flexpartnerlogin.americanexpress.com Open in urlscan Pro
139.71.21.213  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response flexpartnerlogin.americanexpress.com/	8 KB 8 KB	847ms 286ms	Document text/html	139.71.21.213 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://flexpartnerlogin.americanexpress.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.71.21.213 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS flexpartnerlogin-r1.americanexpress.com Software / Resource Hash 5f8369811b7dbbbf027ee09896f6f9af78910cab4f6a9dc17cb5f5673b2e9bf3 Request headers Host flexpartnerlogin.americanexpress.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control public, max-age=0 Last-Modified Fri, 05 Mar 2021 21:42:00 GMT ETag W/"2005-17804571840" Content-Type text/html; charset=UTF-8 Content-Length 8197 Date Mon, 15 Mar 2021 12:33:41 GMT Connection keep-alive Set-Cookie TS0139a03f=0152a806c1d006558be015d4d5b9fa1406e5bb408068109ee660e58be146c76a31fc0b29927588d13e44d4abc0c290ebfc5ed13503; Path=/
GET H2	200	dls.min.css developer.americanexpress.com/assets/axp-dls/styles/	342 KB 49 KB	1826ms 1567ms	Stylesheet text/css	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fd1cf1f2e81a8f42b6636932428fb12902020e7db2a8f604a687ca3caa0bb344 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:43 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"55714-178232b5e20" vary Origin, Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 49621
GET H2	200	dls-docs.css developer.americanexpress.com/assets/axp-dev-portal/css/	15 KB 3 KB	2655ms 2395ms	Stylesheet text/css	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dev-portal/css/dls-docs.css Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a782be0fdb337b55983852fc8251ec2df2d5a9a0f69700eb5908cd884b6ca775 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:44 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"3c47-178232b5e20" vary Origin, Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 2632
GET H2	200	home.css developer.americanexpress.com/assets/axp-dev-portal/css/	0 0	1169ms 910ms	Stylesheet text/html	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dev-portal/css/home.css Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	AMEX-Developer-Portal-1.0.0.css developer.americanexpress.com/assets/	76 KB 15 KB	2696ms 2437ms	Stylesheet text/css	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/AMEX-Developer-Portal-1.0.0.css Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 79f1dc5a5df0b51731530acae6dc243186047ecd3f51d19bbdcf1f0387ee3289 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:44 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"12f3f-178232b5e20" vary Origin, Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 15105
GET H2	200	main.125a0cc5.css developer.americanexpress.com/static/css/	0 0	2438ms 2179ms	Stylesheet text/html	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/static/css/main.125a0cc5.css Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	dls.min.js Show response developer.americanexpress.com/assets/axp-dls/scripts/	251 KB 252 KB	1340ms 1081ms	Script application/javascript	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dls/scripts/dls.min.js Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash adac23207d029eb6b520fb18c8ca62cf031310bd4efcffb089685a0eca836737 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:43 GMT last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"3eaeb-178232b5e20" vary Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 256747
GET H/1.1	200 OK	FRE.min.js Show response flexiblerewards.americanexpress.com/js/1.0/	2 KB 2 KB	932ms 189ms	Script application/javascript	139.71.20.35 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://flexiblerewards.americanexpress.com/js/1.0/FRE.min.js Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.71.20.35 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS flexiblerewards2.americanexpress.com Software / Resource Hash 53266852c2099ec3981617b60819b05998e5dc46fefe3481c4d048e6fa82e91a Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 15 Mar 2021 12:33:42 GMT Last-Modified Thu, 23 Jul 2020 05:27:02 GMT ETag W/"857-1737a23a070" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 2135
GET H/1.1	200 OK	app.bundle.js Show response flexpartnerlogin.americanexpress.com/	106 KB 106 KB	277ms 277ms	Script application/javascript	139.71.21.213 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://flexpartnerlogin.americanexpress.com/app.bundle.js Requested by Host: flexpartnerlogin.americanexpress.com URL: https://flexpartnerlogin.americanexpress.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.71.21.213 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS flexpartnerlogin-r1.americanexpress.com Software / Resource Hash 5be6d00c433d336919328a45624830df56a16d9318be2461b83b7ca3bcab72c3 Request headers Referer https://flexpartnerlogin.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 15 Mar 2021 12:33:42 GMT Last-Modified Fri, 05 Mar 2021 21:42:00 GMT ETag W/"1a7dc-17804571840" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 108508
