travelvitals.amexgbt.com Open in urlscan Pro
194.36.55.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://travelvitals.amexgbt.com/
Effective URL:
https://travelvitals.amexgbt.com/
Submission: On January 29 via manual (January 29th 2024, 4:39:34 pm UTC) from IN — Scanned from GB

Summary HTTP 63 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 63 HTTP transactions. The main IP is 194.36.55.5, located in United Kingdom and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is travelvitals.amexgbt.com. The Cisco Umbrella rank of the primary domain is 719849.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on January 25th 2024. Valid for: a year.

This is the only time travelvitals.amexgbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.36.55.251 194.36.55.251	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 22	194.36.55.5 194.36.55.5	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
11	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	44.236.252.109 44.236.252.109	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
7	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.30.20.101 184.30.20.101	16625 (AKAMAI-AS) (AKAMAI-AS)
63	14

1 194.36.55.251 (United Kingdom) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

travelvitals.amexgbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 194.36.55.5 (United Kingdom) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

travelvitals.amexgbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

sdk.joinsherpa.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.252.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-252-109.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-101.deploy.static.akamaitechnologies.com

static-assets.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
az1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	amexgbt.com 2 redirects travelvitals.amexgbt.com — Cisco Umbrella Rank: 719849	510 KB
12	qualtrics.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 911 static-assets.qualtrics.com — Cisco Umbrella Rank: 28381 az1.qualtrics.com — Cisco Umbrella Rank: 13976	76 KB
11	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5458 geolocation.onetrust.com — Cisco Umbrella Rank: 567	154 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	454 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1164	67 KB
1	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 800	72 KB
1	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1827	228 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	102 KB
1	joinsherpa.io sdk.joinsherpa.io — Cisco Umbrella Rank: 51966	192 KB
63	9

	Domain	Requested by
23	travelvitals.amexgbt.com	2 redirects travelvitals.amexgbt.com
10	cdn-ukwest.onetrust.com	travelvitals.amexgbt.com cdn-ukwest.onetrust.com
9	siteintercept.qualtrics.com	znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com siteintercept.qualtrics.com
7	www.gstatic.com	www.google.com travelvitals.amexgbt.com www.gstatic.com
4	www.google.com	travelvitals.amexgbt.com www.gstatic.com www.google.com
3	fonts.gstatic.com	travelvitals.amexgbt.com www.google.com
1	az1.qualtrics.com
1	static-assets.qualtrics.com
1	znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com	travelvitals.amexgbt.com
1	translate.googleapis.com
1	api.amplitude.com	travelvitals.amexgbt.com
1	translate.google.com	travelvitals.amexgbt.com
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	www.googletagmanager.com	travelvitals.amexgbt.com
1	sdk.joinsherpa.io	travelvitals.amexgbt.com
63	15

This site contains links to these domains. Also see Links.

Domain
www.amexglobalbusinesstravel.com
translate.google.com
privacy.amexgbt.com
twitter.com
www.linkedin.com
www.instagram.com
www.onetrust.com

Subject Issuer	Validity	Valid
cdn.amexgbt.com Sectigo ECC Organization Validation Secure Server CA	`2024-01-25` - `2025-01-24`	a year	crt.sh
onetrust.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
agolighting.com GTS CA 1D4	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://travelvitals.amexgbt.com/
Frame ID: FEFC80F024DFF3F3EEB81D0303D12AFE
Requests: 53 HTTP requests in this frame

Frame: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: E5E92B0ED777E61D852C04D60316ACED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=rovx1bcoui6t
Frame ID: 61F2293A7248E503093D2226F3669483
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3F118E677BF887F6A516FE13AAC86213
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Vitalslinkedin-iconfacebook-icontwitter-iconinstagram-iconBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://travelvitals.amexgbt.com/ HTTP 301
https://travelvitals.amexgbt.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

63
Requests

98 %
HTTPS

50 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1628 kB
Transfer

4571 kB
Size

5
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amexglobalbusinesstravel.com/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Переводчик

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/contact/
Title: Let's Talk

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/
Title: Custom Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/one-stop-travel-solution/
Title: One-Stop Travel Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/lola/
Title: Simplified Travel Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/energy-mining-marine/
Title: Energy, Marine, Mining

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/meetings-events/
Title: Meetings & Events

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/global-business-consulting/
Title: Consulting Services

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/policy-compliance/
Title: Trip Approval System

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/travel-risk-management/
Title: Risk Management

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/rest-assured/
Title: Accommodation Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/insights-and-reporting/
Title: Data & Analytics

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/online-travel-booking/
Title: Booking Technology

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-travel-services/business-travel-app/
Title: Business Travel App

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/about-us/best-travel-team/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/about-us/#global-network-map
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/corporate-social-responsibility/
Title: Corporate Social Responsibility

