amexgbt-uat.expansivefm.net Open in urlscan Pro
2606:4700:10::6816:550  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response amexgbt-uat.expansivefm.net/	3 KB 1 KB	271ms 165ms	Document text/html	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7aca1f248ad5a5453e064603c98e3d0c346eb8eafbe57e015448f49172dc0191 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private cf-cache-status DYNAMIC cf-ray 837c6448af19220f-MIA content-encoding gzip content-type text/html date Tue, 19 Dec 2023 02:59:49 GMT last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare
GET H2	200	index-1af01b18.js Show response amexgbt-uat.expansivefm.net/assets/	4 MB 1 MB	293ms 292ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47796ba26635a4b28d6c78d550c2e7892d3d59447f7bf09cb21ecc46fd73f550 Request headers Referer https://amexgbt-uat.expansivefm.net/ Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:49 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-427f55" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c6449b861220f-MIA
GET H2	200	index-a1fa3a9e.css amexgbt-uat.expansivefm.net/assets/	661 KB 94 KB	283ms 283ms	Stylesheet text/css	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/index-a1fa3a9e.css Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1fa3a9e7731c464a079af054c0383c4a978a4eee10ce9c1e2038efdc46637a1 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:49 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-a55f8" vary Accept-Encoding content-type text/css cache-control private cf-ray 837c6449b85d220f-MIA
GET H2	200	photo-missing-e6e56756.js Show response amexgbt-uat.expansivefm.net/assets/	429 B 381 B	472ms 471ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/photo-missing-e6e56756.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1bcc956d37253a698d75c88bf4c077d091f7817058d71627b226b17af708e23 Request headers Referer https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:51 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-1ad" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c64529d4b220f-MIA
GET H2	200	Login-841e9a3b.js Show response amexgbt-uat.expansivefm.net/assets/	11 KB 4 KB	182ms 181ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/Login-841e9a3b.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acbe4449a086184173c5188d4c192a3625945399ed3367d0e528218f1ed2fd22 Request headers Referer Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:50 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-2b08" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c6452ad56220f-MIA
GET H2	200	Footer-edfb30f8.js Show response amexgbt-uat.expansivefm.net/assets/	1 KB 897 B	174ms 171ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/Footer-edfb30f8.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d667acc6e106021c3c9fbd97a97cb698ec6beea109ba26bea43871f78f0805d Request headers Referer Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:50 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-5b4" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c6452ad60220f-MIA
GET H2	200	Login-bcc57e88.css amexgbt-uat.expansivefm.net/assets/	1 KB 557 B	174ms 173ms	Stylesheet text/css	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/Login-bcc57e88.css Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bcc57e889c4f80e46d7d9b97f0b6a085f8808224351f47a003b7ac2c1a92a66b Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:50 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-5ec" vary Accept-Encoding content-type text/css cache-control private cf-ray 837c6452ad66220f-MIA
GET H2	200	config_var Show response amexgbt-uat.expansivefm.net/api/	7 KB 2 KB	238ms 237ms	XHR application/json	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/api/config_var Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9493809304deceb5084f62fba18b84e455311adf7b0cffc5ff628702d4a010c3 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:51 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin * cache-control no-cache, private, private cf-ray 837c6456db39220f-MIA
POST H2	200	/ Show response o503303.ingest.sentry.io/api/5588256/envelope/	2 B 324 B	160ms 70ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o503303.ingest.sentry.io/api/5588256/envelope/?sentry_key=0218692995c2430ab21a8f2f03e904cc&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://amexgbt-uat.expansivefm.net/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 19 Dec 2023 02:59:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	workbox-window.prod.es5-e74d365d.js Show response amexgbt-uat.expansivefm.net/assets/	6 KB 2 KB	470ms 467ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/workbox-window.prod.es5-e74d365d.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22b38397f92d84c92135cd9be5e8af18836f61a0b1870f2bf32be8549df2c896 Request headers Referer https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:52 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-161d" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c64588de2220f-MIA