GET H/1.1	200 OK	Cookie set login Show response block-rewards.americanexpress.com/flexible/ Frame DBF9	41 KB 20 KB	1328ms 404ms	Document text/html	139.71.20.105 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Requested by Host: flexiblerewards.americanexpress.com URL: https://flexiblerewards.americanexpress.com/js/1.0/FRE.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.71.20.105 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS block-rewards-r1.americanexpress.com Software / Resource Hash 911dd95d8a493b3f56417efd56fb531d46eebe2fcfe3fa55b2431fa6fccac537 Security Headers Name Value Content-Security-Policy default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com; frame-ancestors *.americanexpress.com *.aexp.com *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.joinrbn.com *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.researchnow.com *.truecardev.com amexnetwork.truecar.com *.winc.com; img-src 'self' data: *.aexp.com *.americanexpress.com *.aexp-static.com; script-src 'self' 'unsafe-inline' *.aexp.com *.americanexpress.com *.aexp-static.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com; frame-src 'self' *.americanexpress.com *.aexp.com; report-uri https://block-rewards.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://flexpartnerlogin.americanexpress.com/ X-Xss-Protection 1; mode=block Request headers Host block-rewards.americanexpress.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://flexpartnerlogin.americanexpress.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://flexpartnerlogin.americanexpress.com/ Response headers X-Frame-Options ALLOW-FROM https://flexpartnerlogin.americanexpress.com/ X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000; includeSubDomains X-XSS-Protection 1; mode=block Referrer-Policy same-origin One-App-Version 4.68.0-ec2f1418 Cache-Control no-store Pragma no-cache X-DNS-Prefetch-Control off X-Download-Options noopen Content-Security-Policy default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com; frame-ancestors *.americanexpress.com *.aexp.com *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.joinrbn.com *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.researchnow.com *.truecardev.com amexnetwork.truecar.com *.winc.com; img-src 'self' data: *.aexp.com *.americanexpress.com *.aexp-static.com; script-src 'self' 'unsafe-inline' *.aexp.com *.americanexpress.com *.aexp-static.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com; frame-src 'self' *.americanexpress.com *.aexp.com; report-uri https://block-rewards.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content Content-Type text/html; charset=utf-8 ETag W/"a49f-Oflhw/0bV0lA5+ZOuyRS/Hro6FU" Vary Accept-Encoding Content-Encoding gzip Date Mon, 15 Mar 2021 12:33:45 GMT Connection keep-alive Set-Cookie TS01f36146=0152a806c1bccf191b3e7047f707af3e04c52ef556f40b9fbcc46689071906bafb15cc4f398d496d86ccdfcb85fc5b97b7867675ac; Path=/ Transfer-Encoding chunked
GET H2	200	dls-logo-horizontal-white.svg developer.americanexpress.com/assets/axp-dls/img/dls_logos/	5 KB 3 KB	1100ms 1100ms	Image image/svg+xml	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://developer.americanexpress.com/assets/axp-dls/img/dls_logos/dls-logo-horizontal-white.svg Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 462808c4c1e39291fdb37e21552c3bab31466713168ab82ddd5caaa4380b0d65 Request headers Referer https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:45 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"14b7-178232b5e20" vary Origin, Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 2413
GET H2	200	dls-logo-horizontal.svg developer.americanexpress.com/assets/axp-dls/img/dls_logos/	5 KB 3 KB	1087ms 1086ms	Image image/svg+xml	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://developer.americanexpress.com/assets/axp-dls/img/dls_logos/dls-logo-horizontal.svg Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fd34ecf65639b6289871b9aa46b7445518b9703cabade81e1651cf53c4aa741a Request headers Referer https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:45 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"14b8-178232b5e20" vary Origin, Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 2411
GET H2	200	325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff www.aexp-static.com/nav/ngn/fonts/	68 KB 69 KB	142ms 45ms	Font font/woff	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9 Request headers Origin https://flexpartnerlogin.americanexpress.com Referer https://developer.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:44 GMT last-modified Wed, 15 Aug 2018 20:46:09 GMT etag "5b749111-11086" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD content-type font/woff access-control-allow-origin * cache-control max-age=15552000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 69766 expires Tue, 02 Mar 2021 18:54:59 GMT
GET H2	200	3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff www.aexp-static.com/nav/ngn/fonts/	36 KB 37 KB	195ms 99ms	Font font/woff	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad Request headers Origin https://flexpartnerlogin.americanexpress.com Referer https://developer.americanexpress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:44 GMT last-modified Wed, 15 Aug 2018 20:46:09 GMT etag "5b749111-9121" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD content-type font/woff access-control-allow-origin * cache-control max-age=15552000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 37153 expires Tue, 02 Mar 2021 18:54:38 GMT
GET H2	200	Roboto-Regular.woff developer.americanexpress.com/assets/axp-dls/fonts/	75 KB 75 KB	1195ms 1141ms	Font font/woff	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dls/fonts/Roboto-Regular.woff Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6 Request headers Origin https://flexpartnerlogin.americanexpress.com Referer https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"12bf8-178232b5e20" vary Origin content-type font/woff access-control-allow-origin https://flexpartnerlogin.americanexpress.com cache-control public, max-age=0 accept-ranges bytes content-length 76792