Search URL Search Domain Scan URL

URL: https://privacy.amexgbt.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/terms-service/
Title: Terms and Services

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/press-room/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/amexgbt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express-global-business-travel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amexgbt

Search URL Search Domain Scan URL

URL: https://privacy.amexgbt.com/cookies
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://travelvitals.amexgbt.com/ HTTP 301
https://travelvitals.amexgbt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
travelvitals.amexgbt.com/
Redirect Chain

http://travelvitals.amexgbt.com/
https://travelvitals.amexgbt.com/

6 KB
4 KB

586ms
489ms

Document
text/html

194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9738ba99b2b018156c001219f8bab841d193a1b3098f6e26ab01d952aa85422b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84d2e94eca2e60fe-LHR
content-encoding: gzip
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 16:39:28 GMT
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1 ; mode =block

Redirect headers

CF-RAY: 84d2e94d7ee46425-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 29 Jan 2024 16:39:27 GMT
Expires: Mon, 29 Jan 2024 17:39:27 GMT
Location: https://travelvitals.amexgbt.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 185ms
82ms Script
application/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: FWT01iLvZ++xUAz3aesSug==
age: 31532
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Tue, 09 Jan 2024 20:19:12 GMT
server: cloudflare
etag: 0x8DC11503EDE480D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9cf99508-901e-0045-499a-43f90a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e9528a4d63ba-LHR
expires: Tue, 30 Jan 2024 16:39:28 GMT

GET
H2 200 index.css
travelvitals.amexgbt.com/css/ 11 KB
3 KB 464ms
463ms Stylesheet
text/css 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/index.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b1c65dd444ea39fd9db3b7df7be785d549540cacedeea3f548e34f1ae64bd855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efac60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 extract.css
travelvitals.amexgbt.com/css/ 186 KB
26 KB 488ms
487ms Stylesheet
text/css 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/extract.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b8718067133110ce76bf7af15e1aa5fb041f645aec691e8ad6245fd19dfc73c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efae60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 widget.js Show response
sdk.joinsherpa.io/ 639 KB
192 KB 173ms
55ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.joinsherpa.io/widget.js?appId=spMzOTE3NT

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

db7fc8c810bd09794d79ab50c1a7f3153974d072187e6c891cbca159f4a0aefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Mon, 29 Jan 2024 16:39:28 GMT
x-powered-by: Express
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 196074
x-served-by: cache-fra-etou8220116-FRA
server: Google Frontend
x-timer: S1706546368.425528,VS0,VE2
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-expose-headers: x-country-code,x-orig-accept-language
cache-control: public, max-age=86400
function-execution-id: h50lsll65i4u
x-cloud-trace-context: 3b7501b15896bb5b75342210f4373d4d
accept-ranges: bytes
x-orig-accept-language: en-NA,en-GB;q=0.9,en-US;q=0.8,en;q=0.7
x-country-code: DE
x-cache-hits: 1

GET
H2 200 2.c3db0e44.chunk.css
travelvitals.amexgbt.com/static/css/ 236 KB
31 KB 572ms
571ms Stylesheet
text/css 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/css/2.c3db0e44.chunk.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

457f8ba49e93426876f98909f837c947675a4ab786f7444026e61de4a23f361e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efaf60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 main.38c90008.chunk.css
travelvitals.amexgbt.com/static/css/ 13 KB
4 KB 463ms
462ms Stylesheet
text/css 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/css/main.38c90008.chunk.css

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

92d6b98532f4c8f58785f3379d0346d85cafb57cd44c968db8d127cff25a3e42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efb360fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 2.0ecf9bf5.chunk.js Show response
travelvitals.amexgbt.com/static/js/ 592 KB
184 KB 488ms
488ms Script
application/javascript 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/js/2.0ecf9bf5.chunk.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2615acbb3aaf182891800a2aceac9557ee5f1e9aff189a17e005d75209d06dd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efb760fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 main.26cb01f0.chunk.js Show response
travelvitals.amexgbt.com/static/js/ 54 KB
15 KB 475ms
474ms Script
application/javascript 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/static/js/main.26cb01f0.chunk.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3499175807b0a88e628442e698f552dcb56beef3bc23454aa32e5e71f0e3cab8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e951efba60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
102 KB 201ms
86ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K64VCV

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6b8ea289d4abaa2d76d01ff7fa8b0f9c87cf68ee9fc0029e4c58ba65bcd8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103723
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 16:39:29 GMT

GET
H2 200 ac001aef-4cd0-4951-82cb-b3f2339f647f.json Show response
cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/ 3 KB
2 KB 182ms
93ms XHR
application/x-javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/ac001aef-4cd0-4951-82cb-b3f2339f647f.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3fd186d6a594bca721ace24aec5c168329d8c2563303441128383b92cccc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:28 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82106
content-md5: /OFpvUXlTD0af1GuU+oYoA==
content-length: 1489
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jul 2023 01:37:14 GMT
server: cloudflare
etag: 0x8DB872F83D0DDBC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 444315cf-d01e-006b-3d98-1779cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e9539ae64599-LHR

