www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lowesrewardscard.com/
Effective URL:
https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Submission: On January 16 via manual (January 16th 2024, 2:43:05 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 6 domains to perform 144 HTTP transactions. The main IP is 23.212.221.34, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 15616.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 3rd 2023. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:9390	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.98.234.135 104.98.234.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 10	23.212.221.34 23.212.221.34	16625 (AKAMAI-AS) (AKAMAI-AS)
4	139.71.50.97 139.71.50.97	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
51	23.36.235.165 23.36.235.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.212.210.226 23.212.210.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2	139.71.50.223 139.71.50.223	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	23.212.220.184 23.212.220.184	16625 (AKAMAI-AS) (AKAMAI-AS)
16	139.71.16.158 139.71.16.158	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	139.71.48.49 139.71.48.49	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
9	139.71.21.230 139.71.21.230	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	139.71.48.197 139.71.48.197	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	139.71.89.13 139.71.89.13	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1 2	54.154.75.101 54.154.75.101	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2490:200:c:7c62:1240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	139.71.50.190 139.71.50.190	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
9	63.140.62.214 63.140.62.214	15224 (OMNITURE) (OMNITURE)
18	54.220.159.106 54.220.159.106	16509 (AMAZON-02) (AMAZON-02)
1	198.160.127.57 198.160.127.57	15026 (ACXIOM) (ACXIOM)
1	34.192.6.129 34.192.6.129	14618 (AMAZON-AES) (AMAZON-AES)
144	19

1 2606:4700:3034::ac43:9390 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lowesrewardscard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.98.234.135 (London, United Kingdom) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-98-234-135.deploy.static.akamaitechnologies.com

americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.212.221.34 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-221-34.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.50.97 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: referral-r2.americanexpress.com

referral.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 23.36.235.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.210.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-210-226.deploy.static.akamaitechnologies.com

global.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.71.50.223 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: prospectpagev4-r2.americanexpress.com

mgmee.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.212.220.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-220-184.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 139.71.16.158 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi22.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.48.49 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: referconfigexternal-r2-vip.americanexpress.com

referconfigexternal.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.71.21.230 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions2a-vip.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.48.197 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: origin-navigation-latest-r2-vip.americanexpress.com

origin-navigation-latest.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.89.13 (United States)

ASN6307 (AMERICAN-EXPRESS, US)

dynatracepsg.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.75.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-75-101.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:200:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)

ct.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.71.50.190 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv4-r2.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.140.62.214 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-214.data.adobedc.net

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.220.159.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.160.127.57 (Greenbrier, United States)

ASN15026 (ACXIOM, US)

aeopprodvip.acxiom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.6.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-6-129.compute-1.amazonaws.com

k-aus1.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	americanexpress.com 4 redirects americanexpress.com — Cisco Umbrella Rank: 7837 www.americanexpress.com — Cisco Umbrella Rank: 15616 referral.americanexpress.com — Cisco Umbrella Rank: 946039 global.americanexpress.com — Cisco Umbrella Rank: 25158 mgmee.americanexpress.com one-xp.americanexpress.com — Cisco Umbrella Rank: 25676 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 19576 referconfigexternal.americanexpress.com — Cisco Umbrella Rank: 58807 functions.americanexpress.com — Cisco Umbrella Rank: 20724 origin-navigation-latest.americanexpress.com — Cisco Umbrella Rank: 321117 dynatracepsg.americanexpress.com — Cisco Umbrella Rank: 22995 gct.americanexpress.com — Cisco Umbrella Rank: 57973 omns.americanexpress.com — Cisco Umbrella Rank: 17614	350 KB
51	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 13520 icm.aexp-static.com — Cisco Umbrella Rank: 15204	1 MB
23	contentsquare.net ct.contentsquare.net — Cisco Umbrella Rank: 24892 c.contentsquare.net — Cisco Umbrella Rank: 4361 k-aus1.contentsquare.net — Cisco Umbrella Rank: 9373	137 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
1	acxiom.com aeopprodvip.acxiom.com — Cisco Umbrella Rank: 74754	429 B
1	lowesrewardscard.com 1 redirects lowesrewardscard.com	722 B
144	6

	Domain	Requested by
43	www.aexp-static.com	www.americanexpress.com www.aexp-static.com
18	c.contentsquare.net	ct.contentsquare.net
16	iwmapapi.americanexpress.com	www.aexp-static.com ct.contentsquare.net
10	www.americanexpress.com	3 redirects www.americanexpress.com ct.contentsquare.net
9	omns.americanexpress.com	www.aexp-static.com
9	functions.americanexpress.com	www.aexp-static.com
8	icm.aexp-static.com	www.aexp-static.com ct.contentsquare.net
4	ct.contentsquare.net	www.aexp-static.com ct.contentsquare.net
4	dynatracepsg.americanexpress.com	www.aexp-static.com
4	one-xp.americanexpress.com	www.aexp-static.com
4	referral.americanexpress.com	www.americanexpress.com ct.contentsquare.net
2	gct.americanexpress.com	www.aexp-static.com ct.contentsquare.net
2	dpm.demdex.net	1 redirects
2	mgmee.americanexpress.com	www.aexp-static.com
2	global.americanexpress.com	www.aexp-static.com
1	k-aus1.contentsquare.net	ct.contentsquare.net
1	aeopprodvip.acxiom.com	ct.contentsquare.net
1	origin-navigation-latest.americanexpress.com	www.aexp-static.com
1	referconfigexternal.americanexpress.com	www.aexp-static.com
1	americanexpress.com	1 redirects
1	lowesrewardscard.com	1 redirects
144	21

This site contains links to these domains. Also see Links.

Domain
ir.americanexpress.com
network.americanexpress.com
global.americanexpress.com
www.facebook.com
x.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-03` - `2024-08-01`	a year	crt.sh
referral-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-28` - `2024-08-26`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-07` - `2024-08-05`	a year	crt.sh
prospectpagev4-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-28` - `2024-08-26`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2024-07-29`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-07-21` - `2024-07-19`	a year	crt.sh
referconfigexternal-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-06` - `2024-08-03`	a year	crt.sh
functions.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-28` - `2024-08-26`	a year	crt.sh
origin-navigation-latest-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-14` - `2024-08-12`	a year	crt.sh
dynatracepsg.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-31` - `2024-05-29`	a year	crt.sh
ct-tag.clicktale.net Amazon RSA 2048 M02	`2023-04-26` - `2024-05-25`	a year	crt.sh
gctv4-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-10-26` - `2024-10-25`	a year	crt.sh
omns.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-06-04`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
AEOPPRODVIP.ACXIOM.COM Entrust Certification Authority - L1K	`2023-02-24` - `2024-03-24`	a year	crt.sh
dep-malka.bf.contentsquare.net Amazon RSA 2048 M01	`2023-10-10` - `2024-11-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Frame ID: 36EBBC58EF9D5F0D57224F551E9B8922
Requests: 133 HTTP requests in this frame

Frame: https://referral.americanexpress.com/home/report/security/csp-violation
Frame ID: 68792FB1AEE305825AC2FDDF566DA773
Requests: 1 HTTP requests in this frame

Frame: https://referral.americanexpress.com/home/report/security/csp-violation
Frame ID: 17CEFD0A304A38C15C7CF8DC2A87514D
Requests: 1 HTTP requests in this frame

Frame: https://referral.americanexpress.com/home/report/security/csp-violation
Frame ID: 0CC98A7554279F6C0A558570D447391B
Requests: 1 HTTP requests in this frame

Frame: https://referral.americanexpress.com/home/report/security/csp-violation
Frame ID: C563F308035F45E44337CCEB5C41620B
Requests: 1 HTTP requests in this frame

Frame: https://referral.americanexpress.com/home/report/security/csp-violation
Frame ID: B8A4984907584A276903901154A1BD6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express axp-icon-right axp-icon-pluscircle axp-icon-pluscircle axp-icon-pluscircle

Page URL History Show full URLs

http://lowesrewardscard.com/ HTTP 301
https://americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP HTTP 301
https://www.americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP HTTP 302
https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP Page URL

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

144
Requests

93 %
HTTPS

10 %
IPv6

6
Domains

21
Subdomains

19
IPs

4
Countries

1991 kB
Transfer

7387 kB
Size

35
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://ir.americanexpress.com/investor-relations/default.aspx?inav=us_footer_about_investor_relations
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/globalnetwork/v4/?inav=us_footer_about_global_network
Title: Global Network

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=footer_contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressUS

Search URL Search Domain Scan URL

URL: https://x.com/americanexpress

Search URL Search Domain Scan URL

URL: https://www.instagram.com/AmericanExpress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lowesrewardscard.com/ HTTP 301
https://americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP HTTP 301
https://www.americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP HTTP 302
https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534

Request Chain 135

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&flavor=post&vi=TAMHGRFHTKEUARMNJVDAEMCRJCWFBKIH-0&modifiedSince=1678194733387&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD~A~N~I~E~E~N~t~H~H-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&bp=3&app=bf05ef884b484fae&crc=3551725007&en=jf4wyxxa&end=1 HTTP 301
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

Request Chain 143

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&flavor=post&vi=TAMHGRFHTKEUARMNJVDAEMCRJCWFBKIH-0&modifiedSince=1678194733387&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2FDANIEENtHH%3FXLINK%3DMYCP&bp=3&app=bf05ef884b484fae&crc=1857512814&en=jf4wyxxa&end=1 HTTP 301
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

144 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request DANIEENtHH Show response
www.americanexpress.com/en-us/credit-cards/referral/prospect/
Redirect Chain

http://lowesrewardscard.com/
https://americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP
https://www.americanexpress.com/en-us/referral/DANIEENtHH?XLINK=MYCP
https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

303 KB
47 KB

234ms
233ms

Document
text/html

23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba6d020f0b5ae98d7032b6c21cb84c41e5eab8be742bcc0acc5cfb96616fc702