GET H2	200	element.js Show response translate.google.com/translate_a/	88 KB 31 KB	245ms 90ms	Script text/javascript	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6dbca38ba416a59afee623ae8ec3c4414abf109cce896db89e0cba1aaccf971f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Tue, 19 Dec 2023 02:59:52 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/a89246f01efa04d48da2a721ccb48e84/ro x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo-nav-dark-6007ff1b.js Show response amexgbt-uat.expansivefm.net/assets/	429 B 346 B	461ms 461ms	Script application/javascript	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amexgbt-uat.expansivefm.net/assets/logo-nav-dark-6007ff1b.js Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8f4511fc72560a7cf4c5f1405d9f180f7d031b462ecef3a0f7f9d81701825d4 Request headers Referer https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Origin https://amexgbt-uat.expansivefm.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:52 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag W/"65788d03-1ad" vary Accept-Encoding content-type application/javascript cache-control private cf-ray 837c64596ef9220f-MIA
GET H2	200	expansive-logo-colour-1000.png www.expansivefm.com/hubfs/Instance%20Images/	46 KB 48 KB	398ms 274ms	Image image/png	2606:2c40::c73c:6702 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.expansivefm.com/hubfs/Instance%20Images/expansive-logo-colour-1000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 519b39589fb720de4b88364e00961c1469af45aaeea5fb71c993a1dc433cf1ef Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests x-amz-meta-cache-tag F-149024925741,FD-108589568012,P-4831575,FLS-ALL x-amz-request-id VDKNC64Q9K6VPM53 x-amz-server-side-encryption AES256 edge-cache-tag F-149024925741,FD-108589568012,P-4831575,FLS-ALL x-amz-replication-status COMPLETED x-hs-https-only worker x-hs-cf-lambda us-east-1.EnforceAclForReads 3 etag "a699c9c1a3618828ace2a9039823813f" vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * x-amz-meta-created-unix-time-millis 1701989991454 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Tue, 19 Dec 2023 02:59:52 GMT strict-transport-security max-age=31536000 via 1.1 9f38fc245d638f10232100c770bc84fe.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id pH0XtgknV3gbzkaV1Tx811sf9nVG8hl8 x-amz-cf-pop MIA3-P2 x-hs-alternate-content-type text/plain x-cache RefreshHit from cloudfront cache-tag F-149024925741,FD-108589568012,P-4831575,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 47151 x-amz-id-2 mDuegSfy5Sw28pb+qOlVPCdxLcXGd8zvJRbzw9bKyjdjJISGk7ArWMFeOfOI4TNnORuw/tBcBOM= last-modified Thu, 07 Dec 2023 22:59:52 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h93fqBf1g3HENxZTlUXlKlGMztcYkR8K3d7iwb4vhL7iFgy3%2FBEdMw3hEBlUbvYlUuw88rd3z%2BxJSqoJB63T45QjisVaxBI8aBWQI70FsERuLucAi3g9r6rTl3agKqttA7xct1JwBm2C%2BmxmCOgTHU8%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 837c645a3ffd6dbf-MIA x-amz-cf-id Nu_79YiLc5VibxMvgwzZJ_CsRKmSG8AhVbalrCwOVsWfZ5069ouyqg==
GET DATA	200 OK	truncated /	134 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	language-flags-9a31c0bd.png amexgbt-uat.expansivefm.net/assets/	37 KB 38 KB	197ms 197ms	Image image/png	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amexgbt-uat.expansivefm.net/assets/language-flags-9a31c0bd.png Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-a1fa3a9e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a31c0bd6cd6d51eb408c011ba14c8f49bf70665753f148616cf688984705fb7 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/assets/index-a1fa3a9e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:52 GMT cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag "65788d03-95d0" vary Accept-Encoding content-type image/png cache-control private accept-ranges bytes cf-ray 837c64598f20220f-MIA content-length 38352
GET H2	200	m=el_main_css www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/	22 KB 5 KB	354ms 62ms	Stylesheet text/css	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 15 Dec 2023 07:49:16 GMT content-encoding gzip x-content-type-options nosniff age 328236 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4144 x-xss-protection 0 last-modified Sat, 15 Jul 2023 01:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Dec 2024 07:49:16 GMT
GET H2	200	m=el_main Show response translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/	255 KB 88 KB	355ms 64ms	Script text/javascript	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/m=el_main Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 15 Dec 2023 01:02:07 GMT content-encoding gzip x-content-type-options nosniff age 352665 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89479 x-xss-protection 0 last-modified Wed, 06 Dec 2023 14:12:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Dec 2024 01:02:07 GMT
GET H2	200	logo-nav-dark-00211147.png amexgbt-uat.expansivefm.net/assets/	22 KB 22 KB	488ms 487ms	Image image/png	2606:4700:10::6816:550 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://amexgbt-uat.expansivefm.net/assets/logo-nav-dark-00211147.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:550 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0021114721ab7a5cdd97e8d456981215a47e752cbfda22b5cc564e72a15c20be Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:59:52 GMT cf-cache-status BYPASS last-modified Tue, 12 Dec 2023 16:40:35 GMT server cloudflare etag "65788d03-5809" vary Accept-Encoding content-type image/png cache-control private accept-ranges bytes cf-ray 837c645c4a87220f-MIA content-length 22537