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
205 B 60ms
59ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 84d2e9543c4f4599-LHR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/ 376 KB
90 KB 63ms
63ms Script
application/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 229oLfugqvtMNLM3e0uPaA==
age: 79283
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 91423
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:59 GMT
server: cloudflare
etag: 0x8DA95C70229E004
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2103a3f-601e-0050-6ba9-213b93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e955bfbf63ba-LHR
expires: Tue, 30 Jan 2024 16:39:28 GMT

GET
H2 200 en-us.json Show response
cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/63172322-9f67-403d-95fe-3bb9db0dbfb0/ 47 KB
13 KB 81ms
80ms Fetch
application/x-javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/ac001aef-4cd0-4951-82cb-b3f2339f647f/63172322-9f67-403d-95fe-3bb9db0dbfb0/en-us.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e198b88002f85f1a9eb355a42f43d81eb8774fd276acff88a06b0583fbe0e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14879
content-md5: jvfJQESjyew+nxX1fE7ARg==
content-length: 12898
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jul 2023 01:37:20 GMT
server: cloudflare
etag: 0x8DB872F86F7A3FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a9d5599b-301e-006a-08ff-217830000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e95669664599-LHR

GET
H2 200 otCenterRounded.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 9 KB
3 KB 62ms
61ms Fetch
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCenterRounded.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Nv59uF4L5Erbm99maFPLHA==
age: 82107
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2612
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:47 GMT
server: cloudflare
etag: 0x8DA95C6FAEC1377
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3c656efb-301e-000c-6798-17ca6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e956fa894599-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/ 62 KB
13 KB 74ms
74ms Fetch
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: eeLeQFlL9c7wmvR8bYV+Vw==
age: 82107
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13334
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:48 GMT
server: cloudflare
etag: 0x8DA95C6FBEF3D22
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 68f87c37-901e-0045-0898-17f90a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e956fa8b4599-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 5 KB
2 KB 69ms
69ms Fetch
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: chhUbr1lo8VfhnCyj4C/QQ==
age: 17875
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:31:48 GMT
server: cloudflare
etag: 0x8DA95C6FB9D5360
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1b50dd6a-401e-0065-1298-1795c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e956fa8c4599-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/ 22 KB
5 KB 63ms
63ms Fetch
text/css 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 82107
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 20:32:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a56543f6-601e-0014-5798-17e7ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84d2e956fa8d4599-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 177ms
64ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/2.0ecf9bf5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aeaa7c0a3c5b3839d5979f0a5dc80187693bec7627182d22409f4a47a3032d01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 29 Jan 2024 16:39:29 GMT

GET
H2 200 logo.e39f85a2.svg
travelvitals.amexgbt.com/static/media/ 8 KB
4 KB 470ms
468ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/logo.e39f85a2.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ff77a82947022c9900c23a9ed1f1cc3279c45da11c624c2afdae0c9fbfd91526

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e95788fe60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 menu_icon.9f3f7e26.svg
travelvitals.amexgbt.com/static/media/ 407 B
276 B 450ms
448ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/menu_icon.9f3f7e26.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f313719dda50110f5a2099a81603c5895b2a4a8646a4f669a82d5c014ba0706d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890060fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 serch_icon_filled.b039aad2.svg
travelvitals.amexgbt.com/static/media/ 552 B
361 B 411ms
410ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/serch_icon_filled.b039aad2.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c0ca2c9183566957781d4cc82c85bb4ded1ccca206ae82678a2250e68af1057

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890360fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 map_outline.844629c4.svg
travelvitals.amexgbt.com/static/media/ 620 B
414 B 408ms
407ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/map_outline.844629c4.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6994f5d4d8ebd7cc7625e23f0ac9bafa8562a8a13cef32781abc88992061b318