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'nonce-d124db1d-0415-4442-8bb3-453fdd2637a0' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 39831
content-security-policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'nonce-d124db1d-0415-4442-8bb3-453fdd2637a0' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:42:55 GMT
etag: W/"4ba13-swktIf8QgsablqgGwQiZSLeOp2c"
one-app-version: 4.93.1-af1f6806
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 39441 0 pmb=mTOE,5
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store
content-length: 162
content-security-policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-46445255044898c3a3974737296dac8b' 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-46445255044898c3a3974737296dac8b' 'nonce-5e6c5206-6e04-4909-b1c8-f7272ed0af7b' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:42:55 GMT
location: /en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
one-app-version: 4.93.1-af1f6806
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content csp-violation
referral.americanexpress.com/home/report/security/ 0
9 KB 822ms
250ms Other
text/plain 139.71.50.97
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://referral.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.97 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

referral-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-ee4ec8c1-5ac7-4f46-837d-06c8e0a36c7b' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-ee4ec8c1-5ac7-4f46-837d-06c8e0a36c7b' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Tue, 16 Jan 2024 14:42:56 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.93.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 5a0ff322 Show response
www.americanexpress.com/akam/13/ 26 KB
9 KB 377ms
377ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/5a0ff322

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

5db136ba92e6d613b8f47952c40f845e2758c0909ebac70d0116f6e3bf124145

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:08:44 GMT
etag: "567d92afacd43ea521def2803efe5a383d4838f95337d6538e697f73bc3ed03a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 8761

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
1 KB 201ms
51ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-962"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 989

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 2 KB
922 B 350ms
200ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66e"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 743

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/ 996 KB
232 KB 217ms
67ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-f8f36"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 237539

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/ 14 KB
5 KB 385ms
236ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-39bf"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5273

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/ 787 KB
201 KB 349ms
200ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-c4c2b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 205949

GET
H2 200 en-US.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/i18n/ 25 KB
4 KB 385ms
237ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/i18n/en-US.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-65aa"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 4154

GET
H2 200 axp-refer-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/ 399 KB
114 KB 186ms
185ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60503f4fa3c17f1a15712ce56fc1e41978746d6b2bcbcf2118c8f8ada1e6080a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 14:22:34 GMT
etag: W/"659ff9aa-63b28"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 116300

GET
H2 200 axp-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.7.0/ 40 KB
11 KB 198ms
197ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.7.0/axp-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e56f4cbcd2ee39ee21e903c9f38827c42723ef7e4520c83d76cb01caf8c0d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 04:50:08 GMT
etag: W/"5e993580-9e40"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 10826

GET
H2 200 axp-refer-prospect.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-refer-prospect/1.102.7/ 2 MB
344 KB 199ms
198ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-prospect/1.102.7/axp-refer-prospect.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa9d62874b398cdd4c570ef4e16ee66aa8dcd66a3ef06ed221ce5a29c640644b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 09:35:13 GMT
etag: W/"65a64dd1-1d0158"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 351399

GET
H2 200 axp-data-layer.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/ 217 KB
58 KB 219ms
219ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/axp-data-layer.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13505c2d564804cddc89a303dad7f9e2164aefa9f608694b871eb1166acbed44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 21:40:05 GMT
etag: W/"60108c35-3632f"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 58783

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/ 204 KB
50 KB 223ms
223ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-32f27"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 51004

GET
H2 200 ZGs Show response
www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ 215 KB
80 KB 449ms
448ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 16:13:23 GMT
etag: "847e9eb0c2aa602fdeb05a53243d9ead2556b01a549758f95361f3ed5ae3cfaa"
stored-attribute-sha-checksum: 8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21600
content-length: 81419

GET
H2 200 en-BB~i1~a1e63395.js Show response
www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/ 18 KB
2 KB 384ms
384ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/en-BB~i1~a1e63395.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 20:31:31 GMT
etag: W/"64c425a3-4995"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1695

POST
H2 201 ZGs Show response
www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ 18 B
815 B 433ms
432ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: a072d43f-a9da-41a2-889c-a0301de0eb09
access-control-allow-headers: Content-Type
content-length: 18

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 401 member Show response
global.americanexpress.com/api/servicing/v1/ 222 B
2 KB 414ms
229ms Fetch
application/json 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/api/servicing/v1/member

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods
content-type: application/json;charset=iso-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers
content-length: 222
correlation_id: a5fa5ba61705416177380
expires: -1

POST csp-violation
referral.americanexpress.com/home/report/security/ Frame 6879 0
0

POST csp-violation
referral.americanexpress.com/home/report/security/ Frame 17CE 0
0

POST
H2 201 ZGs Show response
www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ 18 B
819 B 359ms
358ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 002d23b0-acfc-46da-bab8-6ac0db1e3fa0
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 200 pixel_5a0ff322 Show response
www.americanexpress.com/akam/13/ 0
846 B 213ms
213ms XHR
text/html 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/pixel_5a0ff322

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/akam/13/5a0ff322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
alb-failover-nimval: 0
content-length: 0
x-frame-options: SAMEORIGIN
content-type: text/html

OPTIONS
H/1.1 200
OK DANIEENtHH
mgmee.americanexpress.com/refer/api/v2/content/mgmee/us/en/ Frame 0
0 675ms
165ms Preflight 139.71.50.223
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://mgmee.americanexpress.com/refer/api/v2/content/mgmee/us/en/DANIEENtHH?xLink=MYCP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.223 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

prospectpagev4-r2.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: browser-area,correlation_id,hardware-concurrency,max-touch-points,page-id,plugin-touch-points,referring-url,resolution,x-b3-spanid,x-b3-traceid,x-b3-tracenamespace
Access-Control-Request-Method: GET
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: browser-area, correlation_id, hardware-concurrency, max-touch-points, page-id, plugin-touch-points, referring-url, resolution, x-b3-spanid, x-b3-traceid, x-b3-tracenamespace
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Date: Tue, 16 Jan 2024 14:42:58 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Transfer-Encoding: chunked
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 525ms
175ms Preflight 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 16 Jan 2024 14:42:58 GMT
Expires: Tue, 16 Jan 2024 14:42:58 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 508ms
161ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:42:58 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK DANIEENtHH Show response
mgmee.americanexpress.com/refer/api/v2/content/mgmee/us/en/ 22 KB
23 KB 1349ms
960ms Fetch
application/json 139.71.50.223
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://mgmee.americanexpress.com/refer/api/v2/content/mgmee/us/en/DANIEENtHH?xLink=MYCP

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.223 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

prospectpagev4-r2.americanexpress.com

Software

Resource Hash

535e0aca6deff02363e69ada45263ff19627e2cc5d996de009620e775d330916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Device-Memory: 8
Plugin-Touch-Points
Max-Touch-Points: 0
Hardware-Concurrency: 12
X-B3-TraceId: 69f48bccd6082cdee9407b160b683013
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-B3-TraceNamespace: client-telemetry-client-200005020
Referer
X-B3-SpanId: 150e569175da0861
Browser-Area: 1600X1200
Page-Id: MGM_LANDING_PAGE
Referring-Url
correlation_id: 69f48bccd6082cdee9407b160b683013
Resolution: 1600X1200

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 14:42:59 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK en-US.json Show response
referconfigexternal.americanexpress.com/frontend-configurations/refer-experiments/prop-tests/ 10 KB
11 KB 658ms
152ms Fetch
application/json 139.71.48.49
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://referconfigexternal.americanexpress.com/frontend-configurations/refer-experiments/prop-tests/en-US.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/vendors.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.48.49 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: referconfigexternal-r2-vip.americanexpress.com
Software: /
Resource Hash: be6b036d7d0f510cdcd51295324d44f528fbc453bd7f2e32e688c93a1030ffec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 14:42:58 GMT
X-Ecm-Server: onboard-deployment-97-hhj4q
ETag: "-861882846"
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, origin
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
X-Config-Index: 12927024
X-Ecm-Dc: e3_ipc2
content-length: 10584

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 817 B
2 KB 338ms
220ms Fetch
application/json 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/axp-data-layer.client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad85f9e494398e05df8afdfe522d2bfc3e6ae20fa4b040f9c08071765596db8f

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 14:42:58 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 817
Expires: Tue, 16 Jan 2024 14:42:58 GMT

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 448 B
501 B 512ms
160ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

f6b77280d0e70a2dcee12b365e7fd77ead8ba2d03c4e9ef6de39b061d7c912cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:57 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 316

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 474 B
401 B 519ms
168ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dxt-script-supplier-helper&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

32f61fef769c4154a5d9ff29831b5f12f294fc7a83d12b34bc71f2d74119ba45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:57 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 314

GET
H/1.1 200
OK v0 Show response
origin-navigation-latest.americanexpress.com/partials/en-us/axp-footer/ 106 KB
24 KB 624ms
167ms Fetch
text/html 139.71.48.197
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://origin-navigation-latest.americanexpress.com/partials/en-us/axp-footer/v0?loginDestPage=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Freferral

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.48.197 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

origin-navigation-latest-r2-vip.americanexpress.com

Software

Resource Hash

c9212458ef2871ebb1bb7413c60102e5307ca0aaa6958349b8851894113a4d44

Security Headers

Name	Value
Content-Security-Policy	report-uri https://origin-navigation-latest.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com; script-src 'nonce-eb95d342-d90e-4eca-bf66-657a52431296' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: report-uri https://origin-navigation-latest.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com; script-src 'nonce-eb95d342-d90e-4eca-bf66-657a52431296' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; frame-ancestors none; frame-src none
x-content-type-options: nosniff
Date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
Transfer-Encoding: chunked
Connection: keep-alive
one-app-version: 6.7.1-fed7bc18
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin, accept-encoding
content-type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
cache-control: no-store
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=72
Access-Control-Allow-Headers

GET
H2 200 winback.js Show response
www.aexp-static.com/cdaas/winback-tool/1.0.15/ 74 KB
20 KB 334ms
333ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/winback.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b25664b60b62b08c2a1d55bf9f3f4d4af44b1a34e0dae2359aed6d600d406954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 11:06:09 GMT
etag: W/"644905a1-128b7"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 19891