GET H2	200	Roboto-Medium.woff developer.americanexpress.com/assets/axp-dls/fonts/	71 KB 72 KB	1124ms 1097ms	Font font/woff	2a02:26f0:f1:280::14a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://developer.americanexpress.com/assets/axp-dls/fonts/Roboto-Medium.woff Requested by Host: developer.americanexpress.com URL: https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:280::14a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08 Request headers Origin https://flexpartnerlogin.americanexpress.com Referer https://developer.americanexpress.com/assets/axp-dls/styles/dls.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:45 GMT last-modified Thu, 11 Mar 2021 21:22:28 GMT etag W/"11cfc-178232b5e20" vary Origin content-type font/woff access-control-allow-origin https://flexpartnerlogin.americanexpress.com cache-control public, max-age=0 accept-ranges bytes content-length 72956
GET H2	200	dls.min.css www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/styles/ Frame DBF9	354 KB 50 KB	304ms 218ms	Stylesheet text/css	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/styles/dls.min.css Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 79a91a7fdea543e4079c457aaea25dae6c4536a2819e3af5d348faee89e90fc8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 25 Jan 2018 21:43:05 GMT etag W/"5a6a4f69-58668" vary Origin, Accept-Encoding content-type text/css cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 50855
GET H2	200	app~vendors.js Show response www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/ Frame DBF9	964 KB 227 KB	118ms 115ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app~vendors.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 5f852534f115b69fae0a569957fabfcf1bd467df69def0b0235c6c815bbbdf9f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 05 Mar 2020 17:55:34 GMT etag W/"5e613d16-f1186" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=15552000 timing-allow-origin * content-length 231859 expires Wed, 03 Mar 2021 11:23:26 GMT
GET H2	200	runtime.js Show response www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/ Frame DBF9	14 KB 5 KB	118ms 115ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/runtime.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 1f56bb170b051fbc1872b7a296e70e14cbb463c24f0310ee5127e9d276bf1ac3 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 05 Mar 2020 17:55:34 GMT etag W/"5e613d16-38d4" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 5181
GET H2	200	vendors.js Show response www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/ Frame DBF9	765 KB 199 KB	54ms 52ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/vendors.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 603b80693d6833108069b8e69f2715d9530282ba3e18eceb2a4853b383db4df0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 05 Mar 2020 17:55:34 GMT etag W/"5e613d16-bf499" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=15552000 timing-allow-origin * content-length 202812 expires Wed, 03 Mar 2021 11:23:26 GMT
GET H2	200	en-US.js Show response www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/i18n/ Frame DBF9	33 KB 5 KB	121ms 119ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/i18n/en-US.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash a12952606fd28dd9120c88a41affc6e439c769e14e659d9bed1f233464da4b76 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 05 Mar 2020 17:55:34 GMT etag W/"5e613d16-82ce" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 5320
GET H2	200	axp-block-rewards-root.client.js Show response www.aexp-static.com/cdaas/axp-app/modules/axp-block-rewards-root/1.0.5/ Frame DBF9	2 KB 993 B	121ms 119ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-block-rewards-root/1.0.5/axp-block-rewards-root.client.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash a9719f83fd6b3f23175ada56ecb9da48d59c906f039712495a829e8834bb6888 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Sat, 23 Jan 2021 03:07:27 GMT etag W/"600b92ef-96b" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 801
GET H2	200	axp-root.client.js Show response www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.0.0/ Frame DBF9	39 KB 11 KB	121ms 119ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.0.0/axp-root.client.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 8a68ab6a9d21567cd57b1f42e67513870b75a68a50a9423e6f221b8d6ce92912 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 24 Jan 2019 00:55:41 GMT etag W/"5c490d0d-9b27" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=15552000 timing-allow-origin * content-length 10594 expires Tue, 02 Mar 2021 17:41:01 GMT
GET H2	200	axp-flexible-rewards.client.js Show response www.aexp-static.com/cdaas/axp-app/modules/axp-flexible-rewards/1.0.6/ Frame DBF9	74 KB 31 KB	124ms 122ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-flexible-rewards/1.0.6/axp-flexible-rewards.client.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 2ead4d8b477d88f5d0aacb41249a0b1fd5655737b2a7651e44801eec474e5302 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Sat, 23 Jan 2021 03:19:01 GMT etag W/"600b95a5-12974" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 31813
GET H2	200	axp-data-layer.client.js Show response www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/ Frame DBF9	157 KB 47 KB	124ms 123ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/axp-data-layer.client.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash d5feb22f5fdbf1808b4e04811d3811df46e625188278d0cb376d65bea5f3659d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Fri, 07 Dec 2018 18:48:41 GMT etag W/"5c0ac089-27407" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 47965