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890560fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 ellipsis_filled.7aedee04.svg
travelvitals.amexgbt.com/static/media/ 1017 B
716 B 407ms
406ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/ellipsis_filled.7aedee04.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f1b264d9934c8ed0c2ab65db3674f8cdc48b8c8f965301ce6c76d5e1a9ab1a39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890760fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 ellipsis_empty.0a3c2f51.svg
travelvitals.amexgbt.com/static/media/ 841 B
601 B 451ms
450ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/ellipsis_empty.0a3c2f51.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba1d4ba912bac26105454ad904624c42077d233d5650fa4e7875f72eaf6f1af5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890a60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 dls-icon-change_1.5cd1bf5f.svg
travelvitals.amexgbt.com/static/media/ 426 B
411 B 478ms
477ms Image
image/svg+xml 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/dls-icon-change_1.5cd1bf5f.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9aee43af9e957d4c23afa820116b8da335f1d30c9e1a671553162f2cafef4921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/svg+xml
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84d2e957890e60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 1x%20Amex%20GBT%20Pattern%20bg.1f4e32ed.jpg
travelvitals.amexgbt.com/static/media/ 94 KB
95 KB 550ms
549ms Image
image/jpeg 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/static/media/1x%20Amex%20GBT%20Pattern%20bg.1f4e32ed.jpg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/css/main.38c90008.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fb008f26bfbc13582a6d9d8eb90c4ecd90aa0c769cc3282609d52d2ff23d35f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/static/css/main.38c90008.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
content-length: 96726
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:24:06 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84d2e957891360fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 Amex_GBT_Pattern_bg.jpg
travelvitals.amexgbt.com/images/2020/ 108 KB
108 KB 570ms
570ms Image
image/jpeg 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelvitals.amexgbt.com/images/2020/Amex_GBT_Pattern_bg.jpg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

931bcd13abc790e1c46f6b5ff574ad8171787d4083f900ade4f48d986a09a428

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/css/extract.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
content-length: 110264
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84d2e957991560fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 BentonSansRegular.woff2
travelvitals.amexgbt.com/css/fonts/benton-sans-regular/ 9 KB
9 KB 468ms
468ms Font
font/woff2 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/benton-sans-regular/BentonSansRegular.woff2

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b325503d007aba9f3f596639b7b04ee47f2ec668ea33582fa7bc0239ff953873

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
content-length: 9156
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: font/woff2
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84d2e957991660fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 BentonSansLight.woff2
travelvitals.amexgbt.com/css/fonts/benton-sans-light/ 9 KB
9 KB 470ms
470ms Font
font/woff2 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/benton-sans-light/BentonSansLight.woff2

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f282cc68674694bfe1f34f1465c332de7da4c42be0f59b84f83dc4f072e8d63e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
content-length: 8852
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: font/woff2
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84d2e957c96c60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 BentonSansBold.woff
travelvitals.amexgbt.com/css/fonts/benton-sans-bold/ 12 KB
12 KB 490ms
490ms Font
font/woff 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/css/fonts/benton-sans-bold/BentonSansBold.woff

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/css/extract.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ffb81d946c38ae37f7f5549e3c2d32b6ac0bfb60b937d87e19c912b17042f87e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Request headers

Referer: https://travelvitals.amexgbt.com/css/extract.css
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-security-policy: frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Express
content-length: 12392
x-xss-protection: 1 ; mode =block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 13:23:56 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: font/woff
access-control-allow-origin: http://localhost:3000
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84d2e957c96f60fe-LHR
access-control-allow-headers: X-Requested-With,content-type
expires: Mon, 29 Jan 2024 20:39:29 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 94 KB
31 KB 192ms
72ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/main.26cb01f0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e2f946dc97909e219795986dec9176da571b84771c79285cd45a86e4d68c1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
228 B 673ms
232ms XHR
text/html 44.236.252.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/static/js/2.0ecf9bf5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.252.109 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-252-109.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-65b7d4c1-08d7866604ba80e3471596e8
content-length: 7

GET
H2

200

main.js Show response
travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame E5E9
Redirect Chain

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

107ms
106ms

Script
application/javascript

194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4a7aa8bd13ba5b9300cfe0a24cf420b6f1db1d3ae176e8030eab2f6be1901d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84d2e95829e760fe-LHR

Redirect headers

date: Mon, 29 Jan 2024 16:39:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 84d2e957c97360fe-LHR

GET
H2 200 AXP_GBT_Primary_BBLockup_Stacked_SMALLscale_RGB_D.jpg
cdn-ukwest.onetrust.com/logos/a26b9700-d67b-481f-8d13-855f0648f53e/3806a967-42c9-4785-a686-9d0d8ed2e9e2/1d50d701-9d10-477c-b017-a26fa55fede7/ 17 KB
17 KB 68ms
68ms Image
image/jpeg 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/a26b9700-d67b-481f-8d13-855f0648f53e/3806a967-42c9-4785-a686-9d0d8ed2e9e2/1d50d701-9d10-477c-b017-a26fa55fede7/AXP_GBT_Primary_BBLockup_Stacked_SMALLscale_RGB_D.jpg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4ec0f62ef2f1446794b8f3c06ff19e892a5632343a0c64c3f6bc81f876aabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: eDyddhc7j/Iym8ACAqxQqg==
age: 84351
content-length: 17281
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 16 Aug 2022 20:49:31 GMT
server: cloudflare
etag: 0x8DA7FC8D19508A2
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 9ce65cee-c01e-0056-7b98-17cceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84d2e957db6863ba-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 63ms
63ms Image
image/svg+xml 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 31533
x-ms-lease-status: unlocked
last-modified: Tue, 09 Jan 2024 20:19:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 60c998d4-e01e-000e-7c89-43c890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84d2e957db6c63ba-LHR
expires: Tue, 30 Jan 2024 16:39:29 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 481 KB
193 KB 166ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://travelvitals.amexgbt.com/
Origin: https://travelvitals.amexgbt.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196969
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 15:24:11 GMT