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 409ms
151ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/axp-data-layer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:42:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 axp-root.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.7.0/en-us/ 193 B
1005 B 183ms
66ms Fetch
application/json 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.7.0/en-us/axp-root.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 04:50:00 GMT
etag: "5e993578-c1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 157

GET
H2 200 axp-data-layer.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/en-us/ 232 B
984 B 191ms
84ms Fetch
application/json 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/en-us/axp-data-layer.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 21:39:54 GMT
etag: "60108c2a-e8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 141

GET
H2 200 axp-refer-root.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/en-us/ 7 KB
3 KB 196ms
100ms Fetch
application/json 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/en-us/axp-refer-root.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f2c476f40c3ef2dc11cd0a67159c82135557daa2ca7aa10a3f6e03b50519c1dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 14:22:09 GMT
etag: W/"659ff991-1d53"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1845

GET
H2 200 axp-refer-prospect.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-refer-prospect/1.102.7/en-us/ 11 KB
5 KB 189ms
105ms Fetch
application/json 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-prospect/1.102.7/en-us/axp-refer-prospect.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0afc498dd59714a85aaa2f523d3c3f98e3ac0bcdd953d47cfa5a07ecb7e239cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 09:34:05 GMT
etag: W/"65a64d8d-2b92"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 3891

POST csp-violation
referral.americanexpress.com/home/report/security/ Frame 0CC9 0
0

POST csp-violation
referral.americanexpress.com/home/report/security/ Frame C563 0
0

POST
H2 201 ZGs Show response
www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ 18 B
813 B 228ms
228ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/iGCNnU/3Y/KB/t4xy/QDprkqeJBIhiM/YNSYhbprzhaO/UQF7/MGpyBFRc/ZGs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:42:57 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 873add99-185f-492a-a5f2-afe93d0b82cf
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 vendors-node_modules_core-js_modules_es_array_filter_js-node_modules_core-js_modules_es_map_j-15845a.js Show response
www.aexp-static.com/cdaas/winback-tool/1.0.15/ 18 KB
5 KB 284ms
283ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/vendors-node_modules_core-js_modules_es_array_filter_js-node_modules_core-js_modules_es_map_j-15845a.js?id=9c16ab712b904eed3ed7
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/winback.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5c7b79580b0ee750cb9bc8c177d6a132cbb2c45b967cee60387affeeaf75d910

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 11:06:09 GMT
etag: W/"644905a1-4811"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5061

GET
H2 200 initExitIntent.js Show response
www.aexp-static.com/cdaas/winback-tool/1.0.15/ 4 KB
2 KB 240ms
240ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/initExitIntent.js?id=ddb3a9928803c3452a48
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/winback.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b9380a38aac51b27c2a368a3004373351944a4cc7cc64fb397ccf5b4a82565d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 11:06:09 GMT
etag: W/"644905a1-f53"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1446

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.8/ 223 KB
65 KB 52ms
52ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.8/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abc7d16f4ca4084fcac22863ef4e237a8497a9c2af7fa1e381556b7a4a49ea01

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Sat, 18 Nov 2023 02:53:25 GMT
etag: W/"65582725-37bce"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 66139

GET
H2 200 dxt-script-supplier-helper.js Show response
www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/ 127 KB
49 KB 101ms
101ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1904ac92566198828cfcf387ae5e0e42c15471c79d95b05c6cf85cbb483ec0d3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 03:14:19 GMT
etag: W/"651cd88b-1fa47"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 49599

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 445 B
408 B 153ms
153ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dynatrace&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

6254a177d60d0c37e2a912b3eaad2d3f59b53a14b848a0aa885edafd8b9df905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:58 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 322

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 445 B
402 B 151ms
151ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-identity-session&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

8a6d92eb5ada2811361b2324fc844454e304eec4ba4727f9842b4bd9be4060a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:58 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 458 B
412 B 164ms
164ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=contentsquare&version=%5E1.0.2&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

30cd09e853eb4a3f670d70d80749d7f1d3e044bd31013f5139eca2a1051093b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:58 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 325

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 446 B
414 B 164ms
164ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

f9aa83d80c070f15d699f6631255cdb37a6f1a4d282ec4f27169ef3ca9853ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:58 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 327

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 444 B
414 B 159ms
159ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=%5E1.0.0&environment=e3&cache=1705416

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

4da7602dc533958545fd43c0c47e4542c63ca03e08db47d0063f8536d932e0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 16 Jan 2024 14:42:57 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 327

GET
H2 200 footerScript.js Show response
icm.aexp-static.com/content/Navigation/NavScript/ 499 B
460 B 79ms
56ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/Navigation/NavScript/footerScript.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

ac150423e8c4855e82149cb6159f48bd6ec2f040940c829f5e39282074355916

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:42:58 GMT
last-modified: Tue, 16 Jan 2024 03:50:15 GMT
server: Akamai Resource Optimizer
etag: "1f3-60f07810fa733-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=4712
accept-ranges: bytes
content-length: 209

GET
H2 200 navScript.js Show response
icm.aexp-static.com/content/Navigation/NavScript/ 2 KB
1 KB 78ms
55ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/Navigation/NavScript/navScript.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-root/1.65.1/axp-refer-root.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

98b397070e0d12de18c19ec1bab2d48109ce49b3ef59dbfbec0e66adf30621c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:42:58 GMT
last-modified: Mon, 15 Jan 2024 23:23:00 GMT
server: Akamai Resource Optimizer
etag: "6d7-6067ff13d3b6c-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=12447
accept-ranges: bytes
content-length: 780

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 2 KB
890 B 54ms
53ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 712

GET
H2 200 dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/ 5 KB
793 B 52ms
52ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/dls-flag-us.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-15f8"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 587

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1985974bb54604254090ce6ac2267c7650f4cf9354edafcaaebd14ade3ce4d52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 timeout.js Show response
www.aexp-static.com/cdaas/one/one-identity-session/1.35.0/ 36 KB
12 KB 53ms
52ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.35.0/timeout.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1bd41f73d34ebeed1e183bf479c8b98ed900e6990d1543f5ce8bfadf7d56d71c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 18:36:41 GMT
etag: W/"65283cb9-9019"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 11537

GET
H2 200 dynatrace.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/ 451 B
540 B 80ms
79ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/dynatrace.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 290a5433663937d2eb7372cd4b6d2f62c6c4a8ebc5f317c1b6b8e8ca7e8d7939

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 17:04:21 GMT
etag: W/"65413395-1c3"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 330

GET
H2 200 launch-b363d6c28b7c.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/ 285 KB
67 KB 79ms
79ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/launch-b363d6c28b7c.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b8f821371f8dfb9b7608775e269af963666f5e5d1336b58e3a8aa471e608109

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 03:28:27 GMT
etag: W/"6541c5db-47266"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 68556

GET
H2 200 contentsquare.js Show response
www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/1.0.16/ 831 B
721 B 71ms
70ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/1.0.16/contentsquare.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c64216b196360b2ade2df507392c2416d839289206af85f3481aac8a3b9e5522

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 17:46:53 GMT
etag: W/"6543e08d-33f"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 511

GET
H2 200 entrypoint-15983.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/ 70 KB
22 KB 70ms
70ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66e5cdbfec52d48c7f4b20466605fdf025ffc1de68d4c21049f29f9907c70ae3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:43 GMT
etag: W/"65a0a363-1191b"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 22680

OPTIONS
H2 200 UpdateUserSession.v1
functions.americanexpress.com/ Frame 0
0 142ms
142ms Preflight 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-length,baggage-one-data-correlation-id,ce-type,x-one-data-forward-address,x-b3-sampled,access-control-allow-origin,x-one-data-host,access-control-allow-credentials,credentials,x-b3-traceid,authorization,one-data-context,vary,ax-operation-mode,x-mitigator-finger-print,x-mitigator-recommended-action,access-control-max-age,sub-event-type,access-control-expose-headers,ax-event-type,user-agent,ax-rtf-filter,x-b3-spanid,x-requested-with,blueboxpublic,access-control-allow-headers,x-b3-parentspanid,content-encoding,origin,agent-id,access-control-request-headers,ax-correlation-id,ax-rtf-dynamic-uri-override,x-mitigator-status,accept,ce-source,one-data-correlation-id,one-data-risk-assessment-token,content-type,event-type
access-control-allow-methods: DELETE,GET,PUT,OPTIONS,POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Tue, 16 Jan 2024 14:42:58 GMT

POST
H2 401 UpdateUserSession.v1 Show response
functions.americanexpress.com/ 228 B
322 B 420ms
159ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.35.0/timeout.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash: 40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Request headers

one-data-correlation-id: fe6fcc98-5e9d-435c-bea3-bbb973542a1a
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.americanexpress.com
date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 199
vary: origin

GET
H2 200 info.filled.svg
www.aexp-static.com/one/universal-session-manager-assets/ 361 B
508 B 223ms
223ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/one/universal-session-manager-assets/info.filled.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 04:57:13 GMT
etag: W/"64645ea9-169"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 235

GET
H/1.1 200
OK BF05EF884B484FAE_complete.js Show response
dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/ 238 KB
91 KB 781ms
185ms Script
application/javascript 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/jstag/managed/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/BF05EF884B484FAE_complete.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/dynatrace/1.0.1/dynatrace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 357a5e49e0a33d60074cea36f7b2d5903759e6a7efd7ec15a89f4076808598fe

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 14:42:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: Tue, 16 Jan 2024 14:53:48 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534

213 B
820 B

61ms
61ms

XHR
application/json

54.154.75.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534

Protocol

Server

54.154.75.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-75-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

39ce2559882d70ed9cb0e68b2a08ce1f72a29e9c26e5431b5cca42d83f5e2c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-047549938.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 16 Jan 2024 14:42:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: RCZ2c4bXTm8=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 210
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-074d8d8ae.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 16 Jan 2024 14:42:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: nkM5sODvQSM=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1705416178534
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/dcb19cbd6cbf/b4385da1798a/74e098123439/ 34 KB
13 KB 50ms
50ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/launch-b363d6c28b7c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16e237d8bc5e65eff6827eb5ba277e66d9712aa93673d5338d6bff8aeb986f48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 16:48:42 GMT
etag: W/"65412fea-8766"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 12636