GET DATA	200 OK	truncated Show response / Frame D492	1 KB 1 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Content-Type text/html;charset=UTF-8
GET H2	200	24px.svg fonts.gstatic.com/s/i/productlogos/translate/v14/	6 KB 4 KB	69ms 67ms	Image image/svg+xml	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 15 Dec 2023 19:45:30 GMT content-encoding gzip x-content-type-options nosniff age 285262 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3340 x-xss-protection 0 last-modified Wed, 20 Apr 2022 14:24:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Dec 2024 19:45:30 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 1 KB	67ms 66ms	Image image/png	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://amexgbt-uat.expansivefm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:06:27 GMT x-content-type-options nosniff age 3205 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 910 x-xss-protection 0 last-modified Thu, 02 Nov 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 18 Dec 2024 02:06:27 GMT
POST H2	200	/ Show response o503303.ingest.sentry.io/api/5588256/envelope/	41 B 99 B	122ms 121ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o503303.ingest.sentry.io/api/5588256/envelope/?sentry_key=0218692995c2430ab21a8f2f03e904cc&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 Requested by Host: amexgbt-uat.expansivefm.net URL: https://amexgbt-uat.expansivefm.net/assets/index-1af01b18.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 821768ee6fa4d8915da6b6d64f65513244d2bd9656136af4a8cc91e56187439a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://amexgbt-uat.expansivefm.net/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 19 Dec 2023 02:59:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _sentryDebugIds string| _sentryDebugIdIdentifier object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| SENTRY_RELEASE function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| appConfig object| __SENTRY__ function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| pako object| closure_lm_125666

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amexgbt-uat.expansivefm.net/	1970-01-20 17:04:01	Name: XSRF-TOKEN Value: eyJpdiI6InZnRm5XZmd2M0s1aHlJeTBFZEZRelE9PSIsInZhbHVlIjoiWU5zZ0JBdUdJdXBCZGt4OHlqZUlqUkRkM1F2eUhTdERxb0JvWlBqTWwzeVN6NzFhUUNJejBCNW5uZ25KeG4xSFhUd2RwSndaSlN0L1FKOWkxM2wwSEMyTXZjblhpYVhzQ3Y1a3dvTWJXYSt0d3kvd0ZCaGFuUlpzdW9rQzZUMzEiLCJtYWMiOiI5MGFiMjU3OWRiOGZjMGM1ODkzZWMyZDM4NWNkNGViNTgxYjE0YTdkYmU3ZDY1YjQ1NzJjYmZiNDBmNzg3YzA4IiwidGFnIjoiIn0%3D
			amexgbt-uat.expansivefm.net/	1969-12-31 23:59:59	Name: expansive_fm_session Value: eyJpdiI6IkNnR1RxREtZdmt5b1JzMlZ1am5RZFE9PSIsInZhbHVlIjoiSjVvUjN6Q29nSktaWjIzS0piR0IxZXZtaVhuMVJwaklndnVTOFd3OGlTT2hhNnNPdHFVUlgwMTh0eGRyd3hKUXNMRG1wZ2pqOERrcWNnMFRvNHFrTzNkRzhQZUR5bDlvaFdvb3dBamtleGZlWW85OThGK0F0dkRmVGxMbTQ0aVQiLCJtYWMiOiIxZmE5ZGExNDA2YjYyZDg2YjAyNzIyNDBhMjVjMWE1MDI1ZDA1MWUyMWIwNzI5NTA4ODhmMWNlZWQyNGVlZDg4IiwidGFnIjoiIn0%3D
			.www.expansivefm.com/	1970-01-20 17:02:36	Name: __cf_bm Value: a.17IPBYkrVWp3OFJbEjnhSoMeb26L4EgZUgpVaq_Ok-1702954792-1-AVTNvmuqOJKA2w9V+7Y6NcL5kK6B8SPAp9M/nDfu/51tx7I+VNpbVdspVMBA77fO+kOifmwClRiHyLH3lpwCVeE=
			.www.expansivefm.com/	1969-12-31 23:59:59	Name: __cfruid Value: 0ae3d2cb98de4ab305f20dad3ecb5a3abe87ab93-1702954792

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amexgbt-uat.expansivefm.net
fonts.gstatic.com
o503303.ingest.sentry.io
translate.google.com
translate.googleapis.com
www.expansivefm.com
www.gstatic.com
2606:2c40::c73c:6702
2606:4700:10::6816:550
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::200a
2607:f8b0:4006:824::200e
34.120.195.249
0021114721ab7a5cdd97e8d456981215a47e752cbfda22b5cc564e72a15c20be
1d667acc6e106021c3c9fbd97a97cb698ec6beea109ba26bea43871f78f0805d
22b38397f92d84c92135cd9be5e8af18836f61a0b1870f2bf32be8549df2c896
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47796ba26635a4b28d6c78d550c2e7892d3d59447f7bf09cb21ecc46fd73f550
519b39589fb720de4b88364e00961c1469af45aaeea5fb71c993a1dc433cf1ef
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6dbca38ba416a59afee623ae8ec3c4414abf109cce896db89e0cba1aaccf971f
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7aca1f248ad5a5453e064603c98e3d0c346eb8eafbe57e015448f49172dc0191
821768ee6fa4d8915da6b6d64f65513244d2bd9656136af4a8cc91e56187439a
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c
9493809304deceb5084f62fba18b84e455311adf7b0cffc5ff628702d4a010c3
9a31c0bd6cd6d51eb408c011ba14c8f49bf70665753f148616cf688984705fb7
a1fa3a9e7731c464a079af054c0383c4a978a4eee10ce9c1e2038efdc46637a1
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
acbe4449a086184173c5188d4c192a3625945399ed3367d0e528218f1ed2fd22
bcc57e889c4f80e46d7d9b97f0b6a085f8808224351f47a003b7ac2c1a92a66b
d1bcc956d37253a698d75c88bf4c077d091f7817058d71627b226b17af708e23
d8f4511fc72560a7cf4c5f1405d9f180f7d031b462ecef3a0f7f9d81701825d4
e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c