POST
H2 200 84d2e94eca2e60fe Show response
travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E5E9 0
289 B 129ms
129ms XHR
text/plain 194.36.55.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/h/g/jsd/r/84d2e94eca2e60fe

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jan 2024 16:39:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
server: cloudflare
cf-ray: 84d2e9596bd360fe-LHR
content-type: text/plain; charset=UTF-8

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
5 KB 164ms
53ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/am=wA/d=1/rs=AN8SPfp97YZrKdiYH5iXlvzNYXPa5ZroZg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 23:26:28 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfodVO_J9NnkXL2CTdBpSn3WoEsZZg/ 207 KB
72 KB 193ms
52ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfodVO_J9NnkXL2CTdBpSn3WoEsZZg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/am=wA/d=1/rs=AN8SPfp97YZrKdiYH5iXlvzNYXPa5ZroZg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a76a7040cdaabc480727486b980877195fd6b6bf819313b1425271ce04dfa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73442
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 22:14:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 10:20:12 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 61F2 44 KB
28 KB 82ms
81ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=rovx1bcoui6t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fca49dbaea4fcd3cfb264105b3ea1e698486b3359cc3ceabc1eabc0ec206e1fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sZeA609uvS_EOea4uEArLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelvitals.amexgbt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sZeA609uvS_EOea4uEArLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated Show response
/ Frame 3F11 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 167ms
54ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 23:26:29 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 54ms
53ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:42:16 GMT
x-content-type-options: nosniff
age: 21433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Jan 2025 10:42:16 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 53ms
53ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:40:49 GMT
x-content-type-options: nosniff
age: 3520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Jan 2025 15:40:49 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 61F2 55 KB
24 KB 53ms
53ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=rovx1bcoui6t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 15:24:10 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 61F2 481 KB
193 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196969
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 15:24:11 GMT

GET
H3 200 zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js Show response
www.google.com/js/bg/ Frame 61F2 17 KB
7 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=rovx1bcoui6t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6922
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 14:22:47 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 61F2 2 KB
2 KB 53ms
53ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 592956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 19:56:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 61F2 15 KB
15 KB 161ms
54ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 321154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 61F2 15 KB
15 KB 159ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options: nosniff
age: 23465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 61F2 102 B
135 B 62ms
62ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEUbcZAAAAADFU46jjhmswS1Nf90BTp3KQYNpL&co=aHR0cHM6Ly90cmF2ZWx2aXRhbHMuYW1leGdidC5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=rovx1bcoui6t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 29 Jan 2024 16:39:30 GMT

GET
H2 200 / Show response
znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 217ms
77ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Requested by

Host: travelvitals.amexgbt.com
URL: https://travelvitals.amexgbt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b1c8ced43b9e4f52e908ea17af158c5d128f5d2f137467922d87eea0f6c87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 30068
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-5jo0y4t/DvyepUU62GN67Vn+NQ4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e95f1dda63e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 12.d0a6cbdbbd5630600180.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
22 KB 73ms
72ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=travelvitals.amexgbt.com

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bd21fec363c179f12ffc04b71f3c43fad9e3674b0c43e6d06f363cea89ecc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482856
cf-polished: origSize=75119
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1256f-18d3273b7c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e95f9eb263e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 253ms
253ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_bpWJ9gKlad5X3kF&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d0a6cbdbbd5630600180.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=travelvitals.amexgbt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3a4c92382d61783803972d52fdfb516d43ef16cd74e1d0dceca3cff46a987d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://travelvitals.amexgbt.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: a132f941844f24c7
cf-ray: 84d2e9601f5363e9-LHR
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
31 KB 67ms
67ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482846
cf-polished: origSize=103878
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"195c6-18d3273b7c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e961aa7063e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.cf1c493dffb2d169972c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 79ms
78ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.cf1c493dffb2d169972c.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0bdd1542353e65c77a7159f838b34e7ef268468ebefa221a31a156ce62ec9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482846
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18d3273b7c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e9622b2263e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.be767510a0dcd247d2ba.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 70ms
69ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.be767510a0dcd247d2ba.chunk.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Host: znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
URL: https://znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bpWJ9gKlad5X3kF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaeecdb59593ed39f0067e836a6c9bcbfda30dfd80b6b7cbbb7b3d63be6549d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482846
cf-polished: origSize=29694
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73fe-18d3273b7c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e9622b2663e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 SliderModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 14 KB
4 KB 72ms
71ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9caae55516a4dc087ff6980903434d5b9651acc7c6e509f2b7abd72bed7b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482747
cf-polished: origSize=14619
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 18:34:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"391b-18d3273b7c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e9622b2963e9-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
827 B 160ms
70ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bPGbyrdbCLgWeTb&Version=10&Q_ORIGIN=https://travelvitals.amexgbt.com&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c5eb2fd1dc08db2baa381084ddce040a8abce7fd3361de1db79f790e32af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