GET
H2 200 uxa.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ 456 KB
95 KB 156ms
45ms Script
application/javascript 2600:9000:2490:200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/contentsquare/1.0.16/contentsquare.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce02494eb3e628e58274d0a9f90402a40ba20a3ac2bb019dc5885a3772086133

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:31:31 GMT
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-version-id: eGkwiXZMb4EycJ4Rd8S8G4VDnaU0tQ_t
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 97036
last-modified: Wed, 01 Nov 2023 20:20:51 GMT
server: AmazonS3
etag: "ca03854264a32da6d0b2312b4bb26e32"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xXH87qDAxAk7wEFvKFjTiivFgtGcXR1QvhqOoJ1dKjYahDyeHJoXwQ==

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/ 74 KB
19 KB 57ms
56ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3dae8fe049aabd6fa9ed226caad0de2129559320ed4050f69839878095b7d93f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: W/"65a0a362-128b2"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 18765

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/ 40 KB
30 KB 51ms
49ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 433bb7b28a735c8d1237a7a2d469363e9a11f2803054bf76ac0dd58034a59026

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: W/"65a0a362-a19b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 30557

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/ 20 KB
5 KB 55ms
54ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.9.0/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e65d8437be3d3b283e42ec1990f4106067695f3cbd104c956753e2266a1ea28

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: W/"65a0a362-500a"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 4938

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/ 206 B
555 B 56ms
55ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: "65a0a362-ce"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 165

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/ 283 B
611 B 62ms
61ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: W/"65a0a362-11b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 226

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/ 238 B
570 B 56ms
55ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.9.0/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 02:26:42 GMT
etag: "65a0a362-ee"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 181

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 19 KB
5 KB 50ms
50ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:33:52 GMT
etag: W/"64358bf0-4aae"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5153

POST
H/1.1 200
OK captureevents.do Show response
gct.americanexpress.com/gct/ 0
1 KB 737ms
290ms XHR
application/javascript 139.71.50.190
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.190 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'
Date: Tue, 16 Jan 2024 14:42:59 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
Content-Type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0

GET
H2 200 tag-1-sha256-Bcbj3-zw7-SJacVbf8RotX1AxvAUULwogrgrNbsR-7E=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 15 KB
3 KB 55ms
55ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-1-sha256-Bcbj3-zw7-SJacVbf8RotX1AxvAUULwogrgrNbsR-7E=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.9.0/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05c6e3dfecf0efe48969c55b7fc468b57d40c6f01450bc2882b82b35bb11fbb1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2024 02:58:15 GMT
etag: W/"659e07c7-3b1a"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 2459

GET
H2 200 id Show response
omns.americanexpress.com/ 48 B
475 B 190ms
53ms XHR
application/x-javascript 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=71112416501163625383160837558964718661&ts=1705416178773

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.4/launch-b363d6c28b7c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

f4e79e016f8f78466ce50bcf6e868bd69576050d111482bea8618bbd28a3ed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:42:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.americanexpress.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content csp-violation
referral.americanexpress.com/home/report/security/ Frame B8A4 0
9 KB 138ms
137ms Other
text/plain 139.71.50.97
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://referral.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.97 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

referral-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-92bf3a0c-92be-49c3-80a3-9d1c59fba426' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-92bf3a0c-92be-49c3-80a3-9d1c59fba426' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Tue, 16 Jan 2024 14:42:58 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.93.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 ptc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ 71 KB
15 KB 42ms
42ms Script
application/javascript 2600:9000:2490:200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ptc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a59e2a032e67800ad4103920c949884d634b38c72e289c36ccaf533461bf69

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:31:32 GMT
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-version-id: q2d7A42SBFIl_JXuuUVvCWlhrMBzIhG8
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14851
last-modified: Wed, 01 Nov 2023 20:20:49 GMT
server: AmazonS3
etag: "039de4418ee862b6ac9806aa4238f88a"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sulxHFMJbsPRO2ZpH-1IdVGqdgyuychQk6uQBtGtxmkcsBfCNUJtCQ==

GET
BLOB 200
OK 7821e847-1d9e-4e22-b25d-c4cb49964937
https://www.americanexpress.com/ 36 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanexpress.com/7821e847-1d9e-4e22-b25d-c4cb49964937
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea0b57d85909225b67b91df3a1f97db5e1b6b4daae568d8e5216b116e7f5b362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/en-us/credit-cards/referral/prospect/DANIEENtHH?XLINK=MYCP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 36377
Content-Type: application/javascript

GET
H2 200 pcc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ 77 KB
18 KB 43ms
42ms Script
application/javascript 2600:9000:2490:200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/pcc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5eafc7f53aeb4a3220411301d027ec16f900a8012132870a8e307f2dfd0672be

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:31:32 GMT
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-version-id: 3BzFSmHuZuSapZNsa6l_plLoE5o1fAHG
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18151
last-modified: Wed, 01 Nov 2023 20:20:49 GMT
server: AmazonS3
etag: "6778ee81a8839e58d1ee4cbf9f21caf1"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: trifD8RaH_ts938J2mARlC1GVdySDBrKVHeE5eMkLAIvRbadkxqqWA==

GET
H2 200 wr.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ 6 KB
2 KB 44ms
44ms Script
application/javascript 2600:9000:2490:200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/wr.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:31:32 GMT
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-version-id: V8dtvyiuTgGMIB41Lz4rmeQCUb0__BNf
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2017
last-modified: Wed, 01 Nov 2023 20:20:49 GMT
server: AmazonS3
etag: "e53f78d1c505fc3271aa87ff1a71d5ac"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SpmKGZ46cJVxM3krSTbTzi04Cpl3URmQ7fKCe78CTSzTiro3cnYrCQ==

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 180ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=3776&uu=186ca63a-b608-a03b-a27d-650cfc167db0&sn=1&hd=1705416178&pn=1&dw=1608&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2FDANIEENtHH%3FXLINK%3DMYCP&uc=1&la=en-US&cvars=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%7D&cvarp=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%7D&v=13.59.1&pvt=n&dt=44&ex=&r=234566
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 155ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&dv=H4sIAAAAAAAAAy2Oy2rDMBBFf2XQKoFYluxEzmNlGmhL6lKISxZNMWNr1IiotrEc%2Bgj592rR7Tncy7my%2FKWotmW1J%2B9t1z5u2ZrJpWpQpRjVSiwjFGkdYZLpSC1EYxqpMl0LLtmMvXoa8g9qxzAqul%2FrHMYLLmBysK3uvjw8lyAFFxsIQM038K3mU8j73tGB6p0d40Wa8VTBZPdQFk8zcPZMcE%2FNuZvC3WnoPimWSTjgSqxWPJEK9mhwsP%2B7kJBfxlMIsA2OpEOGQecpcGPJ6QpbdD9B%2BspcnAv6emT9QCaUkj6y9dv7jd3%2BAIVPJDkEAQAA&ct=2&r=884735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 s82766762274444
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
351 B 54ms
54ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s82766762274444?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A42%3A58%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2FDANIEENtHH%3FXLINK%3DMYCP&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=acq&country=us&language=en&.omn&.c&cc=USD&server=www.americanexpress.com&events=event140&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect&c3=en&c4=US&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Cacq&c24=US%7Cacq%7Ccredit-cards&v27=US&c30=US%7Cacq%7Ccredit-cards%7Creferral&c31=US&c38=US%7Cacq%7Ccredit-cards%7Creferral%7Cprospect&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&c75=Launch&v75=71112416501163625383160837558964718661&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:42:59 GMT
server: jag
etag: 3662353358260961280-4617781655086768172
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:42:59 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 61ms
55ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAQEAMAjDMEuUwdj9G3tyQA%2FeAsu9inBFt5vnOWLzAaEjryUmAAAA&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=914668
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 59ms
55ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAREAIAgDwEwwBRbHG9A%2Fgv9auarDIHridcfCGLkNeqVzcO7wA5cBlwsoAAAA&ct=2&isETR=false&isCustomHashId=true&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=584878
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 58ms
55ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&dv=H4sIAAAAAAAAAwXBsRWAIAxF0V0yAY%2BQn0gLDYWty3jc3Xtfu9dztk1LoA8UDeTq4eWolWdEXRpJSdj3AwHcec8yAAAA&ct=2&r=102601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H/1.1 204
No Content csp-violation
referral.americanexpress.com/home/report/security/ 0
9 KB 172ms
172ms Other
text/plain 139.71.50.97
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://referral.americanexpress.com/home/report/security/csp-violation

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.97 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

referral-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-cbfaad0b-784c-424c-a0b4-0caa2f67d7b7' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-cbfaad0b-784c-424c-a0b4-0caa2f67d7b7' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Tue, 16 Jan 2024 14:42:59 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.93.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 56ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAystrklMLqxJLkpNySzRTU4sSimuKUpNSy0qSsypKSjKLy5ITS6pcXH083R19Svx8AAAaxuqlTAAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=792048
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 57ms
56ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA3NMTw%2FwqyktrklMLqxJLkpNySzRTU4sSimuKUpNSy0qSsypKSjKLy5ITS6pcXH083R19Svx8AAA%2FOjINzYAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=172950
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:42:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 135ms
135ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:00 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 178ms
178ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:00 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 230ms
230ms Preflight 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 16 Jan 2024 14:43:00 GMT
Expires: Tue, 16 Jan 2024 14:43:00 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 133ms
133ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:00 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 131ms
131ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:00 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 153ms
152ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 135ms
135ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 dls-icon-close.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 316 B
429 B 560ms
560ms XHR
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-close.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

302c58519322303739a6ed3587df99e2f7146e3aa0cb3845db4c2ebd269740c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:43:01 GMT
last-modified: Fri, 30 Sep 2022 06:41:31 GMT
server: Akamai Resource Optimizer
etag: "13c-57d5d673d7bc4-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=75242
accept-ranges: bytes
content-length: 182

