a4446627c9b449b1586419298b5498898ec45471bf1bbf03c0b9bb76538af63
7c41045763f8a0e31f29b4bf145cffaaeb675355a17681dd86cf8eac3be038c1
7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551
7f7f1d724a3d940f1c1adb0ff85abe606e1ba9379da54fb5c4002e3d5f03feaf
81cb121fb113120ebf77993bdda7aa738672437b5dbd6110031af2b77f3d9541
825f0698b93b45375cb81f1710b431cdb29afc8acc451323dd61e67f6b0d75a6
859bc4211e3119cc7d51b174c5326aabc4eff82eda99e9f7eccfb1796cfdca1b
8cb6dfb5acd3a26783f6ea57c9675d15b91059f974c5414c9fc47fbc1592b24b
8cc3d1a13c887fac8777318d7155880245ae54cdfbcebab4eb4584c6e4d7d166
92d6902ebdba5d950efdcfb82128c9f96779f046bf85a648a2e906507fdf25ff
93bfc9515de5a2f40e14812cf6d401b6af1213531f413be56d65ca5ba79dd3af
977f02b07c0e3910372c995fe94a1764ab437281337d36dcc3eadbba6488a827
99d5c2cf4e26e38fb79b8836ea8252f465fd3f785a00c69f445ca2567c43d242
9c89cf198bfb7ee5661fe2ea31a5e6bd0799dd5486305b82167931045ef7b30a
9e15ab3816c7164c3612973e38d18eac9d84d1740dd478c1629bf06a5fdab75c
9ebefdb9eaec7dbb072216b5220839e8f3b5d40a0581c39f610a72bef776635c
9fa887f01c191bc2fa55fff1a1a5bc896df5d0f5e83bd37c3b52fdd42e979f75
9fcbe41a9db3653286c3acedee11eecdfe197ee65dec493d272477c1322c2ec3
a0d6caa1657cad7ebcd8ca4f0831e5e5a5a1897d4923f9046f42c767434acc66
a32ee5d0e6b2ba1fd3feb7676f215c160a791ee1e940702bc18f4bd8f046d310
a73cf9b2cc85da3ca2742718a6654e4cf0a5d4c548d2203d018127afa1015375
a810ffc6315b8f90ad39bf836900709d86beca9b67e6bfc86006502bcdd55fd1
aad23e3b2e9dcb5f769061f94267c22a4d327797caa5792d6b7b52b2d9163507
abfc249f54bfeee500682e375f1b07d4b5719688a7775330c68cc371e1a5223c
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b2e1fee7d63d1cd9fa7a622ea33c0e35365b039f899d783f735ec87d0b48efcf
b54b5183c2864302472c612c260cdb653ae8562bdd3003f95961cb7d561cdb56
b5da603c8e1f9e6e1f57ca1589b461fb136df63cce39bcfa1aef1406f7986be6
bab63f7b580437f3236cbd0bf39fe8577f711a90f09b132b092dc9208fc2d543
bd0d6b98b02d2db6966c675abf556088aa11eb99e67135b04f01969de9eb9d91
be3907ff66a59b452d049f2b1ae18b3813c530a8d9ca69337d3bd454e3925819
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c09b08d04c0c7148b415769cb06faae91e1c249a2d38dd238c95bb7c5cc60251
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
c6e664c70856e498e475f2c52e12f18f74e3bd9f24b2792a2cee7d8851d0c82e
c6e826033b54380952e3a6342868f56eb60b1cc79e9fa4c30212df496a153a95
ca637da7876bfe9cb02d93646f4e0557c2f5c5366a739866fc367cdc883632c1
cd2a7b64684c0a3f94f4d6430411faf92ddaf77fdc2ae4e56ed766aff8e6babb
cfef5e1b7dc00872d6c472e0166c26a86b9c2ae60ece9d2c59fd8f4edc402ca0
d0278d9b6ce855dd92265507d1bfbc3ad10459d3f8fa85a4ae0c05d2b8bb374b
d2e46280bcc6fdf951da10cb42264b02b79088c0c8295d97d57e2861e1b1950c
d62c4b2d563b82577275467f393a560c48e35dfa78472cb3d18c4a6616fbb130
db0cd0a987ee027279fc571c3d15fe6751d52118f1989759ad40db53e0ed77dc
dc930c25191cbb24cb6c7a2578e9b066d29aa06c32cd5b66e81d919cebe6a0b0
ded449df61ff5731e10c1f14b3059f97fad23d64c0afdb3355af4688e66879e1
e0424c7e6c9b03aeaf511229e2d8875ea33528cf131a38d1f9e6d1729ff88ed2
e073e22baceade70200ef4d9b29eba20d6d61908ec35b27966bd048356bd8119
e2401edc898f0ebd685f99752832539d5339729adaeb456f7398a14ccbe75510
e2beb45d64660b05b0304cc0eca05ede7f69a74a2531f8f884d7c84c7f41a9cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced
e657268ba684ef5a61067b71c177f321f23bc5cc0c2aacc4617b1938a1291295
e71c665f7fc1e12d43ea195d7ba881bad6e31f809ce96f3ead41b8b428a29474
e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b
ec66c0dede654509bba30765cf2daa6182ec873c75276ed60bd0b1a789dbccea
edc03586f2e7b8d06a064951246815101535c845136132c71d5b48eeb35f6a09
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91
f92ee09503ed3c069863cd8efd0f3ab0da0331d4a8a0344632cdebe573822edf
fc0ee9476197548dbfb6314915f5e97a80d1983e7dd441572ca23771f351a5c5
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

www.americanexpress.com Open in urlscan Pro 23.202.131.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

90 %HTTPS

0 %IPv6

14 Domains

26 Subdomains

22 IPs

4 Countries

5294 kBTransfer

21467 kBSize

47 Cookies

35 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanexpress.com Open in urlscan Pro
23.202.131.98 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

26
Subdomains

22
IPs

4
Countries

5294 kB
Transfer

21467 kB
Size

47
Cookies

175 HTTP transactions
5 data transactions