servershortname
date: Mon, 29 Jan 2024 16:39:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 541036
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Jan 2024 10:22:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e962bf1d636b-LHR
expires: Fri, 20 Jan 2034 10:22:15 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 148ms
58ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9FxHTg65L4DO2WN&Version=31&Q_InterceptID=SI_bPGbyrdbCLgWeTb&Q_ORIGIN=https://travelvitals.amexgbt.com&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96fe3e32b7ee68f094ba6ea93785333993f0537e212e07b67a238fd7dec622d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

servershortname
date: Mon, 29 Jan 2024 16:39:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 539141
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Jan 2024 10:53:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 84d2e962bf20636b-LHR
expires: Fri, 20 Jan 2034 10:53:50 GMT

GET
H2 200 svg-close-btn-black-7.svg
static-assets.qualtrics.com/static/prototype-ui-modules/SharedGraphics/siteintercept/ 1 KB
2 KB 256ms
65ms Image
image/svg+xml 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-assets.qualtrics.com/static/prototype-ui-modules/SharedGraphics/siteintercept/svg-close-btn-black-7.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: vvw2GsjNq6NYdsnBn7aCynzUO99YPeNg
date: Mon, 29 Jan 2024 16:39:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 1206
x-amz-meta-mutable: true
last-modified: Fri, 12 Jan 2024 17:49:25 GMT
etag: "8736a0a5f49a2a06e82f607f9f3d4f46"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: must-revalidate, max-age=123617
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 Graphic.php
az1.qualtrics.com/WRQualtricsSiteIntercept/ 1 KB
2 KB 279ms
102ms Image
image/png 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://az1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_eJK0TkseRWzpGXX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

Resource Hash

c5c2e1c40c659ebb0b4472f031cca5165d18802e0d00b76d70e73d3e19c1320e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelvitals.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Feedback2
content-length: 1168
x-request-id: 9db6a441-8d0d-4851-b172-faec31b5b3b0,9ba3dcf1-223f-4f31-99c1-2680e80346e7
referrer-policy: strict-origin-when-cross-origin
etag: "c7392b392f84f28abab7b97cc7d5d2a7"
content-type: image/png
access-control-allow-origin: *,*
x-transaction-id: 8f83cb1c-1d31-4b7d-b621-d381e7300777
cache-control: public, max-age=15
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Mon, 29 Jan 2024 16:39:46 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
224 B 87ms
86ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9FxHTg65L4DO2WN&Q_SIID=SI_bPGbyrdbCLgWeTb&Q_ASID=AS_66951923&Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&r=1706546371054

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelvitals.amexgbt.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 16:39:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://travelvitals.amexgbt.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: d70fee9ba538a7b8
cf-ray: 84d2e9633ff6636b-LHR

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amexgbt.com/	1969-12-31 23:59:59	Name: _cfuvid Value: odsHRXnd6L7k7KS_TchU2WVdgimruPbEKX1WKZzIUGg-1706546367667-0-604800000
.amexgbt.com/	1970-01-20 18:02:28	Name: __cf_bm Value: GIRyHVbYgMHtMa0c.tcqDHZIibJMEni1s_PIoAJDwe4-1706546368-1-AWYHDDLpxUGw2o2rV5eFXPDHQSqM76iVbzfbIqqcWGYQ6hxBck+bOPXjCmQrJLkNbO+ewmlBgsik+dYxVTXuSU8=
.amexgbt.com/	1970-01-21 02:48:02	Name: amp_6f3785 Value: Scx5sg_VTJjQAKytri5hb9...1hlb1e4kh.1hlb1e4le.1.0.1
.travelvitals.amexgbt.com/	1970-01-21 02:48:02	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jan+29+2024+16%3A39%3A29+GMT%2B0000+(Greenwich+Mean+Time)&version=202209.1.0&isIABGlobal=false&hosts=&consentId=ca6819ea-ca34-4f19-b072-ebe006c4acc9&interactionCount=0&landingPath=https%3A%2F%2Ftravelvitals.amexgbt.com%2F&groups=C0001%3A1%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0
.amexgbt.com/	1970-01-21 02:48:02	Name: cf_clearance Value: TdzOYJt0jxJOCkSzlLCwpT_mV7ilPX2snYtRe9No_6A-1706546369-1-Ae7fkau0srJt6cIVAjhzrnBn183vBJ0o3s519X1D7pb5XpYhtAL0dNSsvyz81GBioyV9T6xc1vEOo8FMlSe8V1o=