GET
H2 200 axp-icon-right.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 359 B
453 B 599ms
599ms XHR
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-icon-right.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8008eae0acfd6a4be7b95adce8ff58503d61f96d3441ea1d9592b2e7a52a8e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:43:01 GMT
last-modified: Tue, 27 Sep 2022 23:09:01 GMT
server: Akamai Resource Optimizer
etag: "167-5b957df95661b-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=71437
accept-ranges: bytes
content-length: 206

GET
H2 200 axp-icon-pluscircle.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 552 B
501 B 632ms
632ms XHR
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-icon-pluscircle.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e3e8e53bde186f4aacb4056c89d68dec6a4501589aec5bf0dca51fe9dd1373d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 23:26:53 GMT
server: Akamai Resource Optimizer
etag: "228-5b9580cd67521-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=71437
accept-ranges: bytes
content-length: 282

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ 36 KB
37 KB 78ms
78ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer: https://www.americanexpress.com/
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:00 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-9121"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37153
expires: Mon, 25 Jan 2021 11:07:20 GMT

GET
H2 200 342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
38 KB 84ms
83ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

Request headers

Referer: https://www.americanexpress.com/
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:00 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-94c5"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 38085
expires: Tue, 02 Mar 2021 18:31:40 GMT

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
37 KB 89ms
89ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Request headers

Referer: https://www.americanexpress.com/
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:00 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-943d"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37949
expires: Fri, 27 Nov 2020 03:31:12 GMT

GET
H2 200 dls-icon-lock.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 446 B
515 B 582ms
582ms XHR
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-lock.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

5b02e0e6e16cee376f4b1dfec33df07939cf27183591db9b6b6d6f82289f6f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:43:01 GMT
last-modified: Mon, 26 Sep 2022 09:57:02 GMT
server: Akamai Resource Optimizer
etag: "1be-57d4bb7b733f5-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=77060
accept-ranges: bytes
content-length: 267

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 817 B
2 KB 249ms
247ms Fetch
application/json 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.4.1/axp-data-layer.client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad85f9e494398e05df8afdfe522d2bfc3e6ae20fa4b040f9c08071765596db8f

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 14:43:01 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 817
Expires: Tue, 16 Jan 2024 14:43:01 GMT

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 174ms
174ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 137ms
135ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H/1.1 200
OK captureevents.do Show response
gct.americanexpress.com/gct/ 0
1 KB 792ms
791ms XHR
application/javascript 139.71.50.190
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.190 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv4-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'
Date: Tue, 16 Jan 2024 14:43:01 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
Content-Type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0

GET
H2 200 lowes-business.png
icm.aexp-static.com/Internet/MemberGetMember/card-art/US_en/hub/ 5 KB
5 KB 441ms
441ms Image
image/avif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/MemberGetMember/card-art/US_en/hub/lowes-business.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6e6139ad0f6c9ae8cc8bfe060a5617b2f514a57f7d539a597e81cce40e2baf55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:01 GMT
last-modified: Wed, 25 Jan 2023 08:16:47 GMT
server: Akamai Image Manager
etag: "3f91-5cad788943670-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=64566
content-length: 5217
expires: Wed, 17 Jan 2024 08:39:07 GMT

GET
H2 200 initApp.js Show response
www.aexp-static.com/cdaas/winback-tool/1.0.15/ 11 KB
3 KB 257ms
257ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/initApp.js?id=885e86035177f7176600
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/winback-tool/1.0.15/winback.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05638ca12cb441146fb9bb8b1cb2781430a57630b882f794424f79a0fc64b51f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:00 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 11:06:09 GMT
etag: W/"644905a1-2c2e"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 3124

GET
H2 401 member Show response
global.americanexpress.com/api/servicing/v1/ 222 B
1 KB 262ms
262ms Fetch
application/json 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/api/servicing/v1/member

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.93.1-af1f6806/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods
content-type: application/json;charset=iso-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers
content-length: 222
correlation_id: 01924b0a1705416180902
expires: -1

GET
H2 200 s83522509057892
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
317 B 58ms
58ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s83522509057892?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A0%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&pznid=39104674969221094848552359641002360663%7C9&pznrequestid=6uX9meT4cAnhg9m1705416179059&identifier=axp-refer-prospect&element=lowes-business-rewards-card&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Elowes-business-rewards-card&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Elowes-business-rewards-card&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&c75=Launch&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&lrt=56&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:00 GMT
server: jag
etag: 3662353360010477568-4617783248517497181
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:00 GMT

GET
H2 200 481b5db4-48a0-4c43-ae8b-fd1a0b7cb481-3.woff
www.aexp-static.com/nav/ngn/fonts/ 34 KB
34 KB 54ms
54ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/481b5db4-48a0-4c43-ae8b-fd1a0b7cb481-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 761b183fee71a413d5cbefe4196ea222efda5a4295cd7c6254dfee22891d07e8

Request headers

Referer: https://www.americanexpress.com/
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:43:00 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-882e"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 34862
expires: Sun, 07 Mar 2021 23:57:04 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 54ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAystrklMLqxJLkpNySzRTU4sSimuKUpNSy0qSsypKSjKLy5ITS6pSSotzsxLLS6ucXH083R19Svx8AAANxSQ5jkAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=654278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 ClickStreamVars.js Show response
icm.aexp-static.com/Internet/US/DARE/ 3 KB
1 KB 51ms
50ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/US/DARE/ClickStreamVars.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-refer-prospect/1.102.7/axp-refer-prospect.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:43:00 GMT
last-modified: Mon, 15 Jan 2024 12:43:19 GMT
server: Akamai Resource Optimizer
etag: "bbe-5bc03519ae7d0-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=12396
accept-ranges: bytes
content-length: 837

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 134ms
133ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:00 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 154ms
152ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 55ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&dv=H4sIAAAAAAAAA6tW8nX3VXBOLEpRslIqLbazS6wo0C1KTUst0i0oyi8uSE0usbPLzC0oSi0uzszPs7PLyS9PLdZNKi3OzAMKAZWWA%2FUW6yaDTKgFAD338K5OAAAA&ct=2&r=342699
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 s81424719510822
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
249 B 55ms
54ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s81424719510822?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A0%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&pznrequestid=6uX9meT4cAnhg9m1705416179059&identifier=axp-refer-prospect&element=pznRequestId&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EpznRequestId&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EpznRequestId&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:00 GMT
server: jag
etag: 3662353361296621568-4617885446187261345
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:00 GMT

POST
H/1.1 204
No Content v2clickStream Show response
aeopprodvip.acxiom.com/services/ 0
429 B 663ms
196ms XHR
text/html 198.160.127.57
ACXIOM

General

Check archive.org

Show headers Download Go to

Full URL

https://aeopprodvip.acxiom.com/services/v2clickStream

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

198.160.127.57 Greenbrier, United States, ASN15026 (ACXIOM, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age:31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Jan 2024 14:43:01 GMT
Strict-Transport-Security: max-age:31536000
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Referer
X-Application-Context

GET
H2 200 s82460541358455
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
249 B 56ms
54ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s82460541358455?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A0%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=welcome-popup&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ewelcome-popup&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ewelcome-popup&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:00 GMT
server: jag
etag: 3662353360010477568-4617888801633763845
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:00 GMT

GET
H2 200 s86490181835515
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
317 B 55ms
54ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s86490181835515?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A0%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&visitorCheck=VisitorAPI%20Present&omn.&ppvpage=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&ppvtotal=100&ppvinitial=100&lob=acq&country=us&language=en&.omn&cm.&ssf=1&.cm&.c&cc=USD&server=www.americanexpress.com&events=event140&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness&c3=en&c4=US&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Cacq&c24=US%7Cacq%7Ccredit-cards&v27=US&c30=US%7Cacq%7Ccredit-cards%7Creferral&c31=US&c38=US%7Cacq%7Ccredit-cards%7Creferral%7Cprospect&v41=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&c75=Launch&v75=71112416501163625383160837558964718661&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=1705416179801B36H28GE8JT0U5283HINMMHMR1H90AE3&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:01 GMT
server: jag
etag: 3662353362519654400-4617522984793371098
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:01 GMT

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 136ms
135ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:01 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 143ms
143ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 16 Jan 2024 14:43:01 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 132ms
132ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 132ms
132ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 16 Jan 2024 14:43:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 s81370938796756
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
249 B 55ms
55ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s81370938796756?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A0%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=how-you-earn-benefits%3Alowes-business-rewards-card&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ehow-you-earn-benefits%3Alowes-business-rewards-card&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3Ehow-you-earn-benefits%3Alowes-business-rewards-card&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&c75=Launch&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:01 GMT
server: jag
etag: 3662353363294879744-4617858220412690963
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:01 GMT

GET
H2 200 s81950887751059
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
249 B 54ms
53ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s81950887751059?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A1%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=WelcomePopupExperiment%3Avalid-url%3Atrue&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EWelcomePopupExperiment%3Avalid-url%3Atrue&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3EWelcomePopupExperiment%3Avalid-url%3Atrue&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&c75=Launch&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&lrt=60&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:01 GMT
server: jag
etag: 3662353361814355968-4617872380342432424
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:01 GMT

GET
H2 200 s85337439870012
omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/ 43 B
249 B 55ms
54ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s85337439870012?AQB=1&ndh=1&pf=1&t=16%2F0%2F2024%2015%3A43%3A1%202%20-60&mid=71112416501163625383160837558964718661&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&g=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD%7EA%7EN%7EI%7EE%7EE%7EN%7Et%7EH%7EH-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&c.&cm.&ssf=1&.cm&omn.&identifier=axp-refer-prospect&element=SrlExperiment%3AV1&lob=acq&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-refer-prospect&v5=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3ESrlExperiment%3AV1&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-refer-prospect&c22=us%3E%3Eaxp-refer-prospect%3E%3Eimpression%3E%3ESrlExperiment%3AV1&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.4-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-11-01&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7Cbusiness%7CDANIEENtHH&v75=71112416501163625383160837558964718661&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Jan 2024 14:43:01 GMT
server: jag
etag: 3662353362854182912-4617498784760765435
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 14:43:01 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 55ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwvydawpLbazS6wo0C1KTUst0i0oyi8uSE0usbPLzC0oSi0uzszPs7MLLspxrShILcrMTc0rsQozBAB7Lsb8OAAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=656643
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:01 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H/1.1

200
OK

8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/
Redirect Chain

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&fla...
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

28 B
335 B

184ms
183ms

XHR
text/plain

139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.1
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 14:43:02 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

Redirect headers

location: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
date: Tue, 16 Jan 2024 14:43:01 GMT
alb-failover-nimval: 0
server: AkamaiGHost
content-length: 0
x-frame-options: SAMEORIGIN

POST
H2 204 events
c.contentsquare.net/v2/ 0
319 B 54ms
54ms Ping
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.contentsquare.net/v2/events?v=13.59.1&pn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&sn=1&hd=1705416178&pid=3776&str=240&di=1094&dc=1441&fl=1441&sr=100&mdh=1200&hlm=true&ct=0
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H2 200 recording
k-aus1.contentsquare.net/v2/ 0
201 B 351ms
117ms Ping
text/plain 34.192.6.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k-aus1.contentsquare.net/v2/recording?rt=5&v=13.59.1&pid=3776&pn=1&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&hlm=true&ct=0
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.6.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-6-129.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 14:43:02 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 204 pageview
c.contentsquare.net/ 0
319 B 55ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=3776&uu=186ca63a-b608-a03b-a27d-650cfc167db0&sn=1&hd=1705416182&pn=2&dw=1600&dh=2297&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD~A~N~I~E~E~N~t~H~H-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&uc=1&la=en-US&cvars=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%7D&cvarp=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%7D&v=13.59.1&pvt=a&ex=&r=675976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 55ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAQEAMAjDMEuUwdj9G3tyQA%2FeAsu9inBFt5vnOWLzAaEjryUmAAAA&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=221981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 54ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&dv=H4sIAAAAAAAAAy2Oy2rDMBBFf2XQKoFgayxrbDcrk0JbUnfTpFka1R43IqodLIU%2BQv69WnR5L5zDuYrBsutbMxr3E2zn2%2BHiXOvZcRe8uBPXm1iJZvP2dB9HgYhZjqQlIinKtCoVkixVoXVZUV5gSYQR2Hue6w8eQ4Sa6dc6Z1KdSFgc7NhPXx5edoAykWuIB%2BVr%2BKZ8CfX57PjA71sbUq2KRBEsto%2B75nkFzp4YHrg7TUvYHOfpk1PMoiAhWVVJhgSvZjCz%2FediQn0JxxhgOxO4jxmDcZ7F7Q90nXJC8QAAAA%3D%3D&ct=2&r=151633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 55ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAREAIAgDwEwwBRbHG9A%2Fgv9auarDIHridcfCGLkNeqVzcO7wA5cBlwsoAAAA&ct=2&isETR=false&isCustomHashId=true&v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=430399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 54ms
54ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&dv=H4sIAAAAAAAAA6tWSstMzUmJT8xLzKksyUwujk8rzclRslKqjlEqKEpNy8zJSU2JUbKKjq1VqgUAS9%2B%2FfS0AAAA%3D&ct=2&r=627440
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H/1.1

200
OK

8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/
Redirect Chain

https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&fla...
https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7

28 B
335 B

183ms
183ms

XHR
text/plain

139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.1
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 14:43:03 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

Redirect headers

location: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
date: Tue, 16 Jan 2024 14:43:02 GMT
alb-failover-nimval: 0
server: AkamaiGHost
content-length: 0
x-frame-options: SAMEORIGIN

OPTIONS
H/1.0 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7
dynatracepsg.americanexpress.com/bf/ Frame 0
0 180ms
180ms Preflight 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dtreferer
Access-Control-Request-Method: GET
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-dtreferer
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 204
No Content csp-violation
referral.americanexpress.com/home/report/security/ 0
9 KB 134ms
134ms Other
text/plain 139.71.50.97
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://referral.americanexpress.com/home/report/security/csp-violation

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.50.97 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

referral-r2.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-8e34bf3f-9d0f-47f0-8bf0-164ff3a5acee' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-8e34bf3f-9d0f-47f0-8bf0-164ff3a5acee' 'self' *.aexp.com *.aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com *.bounceexchange.com *.microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' *.aexp.com *.aexp-static.com data: c.evidon.com *.americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com *.switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com *.sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ *.flashtalking.com pt.ispot.tv rs.gwallet.com *.cloudfront.net/receipts/assets/ *.cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com *.finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net *.doublemax.net *.microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.microsoft.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.truecardev.com amexnetwork.truecar.com *.winc.com; frame-src blob: 'self' *.americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com *.yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com *.amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com *.bf.dynatrace.com *.sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com *.idfy.io *.idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com *.bounceexchange.com *.aexp.com
X-Content-Type-Options: nosniff
Date: Tue, 16 Jan 2024 14:43:03 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.93.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 57ms
56ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAystrklMLqxJLkpNySzRTU4sSimuKUpNSy0qSsypKSjKLy5ITS6pSSotzsxLLS6ucXH083R19Svx8AAANxSQ5jkAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=084370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:03 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 57ms
56ms Image
text/plain 54.220.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXB0QmAMAwFwIkcomCh%2FgRXiGkshaI1Sf%2Fe8N6l1k7CcrB8ENPaYxO26jC91YwHpr0%2BVQLX8v6oO%2FZER84UpfxAxX1xPwAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.59.1&pid=3776&pn=2&sn=1&uu=186ca63a-b608-a03b-a27d-650cfc167db0&r=304601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.159.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-159-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:43:03 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7
www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: referral.americanexpress.com
URL: https://referral.americanexpress.com/home/report/security/csp-violation

Domain: referral.americanexpress.com
URL: https://referral.americanexpress.com/home/report/security/csp-violation

Domain: referral.americanexpress.com
URL: https://referral.americanexpress.com/home/report/security/csp-violation

Domain: referral.americanexpress.com
URL: https://referral.americanexpress.com/home/report/security/csp-violation

Domain: www.americanexpress.com
URL: https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&flavor=post&vi=TAMHGRFHTKEUARMNJVDAEMCRJCWFBKIH-0&modifiedSince=1678194733387&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD~A~N~I~E~E~N~t~H~H-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&bp=3&app=bf05ef884b484fae&crc=236819146&en=jf4wyxxa&end=1

Domain: www.americanexpress.com
URL: https://www.americanexpress.com/e3_dtrum//bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7/rb_8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB&svrid=-98&flavor=post&vi=TAMHGRFHTKEUARMNJVDAEMCRJCWFBKIH-0&modifiedSince=1678194733387&rf=https%3A%2F%2Fwww.americanexpress.com%2Fen-us%2Fcredit-cards%2Freferral%2Fprospect%2Fbusiness%2FDANIEENtHH%3FCORID%3DD~A~N~I~E~E~N~t~H~H-1705416178991-869104471%26GENCODE%3D349992895199384%26XLINK%3DMYCP%26extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%26v%3D1&bp=3&app=bf05ef884b484fae&crc=1236991469&en=jf4wyxxa&end=1