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/ Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://travelvitals.amexgbt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js(Line 551) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfodVO_J9NnkXL2CTdBpSn3WoEsZZg/m=el_main(Line 280) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfodVO_J9NnkXL2CTdBpSn3WoEsZZg/m=el_main(Line 280) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ru.CJUpeiT0Fb8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfodVO_J9NnkXL2CTdBpSn3WoEsZZg/m=el_main(Line 181) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: data:text/html;charset=UTF-8;base64,PCFET0NUWVBFIGh0bWw+PGJvZHk+PHNjcmlwdD4oZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGU9dGhpc3x8c2VsZjtmdW5jdGlvbiBmKGEpe3JldHVybiBhfTt2YXIgaDtmdW5jdGlvbiBrKGEpe3RoaXMuZz1hfWsucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZysiIn07dmFyIGw9e307ZnVuY3Rpb24gbShhKXtpZih2b2lkIDA9PT1oKXt2YXIgYz1udWxsO3ZhciBiPWUudHJ1c3RlZFR5cGVzO2lmKGImJmIuY3JlYXRlUG9saWN5KXt0cnl7Yz1iLmNyZWF0ZVBvbGljeSgiZ29vZyNodG1sIix7Y3JlYXRlSFRNTDpmLGNyZWF0ZVNjcmlwdDpmLGNyZWF0ZVNjcmlwdFVSTDpmfSl9Y2F0Y2goZCl7ZS5jb25zb2xlJiZlLmNvbnNvbGUuZXJyb3IoZC5tZXNzYWdlKX1oPWN9ZWxzZSBoPWN9YT0oYz1oKT9jLmNyZWF0ZVNjcmlwdFVSTChhKTphO3JldHVybiBuZXcgayhhLGwpfTsvKgoKIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCmlmKCFmdW5jdGlvbigpe2lmKHNlbGYub3JpZ2luKXJldHVybiJudWxsIj09PXNlbGYub3JpZ2luO2lmKCIiIT09bG9jYXRpb24uaG9zdClyZXR1cm4hMTt0cnl7cmV0dXJuIHdpbmRvdy5wYXJlbnQuZXNjYXBlKCIiKSwhMX1jYXRjaChhKXtyZXR1cm4hMH19KCkpdGhyb3cgRXJyb3IoInNhbmRib3hpbmcgZXJyb3IiKTsKd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLGZ1bmN0aW9uKGEpe3ZhciBjPWEucG9ydHNbMF07YT1hLmRhdGE7dmFyIGI9YS5jYWxsYmFja05hbWUuc3BsaXQoIi4iKSxkPXdpbmRvdzsid2luZG93Ij09PWJbMF0mJmIuc2hpZnQoKTtmb3IodmFyIGc9MDtnPGIubGVuZ3RoLTE7ZysrKWRbYltnXV09e30sZD1kW2JbZ11dO2RbYltiLmxlbmd0aC0xXV09ZnVuY3Rpb24obil7Yy5wb3N0TWVzc2FnZShKU09OLnN0cmluZ2lmeShuKSl9O2I9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YT1tKGEudXJsKTtiLnNyYz1hIGluc3RhbmNlb2YgayYmYS5jb25zdHJ1Y3Rvcj09PWs/YS5nOiJ0eXBlX2Vycm9yOlRydXN0ZWRSZXNvdXJjZVVybCI7ZG9jdW1lbnQuYm9keS5hcHBlbmRDaGlsZChiKX0sITApO30pLmNhbGwodGhpcyk7Cjwvc2NyaXB0PjwvYm9keT4= Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js(Line 424) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js(Line 424) Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.106.0&Q_CLIENTTYPE=web&Q_BRANDID=amexgbt Message: The Content-Security-Policy directive name ''self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://www.ovationtravel.com https://www.lawyerstravel.com;'self' www.google.com api.amplitude.com www.amexglobalbusinesstravel.com www.gstatic.com www.googletagmanager.com translate.google.com translate.googleapis.com www.youtube.com znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com www.google-analytics.com siteintercept.qualtrics.com s.ytimg.com stats.g.doubleclick.net static-assets.qualtrics.com az1.qualtrics.com amexgbt.az1.qualtrics.com consent.trustarc.com consent-pref.trustarc.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode =block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
az1.qualtrics.com
cdn-ukwest.onetrust.com
fonts.gstatic.com
geolocation.onetrust.com
sdk.joinsherpa.io
siteintercept.qualtrics.com
static-assets.qualtrics.com
translate.google.com
translate.googleapis.com
travelvitals.amexgbt.com
www.google.com
www.googletagmanager.com
www.gstatic.com
znbpwj9gklad5x3kf-amexgbt.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
151.101.1.195
184.30.20.101
194.36.55.251
194.36.55.5
2606:4700:4400::6812:2089
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
44.236.252.109
0c0ca2c9183566957781d4cc82c85bb4ded1ccca206ae82678a2250e68af1057