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: JSESSIONID Value: h7k0xKpij6FzyfowKQKjKQ6uIusu36wo_GPTvLXh.svc-deployment-97-hm5tc
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: TS01b3a5dc Value: 0103f93e5c0bf863313ddf94f5ca06555aa97fcf3736add0c4ffe474cb2b530637df0707f8af0d12d137bcf185cc1a313830c9a8c4
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: testcookie Value: 2024-01-16/07:43:01:410
.americanexpress.com/	1970-01-20 17:43:50	Name: bm_sz Value: 42316C4F64C47DF7B3D7E2A772CBDB0B~YAAQVbd1aKoGjPSMAQAAj665EhYzObKP2TzXxn3qkSyIg7hGBCtQ8qluYgSxxhgj7FnI/Qdoa90gWy7B2pci7Wh7eVUXRw4w3ioZvwM9pkt5D/pOer4e14pX79lTmHyeDixYp2ERJxPKrTvLVdPx6Asd8FpLux7QCcacgQzzJMdXtVFsFkiyx0GMyWkRwv1zZmsYjmmFSGRArtaX4ND8V6a9+H7KRKYImGyt3r/DtFbL33Xw7x0l26BZ9QZRQefPAgYpR+aMncIRz3ljSHtg25DoJvOeE7rtU968CV4TjMe3D4ZY7vkwHgrf8dcrUuHCHlzLvPDDo1kf8w0yhE+qlMShhtnV~3555894~3293749
www.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0152a806c147ccb1bdf1cc91c7ecf544d09a2adc5998e165925f387dd11ac5d23ea68cd154462a026fa14b159ee628c16cf7410b8f
.americanexpress.com/	1970-01-21 02:29:12	Name: agent-id Value: 44b8c54d-8df9-431c-abbf-b273632ca5cb
www.americanexpress.com/	1970-01-20 17:43:36	Name: akaalb_www Value: 1705416775~op=www_mgmeereferral_LBM:referral-e3-epaas\|~rv=61~m=referral-e3-epaas:0\|~os=9184cb63cc50160c7345890467a4f9a2~id=ac75ff43705e6cbc3d5ece98ff546d77
.americanexpress.com/	1970-01-20 17:43:43	Name: bm_mi Value: 35094A4F2BAC3C1BC87D05E18CB3D51B~YAAQ7+IlF6D/2A+NAQAA8bC5EhbWSTpLhi3dttr6jIpYcWjKsklk6jY++wh8Ihsh134x4oKBQLTXWXwOdBKvc1I+5UfEUy7SWxHDbyplE47lom59JZ6Ttz4N1YhBBEu52D3qWkRzXI4NwOpLYd9LFuaubziN20vwXq4azBQqyktDdIV3QDPfYxvP65xuLm5Bu4rNqA4vu5M9Fj12qccE0PZ17C4nh0S0J4WoBYmHAr5BYKm5Y1+bTZe6cNgEpUzHFgdzCY6HxJODBBmuvonFmNBHwjsgdJz8SV85dUjVSWtyneTKhbcn04Mj6+lGvBUxihYLlYgyZxxxfHmWSy11frBVsCRoxb8t3wzMNz20C/DP6nFwsnw1SL5aL9SVvytRbaGx47MX~1
.americanexpress.com/	1970-01-21 03:19:36	Name: pznid Value: 39104674969221094848552359641002360663\|9
.americanexpress.com/	1970-01-20 17:43:43	Name: ak_bmsc Value: 82328E8AA1EBD8D1B243FEDC55EDC60C~000000000000000000000000000000~YAAQ7+IlF+r/2A+NAQAAcre5EhYHX4wYlkeoPn7eO8Oy4sm2so1W+twnHEm5EaBg3VCTPSARPw3jETYLSVNF5C+xk00KfbdV/vb+H48s9LUyFYBNc/S6sDQ6sgTkHIFTyRObtJoPx7cbBiNWcXJ7yR1/jCK0dA2UEZKwBOobNiXVBiZUmt4J08S3xTUBbTdsXOJay8A6LJymSOjApGcZLIH+SkZUT/jwqMZo8+H5bxvTPyu5tC2epGyqyQZjP7kw6wlKMxFQBL5iefh6IGsnvL2EKffRqcnOil3d6yGKqBoQ5AlFIA2sjReBTTBkLP6pgUTnD6oVl/1wEtSXThSeKApOxjlGByEA54MqMy4lntUStAl3PiponN9QZf+a+2qLd5Mh0aCZmY/gzVJ6mi/+MliaSfEFGMfs3T5THovJNMvU6nx+/qOg8u0HVrakuKbWKRKuAhil6pO0CNz6MRPQYsOwOzCnLjVb7p9DbNnxPxD8C92/v47inD+TqvYhWYbMX8xmCGnHWyDLCybAWuMLTYiSxRaJWEaB8TTrFqOe8IyqHi7mpnpf9cG5wEuTDVSOQCunVyTiQcEvUhXXvEHjerdi44JFl+InJ2Q=
.americanexpress.com/	1970-01-21 02:29:12	Name: _abck Value: FAC06AAF80BB33D47740C96A15AA1767~-1~YAAQ7+IlF/7/2A+NAQAAQbm5Egs9ntdmVTHU+DYL3SttCAom864iKdFE3T/H83LSZE8P83Fl6hK73gunC2wEoFgc8lJ7b6vi8ZRIswNAkbxyFcb9KUBzS5SbASPJ9vMi8GCCQi83diQJCXfRqL75Zcs3HakyrLkVQlquSBToZ4UdDONfjUt8Zdzp7s/jDEkRvNseRq6M/VvZCx5zI1Y/35UT19Yjjyb1vOY7FOEl1Idg1kWcTpr5Edyk8StvqTZjr95xJ/OUCGG00iuKz30be8PaO8iE/L1LKiL/+io+6HDs3EEBrdDW8KH/m6fGnx5TztGtSE8t4/87ZD6nnnlD94bl9Kj/htFiVx1CSoa3UgKf3RBXTLEh4rE5VlisP61pPleSQn9pvr5E83VBX6AISLtHxQ==~-1~-1~-1
one-xp.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0152a806c156d8a811e878d6943e6eee9d4750593e727d279faf79106e4d8fa5da2d1b8c6f8089aad69a168b9135be25e9b3bd13eb
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: en-US
.demdex.net/	1970-01-20 22:02:48	Name: demdex Value: 71316584176090003543140420792478222541
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1970-01-21 03:13:00	Name: _cs_c Value: 1
.americanexpress.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Creferral%7Cprospect%7CDANIEENtHH%22%5D%7D
.americanexpress.com/	1970-01-21 03:19:36	Name: s_ecid Value: MCMID%7C71112416501163625383160837558964718661
.americanexpress.com/	1970-01-21 03:19:36	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C71112416501163625383160837558964718661%7CMCAAMLH-1706020978%7C6%7CMCAAMB-1706020978%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1705423378s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0
.americanexpress.com/	1970-01-21 03:19:36	Name: gctracus Value: "gctvid=2024-01-16/15:42:58:622-dbae8115-bfe3-a453-56b5-742965012adf&eep=null&sno=1&lan=1"
gct.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0103f93e5c0bf863313ddf94f5ca06555aa97fcf3736add0c4ffe474cb2b530637df0707f8af0d12d137bcf185cc1a313830c9a8c4
.americanexpress.com/	1969-12-31 23:59:59	Name: TS0114bdae Value: 0103f93e5c0bf863313ddf94f5ca06555aa97fcf3736add0c4ffe474cb2b530637df0707f8af0d12d137bcf185cc1a313830c9a8c4
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D98_sn_VKNN18SF294GOPHHVPU2B346HSPF3VTB
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1705416179801B36H28GE8JT0U5283HINMMHMR1H90AE3
.americanexpress.com/	1969-12-31 23:59:59	Name: dtLatC Value: 370
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1705417979817\|1705416179804
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: -98$216179796_559h-vTAMHGRFHTKEUARMNJVDAEMCRJCWFBKIH-0e0
.americanexpress.com/	1969-12-31 23:59:59	Name: mgmsession_id Value: 6uX9meT4cAnhg9m
.americanexpress.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B%20omn_extlink%3DUS-MGM-SPA_WEB_MYCA-copypaste-760-201329-K537%253A9990%3B%20s_tp%3D2251%3B%20s_ppv%3Dus%25257Cacq%25257Ccredit-cards%25257Creferral%25257Cprospect%25257Cbusiness%25257CDANIEENtHH%252C53%252C53%252C1200%3B
global.americanexpress.com/	1970-01-20 17:43:36	Name: akaalb_global Value: 1705416780~op=global_bDaas_member_LBM:bdaas-member-e3-epaas\|~rv=87~m=bdaas-member-e3-epaas:0\|~os=fd3a3bfff9e217a4b692205b139915f8~id=c73fb3bbb25f648e61d7af4559c39359
.americanexpress.com/	1970-01-21 03:19:36	Name: s_pers Value: %20s_tbm%3Dtrue%7C1705417978992%3B%20s_tslv%3D1705416180803%7C1768488180803%3B%20gpv_v41%3Dus%257Cacq%257Ccredit-cards%257Creferral%257Cprospect%257Cbusiness%257CDANIEENtHH%7C1705417981136%3B
.americanexpress.com/	1970-01-20 17:43:43	Name: bm_sv Value: 04E28B2D2015270C49DED1D986403D9C~YAAQ5OIlF7IM/BCNAQAAj8W5EhZnXNl/IsnDVuGJfVkAnjFGYwnFEWAm+qwCAa7t8VcfDNP08KB/woj28UtKVCpFYsr9TWcQrSLqvynom5NdMLrBTXBC64jrixNYeolbbr6BMGuPfqQK4A4Y76IvZX2JRp51tmkCF3w94hc/t/0E17i4mHpPRd4ny6FKQ0gS0Jrk6KhhQEzLoYBxULjsewtj+UvVO9YLr+AZgLcPWWNjZ2LyVcIP5ER3eUsFOiWHjotFOTBj9Hyy~1
.americanexpress.com/	1970-01-21 03:13:00	Name: _cs_id Value: 186ca63a-b608-a03b-a27d-650cfc167db0.1705416178.1.1705416182.1705416178.1.1739580178920
.americanexpress.com/	1970-01-20 17:43:37	Name: _cs_s Value: 2.5.0.1705417982685

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://global.americanexpress.com/api/servicing/v1/member Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://functions.americanexpress.com/UpdateUserSession.v1 Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js(Line 4) Message: Refused to connect to 'https://srm.bf.contentsquare.net/exist' because it violates the following Content Security Policy directive: "connect-src 'self' .aexp.com .americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com".
javascript	error	URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js(Line 4) Message: Refused to connect to 'https://srm.bf.contentsquare.net/exist' because it violates the document's Content Security Policy.
network	error	URL: https://global.americanexpress.com/api/servicing/v1/member Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js(Line 4) Message: Refused to connect to 'https://srm.bf.contentsquare.net/exist' because it violates the following Content Security Policy directive: "connect-src 'self' .aexp.com .americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com".
javascript	error	URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/57/uxa.js(Line 4) Message: Refused to connect to 'https://srm.bf.contentsquare.net/exist' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://referral.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com blob: events.bouncex.net api.edq.com wup-xavier.us.v2.customers.biocatch.com wup-bf672d0f.us.v2.we-stats.com; script-src 'nonce-ec94c33cf648f2ddff43689a30627609' 'nonce-d124db1d-0415-4442-8bb3-453fdd2637a0' 'self' .aexp.com .aexp-static.com c.evidon.com ct.contentsquare.net t.contentsquare.net app.contentsquare.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ js-cdn.dynatrace.com .bounceexchange.com .microsoft.com analytics.newscred.com www.google-analytics.com s.ntv.io www.youtube.com/iframe_api s.ytimg.com; img-src 'self' .aexp.com .aexp-static.com data: c.evidon.com .americanexpress.com k-aus1.contentsquare.net c.contentsquare.net r.contentsquare.net l.contentsquare.net k-aeu1.contentsquare.net nexus.ensighten.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com omn.americanexpress.com amexuat1-merchantgeo.cs42.force.com res.cloudinary.com s1.ticketm.net ad2.adfarm1.adition.com ad4.adfarm1.adition.com p.adbrn.com 20743471p.rfihub.com 20795861p.rfihub.com insight.adsrvr.org aax-eu.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com tag.yieldoptimizer.com ads.avocet.io stags.bluekai.com sandbox.dev.clover.com/v2/image/ sslwidget.criteo.com widget.criteo.com www.facebook.com cnt.fout.jp www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net media.iceportal.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ urldefense.proofpoint.com pubads.g.doubleclick.net s1933033461.t.eloqua.com prf.hn farm.plista.com .switchfly.com www.tripadvisor.com analytics.twitter.com t.co b92.yahoo.co.jp sp.analytics.yahoo.com img.static-bookatable.com .sevenrooms.com image.resy.com l.betrad.com cdn.cohesionapps.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ ct.pinterest.com/v3/ bat.bing.com/action/ .flashtalking.com pt.ispot.tv rs.gwallet.com .cloudfront.net/receipts/assets/ .cloudfront.net/assets/sqmarket/ api.tiles.mapbox.com/ s.mzstatic.com/email/images_shared/ t.teads.tv affleads.latamtracking.com .finn.ai/images/product-recommender/ events.bouncex.net pixel.newscred.com www.google-analytics.com track.adform.net .doublemax.net .microsoft.com pixel.quantserve.com pixel.sojern.com jadserve.postrelease.com p.adsymptotic.com px.ladsp.com tg.socdm.com tr.line.me atm.im-apps.net imagesrv.adition.com; style-src 'unsafe-inline' .aexp.com .aexp-static.com .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .microsoft.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com siteintercept.qualtrics.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net k-aeu1.contentsquare.net k-aus1.contentsquare.net q-aus1.contentsquare.net dpm.demdex.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors .ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io .memberopinions.com .office.com .rakuten.com .realbuyer.com .rbnrewards.com .truecardev.com amexnetwork.truecar.com .winc.com; frame-src blob: 'self' .americanexpress.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net events.foreseeresults.com controller.4seeresults.com static.foresee.com health.foresee.com survey.foreseeresults.com cdn5.userzoom.com cdn4.userzoom.com s2.userzoom.com secure.opinionlab.com amexuat1-merchantgeo.cs42.force.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com .yodlee.com js.maxmind.com geoip-js.maxmind.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com .amextravel.com apim.expedia.com zndhztugwqhlulqht-aexpfeedback.siteintercept.qualtrics.com siteintercept.qualtrics.com aexpfeedback.siteintercept.qualtrics.com aexpfeedback.com ca1.qualtrics.com uscollector.tealeaf.ibmcloud.com .bf.dynatrace.com .sundaysky.com auth.exacttargetapis.com mcf8lgnz926zb1d1klt05rckrpxy.rest.marketingcloudapis.com .idfy.io .idfy.no reportaproblem.apple.com/receipts/ androidpay.google.com pay.sandbox.google.com www.youtube.com www.google.com/recaptcha/ amex.qumucloud.com .bounceexchange.com .aexp.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeopprodvip.acxiom.com
americanexpress.com
c.contentsquare.net
ct.contentsquare.net
dpm.demdex.net
dynatracepsg.americanexpress.com
functions.americanexpress.com
gct.americanexpress.com
global.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
k-aus1.contentsquare.net
lowesrewardscard.com
mgmee.americanexpress.com
omns.americanexpress.com
one-xp.americanexpress.com
origin-navigation-latest.americanexpress.com
referconfigexternal.americanexpress.com
referral.americanexpress.com
www.aexp-static.com
www.americanexpress.com
referral.americanexpress.com
www.americanexpress.com
104.98.234.135
139.71.16.158
139.71.21.230
139.71.48.197
139.71.48.49
139.71.50.190
139.71.50.223
139.71.50.97
139.71.89.13
198.160.127.57
23.212.210.226
23.212.220.184
23.212.221.34
23.36.235.165
2600:9000:2490:200:c:7c62:1240:93a1
2606:4700:3034::ac43:9390
34.192.6.129
54.154.75.101
54.220.159.106
63.140.62.214
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
05638ca12cb441146fb9bb8b1cb2781430a57630b882f794424f79a0fc64b51f
05c6e3dfecf0efe48969c55b7fc468b57d40c6f01450bc2882b82b35bb11fbb1
0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5
0afc498dd59714a85aaa2f523d3c3f98e3ac0bcdd953d47cfa5a07ecb7e239cc
0e56f4cbcd2ee39ee21e903c9f38827c42723ef7e4520c83d76cb01caf8c0d2e
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028
13505c2d564804cddc89a303dad7f9e2164aefa9f608694b871eb1166acbed44
16e237d8bc5e65eff6827eb5ba277e66d9712aa93673d5338d6bff8aeb986f48
1904ac92566198828cfcf387ae5e0e42c15471c79d95b05c6cf85cbb483ec0d3
1985974bb54604254090ce6ac2267c7650f4cf9354edafcaaebd14ade3ce4d52
1b8f821371f8dfb9b7608775e269af963666f5e5d1336b58e3a8aa471e608109
1bd41f73d34ebeed1e183bf479c8b98ed900e6990d1543f5ce8bfadf7d56d71c
1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f
290a5433663937d2eb7372cd4b6d2f62c6c4a8ebc5f317c1b6b8e8ca7e8d7939
302c58519322303739a6ed3587df99e2f7146e3aa0cb3845db4c2ebd269740c9
30cd09e853eb4a3f670d70d80749d7f1d3e044bd31013f5139eca2a1051093b7
32f61fef769c4154a5d9ff29831b5f12f294fc7a83d12b34bc71f2d74119ba45
33a59e2a032e67800ad4103920c949884d634b38c72e289c36ccaf533461bf69
357a5e49e0a33d60074cea36f7b2d5903759e6a7efd7ec15a89f4076808598fe
36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49
39ce2559882d70ed9cb0e68b2a08ce1f72a29e9c26e5431b5cca42d83f5e2c62
3dae8fe049aabd6fa9ed226caad0de2129559320ed4050f69839878095b7d93f
3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89
3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d
40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
433bb7b28a735c8d1237a7a2d469363e9a11f2803054bf76ac0dd58034a59026
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
4da7602dc533958545fd43c0c47e4542c63ca03e08db47d0063f8536d932e0d7
535e0aca6deff02363e69ada45263ff19627e2cc5d996de009620e775d330916
53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a
53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
589425ecdd100adf40fb345c24783b9f0c55bb3851cfcdf8a239fbbc15413fb2
5b02e0e6e16cee376f4b1dfec33df07939cf27183591db9b6b6d6f82289f6f07
5b9380a38aac51b27c2a368a3004373351944a4cc7cc64fb397ccf5b4a82565d
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5c7b79580b0ee750cb9bc8c177d6a132cbb2c45b967cee60387affeeaf75d910
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5db136ba92e6d613b8f47952c40f845e2758c0909ebac70d0116f6e3bf124145
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18
5eafc7f53aeb4a3220411301d027ec16f900a8012132870a8e307f2dfd0672be
60503f4fa3c17f1a15712ce56fc1e41978746d6b2bcbcf2118c8f8ada1e6080a
6254a177d60d0c37e2a912b3eaad2d3f59b53a14b848a0aa885edafd8b9df905
66e5cdbfec52d48c7f4b20466605fdf025ffc1de68d4c21049f29f9907c70ae3
69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4
6e6139ad0f6c9ae8cc8bfe060a5617b2f514a57f7d539a597e81cce40e2baf55
7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640
761b183fee71a413d5cbefe4196ea222efda5a4295cd7c6254dfee22891d07e8
8008eae0acfd6a4be7b95adce8ff58503d61f96d3441ea1d9592b2e7a52a8e3a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8a6d92eb5ada2811361b2324fc844454e304eec4ba4727f9842b4bd9be4060a6
8f1c4322ca7cec46bb7729dccc9b2a7544be8cc6da77b59731807cdfb936770c
98b397070e0d12de18c19ec1bab2d48109ce49b3ef59dbfbec0e66adf30621c8
9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5
9e65d8437be3d3b283e42ec1990f4106067695f3cbd104c956753e2266a1ea28
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa9d62874b398cdd4c570ef4e16ee66aa8dcd66a3ef06ed221ce5a29c640644b
abc7d16f4ca4084fcac22863ef4e237a8497a9c2af7fa1e381556b7a4a49ea01
ac150423e8c4855e82149cb6159f48bd6ec2f040940c829f5e39282074355916
ad85f9e494398e05df8afdfe522d2bfc3e6ae20fa4b040f9c08071765596db8f
b25664b60b62b08c2a1d55bf9f3f4d4af44b1a34e0dae2359aed6d600d406954
ba6d020f0b5ae98d7032b6c21cb84c41e5eab8be742bcc0acc5cfb96616fc702
be6b036d7d0f510cdcd51295324d44f528fbc453bd7f2e32e688c93a1030ffec
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c64216b196360b2ade2df507392c2416d839289206af85f3481aac8a3b9e5522
c9212458ef2871ebb1bb7413c60102e5307ca0aaa6958349b8851894113a4d44
ce02494eb3e628e58274d0a9f90402a40ba20a3ac2bb019dc5885a3772086133
d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced
e3e8e53bde186f4aacb4056c89d68dec6a4501589aec5bf0dca51fe9dd1373d3
e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe
ea0b57d85909225b67b91df3a1f97db5e1b6b4daae568d8e5216b116e7f5b362
f2c476f40c3ef2dc11cd0a67159c82135557daa2ca7aa10a3f6e03b50519c1dd
f4e79e016f8f78466ce50bcf6e868bd69576050d111482bea8618bbd28a3ed1b
f6b77280d0e70a2dcee12b365e7fd77ead8ba2d03c4e9ef6de39b061d7c912cc
f9aa83d80c070f15d699f6631255cdb37a6f1a4d282ec4f27169ef3ca9853ddd
f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519
ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

www.americanexpress.com Open in urlscan Pro 23.212.221.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

93 %HTTPS

10 %IPv6

6 Domains

21 Subdomains

19 IPs

4 Countries

1991 kBTransfer

7387 kBSize

35 Cookies

8 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

93 %
HTTPS

10 %
IPv6

6
Domains

21
Subdomains

19
IPs

4
Countries

1991 kB
Transfer

7387 kB
Size

35
Cookies

144 HTTP transactions
7 data transactions