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d3fd186d6a594bca721ace24aec5c168329d8c2563303441128383b92cccc1a
1f3a4c92382d61783803972d52fdfb516d43ef16cd74e1d0dceca3cff46a987d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2615acbb3aaf182891800a2aceac9557ee5f1e9aff189a17e005d75209d06dd5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3499175807b0a88e628442e698f552dcb56beef3bc23454aa32e5e71f0e3cab8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
457f8ba49e93426876f98909f837c947675a4ab786f7444026e61de4a23f361e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d
58a76a7040cdaabc480727486b980877195fd6b6bf819313b1425271ce04dfa1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5d4ec0f62ef2f1446794b8f3c06ff19e892a5632343a0c64c3f6bc81f876aabd
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
67bd21fec363c179f12ffc04b71f3c43fad9e3674b0c43e6d06f363cea89ecc6
6994f5d4d8ebd7cc7625e23f0ac9bafa8562a8a13cef32781abc88992061b318
6e0bdd1542353e65c77a7159f838b34e7ef268468ebefa221a31a156ce62ec9e
6e9caae55516a4dc087ff6980903434d5b9651acc7c6e509f2b7abd72bed7b24
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79b1c8ced43b9e4f52e908ea17af158c5d128f5d2f137467922d87eea0f6c87b
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
80c5eb2fd1dc08db2baa381084ddce040a8abce7fd3361de1db79f790e32af48
8e2f946dc97909e219795986dec9176da571b84771c79285cd45a86e4d68c1dc
92d6b98532f4c8f58785f3379d0346d85cafb57cd44c968db8d127cff25a3e42
931bcd13abc790e1c46f6b5ff574ad8171787d4083f900ade4f48d986a09a428
96fe3e32b7ee68f094ba6ea93785333993f0537e212e07b67a238fd7dec622d0
9738ba99b2b018156c001219f8bab841d193a1b3098f6e26ab01d952aa85422b
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9aee43af9e957d4c23afa820116b8da335f1d30c9e1a671553162f2cafef4921
9e198b88002f85f1a9eb355a42f43d81eb8774fd276acff88a06b0583fbe0e4d
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aeaa7c0a3c5b3839d5979f0a5dc80187693bec7627182d22409f4a47a3032d01
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1c65dd444ea39fd9db3b7df7be785d549540cacedeea3f548e34f1ae64bd855
b325503d007aba9f3f596639b7b04ee47f2ec668ea33582fa7bc0239ff953873
b8718067133110ce76bf7af15e1aa5fb041f645aec691e8ad6245fd19dfc73c9
ba1d4ba912bac26105454ad904624c42077d233d5650fa4e7875f72eaf6f1af5
bf4a7aa8bd13ba5b9300cfe0a24cf420b6f1db1d3ae176e8030eab2f6be1901d
c5c2e1c40c659ebb0b4472f031cca5165d18802e0d00b76d70e73d3e19c1320e
c6b8ea289d4abaa2d76d01ff7fa8b0f9c87cf68ee9fc0029e4c58ba65bcd8a39
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
db7fc8c810bd09794d79ab50c1a7f3153974d072187e6c891cbca159f4a0aefd
dfaeecdb59593ed39f0067e836a6c9bcbfda30dfd80b6b7cbbb7b3d63be6549d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c
eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b
f1b264d9934c8ed0c2ab65db3674f8cdc48b8c8f965301ce6c76d5e1a9ab1a39
f282cc68674694bfe1f34f1465c332de7da4c42be0f59b84f83dc4f072e8d63e
f313719dda50110f5a2099a81603c5895b2a4a8646a4f669a82d5c014ba0706d
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
fb008f26bfbc13582a6d9d8eb90c4ecd90aa0c769cc3282609d52d2ff23d35f0
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fca49dbaea4fcd3cfb264105b3ea1e698486b3359cc3ceabc1eabc0ec206e1fe
ff77a82947022c9900c23a9ed1f1cc3279c45da11c624c2afdae0c9fbfd91526
ffb81d946c38ae37f7f5549e3c2d32b6ac0bfb60b937d87e19c912b17042f87e

travelvitals.amexgbt.com Open in urlscan Pro 194.36.55.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

50 %IPv6

9 Domains

15 Subdomains

14 IPs

4 Countries

1628 kBTransfer

4571 kBSize

5 Cookies

27 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

travelvitals.amexgbt.com Open in urlscan Pro
194.36.55.5 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

50 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1628 kB
Transfer

4571 kB
Size

5
Cookies

63 HTTP transactions
1 data transactions