GET H2	200	app.js Show response www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/ Frame DBF9	184 KB 45 KB	124ms 123ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app.js Requested by Host: block-rewards.americanexpress.com URL: https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash a0d832d322ddbe5fc892db506706d3d060bb4b96c49347c3ec2b6323f65d9527 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 05 Mar 2020 17:55:34 GMT etag W/"5e613d16-2e0c9" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=15552000 timing-allow-origin * content-length 45710 expires Sun, 18 Apr 2021 17:07:54 GMT
GET H2	200	axp-flexible-rewards.json Show response www.aexp-static.com/cdaas/axp-app/modules/axp-flexible-rewards/1.0.6/en-us/ Frame DBF9	2 KB 1 KB	46ms 45ms	Fetch application/json	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-flexible-rewards/1.0.6/en-us/axp-flexible-rewards.json Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 73e682808c8daa300095439d42a8a82e1d09f5288d2ecac81e51f0eb1d3df459 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Sat, 23 Jan 2021 03:18:57 GMT etag W/"600b95a1-6bf" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/json access-control-allow-origin https://block-rewards.americanexpress.com cache-control max-age=31536000, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 832
GET H2	200	axp-data-layer.json Show response www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/en-us/ Frame DBF9	152 B 539 B	45ms 45ms	Fetch application/json	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/en-us/axp-data-layer.json Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 682c0b3b482d4bfd8625298741c273a4e6ff269eace07955ec04e0425034bb47 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Fri, 07 Dec 2018 18:48:33 GMT etag "5c0ac081-98" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/json access-control-allow-origin https://block-rewards.americanexpress.com cache-control max-age=31536000, must-revalidate access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 140
GET H2	200	axp-login.client.js Show response www.aexp-static.com/cdaas/axp-app/modules/axp-login/3.1.1/ Frame DBF9	109 KB 32 KB	53ms 53ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-login/3.1.1/axp-login.client.js Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app~vendors.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 1c9f0254037c3c724a052e53958917798dc4a7734642cf298b77ed0124ecab5c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 13 Dec 2018 17:31:38 GMT etag W/"5c12977a-1b5cc" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 32344
OPTIONS H2	200	beacon iwmap.americanexpress.com/ Frame	0 0	587ms 163ms	Preflight	139.71.16.158 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://iwmap.americanexpress.com/beacon Protocol H2 Server 139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS iwmapapi22.americanexpress.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://block-rewards.americanexpress.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers expires 0 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-headers content-type x-xss-protection 1; mode=block pragma no-cache date Mon, 15 Mar 2021 12:33:47 GMT allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH strict-transport-security max-age=31536000 ; includeSubDomains access-control-allow-methods GET,POST,PUT,OPTIONS x-frame-options DENY access-control-allow-origin https://block-rewards.americanexpress.com vary Origin Access-Control-Request-Method Access-Control-Request-Headers access-control-allow-credentials true x-content-type-options nosniff content-length 0 access-control-max-age 86400
POST H2	202	beacon iwmap.americanexpress.com/ Frame DBF9	0 0	142ms 142ms	Fetch text/plain	139.71.16.158 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://iwmap.americanexpress.com/beacon Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/axp-data-layer.client.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS iwmapapi22.americanexpress.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers pragma no-cache date Mon, 15 Mar 2021 12:33:47 GMT x-content-type-options nosniff x-frame-options DENY content-type text/plain;charset=ISO-8859-1 access-control-allow-origin https://block-rewards.americanexpress.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true strict-transport-security max-age=31536000 ; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-length 0 x-xss-protection 1; mode=block expires 0
GET DATA	200 OK	truncated / Frame DBF9	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acb8e02766ab655acb4a605b761bd0f3ff5439507191400c3771d541e0e61227 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	axp-root.json Show response www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.0.0/en-us/ Frame DBF9	193 B 558 B	224ms 223ms	Fetch application/json	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/4.0.0/en-us/axp-root.json Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:47 GMT content-encoding gzip last-modified Thu, 24 Jan 2019 00:55:36 GMT etag "5c490d08-c1" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/json access-control-allow-origin https://block-rewards.americanexpress.com cache-control max-age=31536000, must-revalidate access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 157
GET H2	200	axp-login.json Show response www.aexp-static.com/cdaas/axp-app/modules/axp-login/3.1.1/en-us/ Frame DBF9	3 KB 2 KB	47ms 47ms	Fetch application/json	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/axp-app/modules/axp-login/3.1.1/en-us/axp-login.json Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/app/4.68.0-ec2f1418/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash 5a62f409e3fb936d87ea6e5b5d442e3e97ee00839aa1aae180b667c8e9433f67 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:46 GMT content-encoding gzip last-modified Thu, 13 Dec 2018 17:31:33 GMT etag W/"5c129775-b82" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/json access-control-allow-origin https://block-rewards.americanexpress.com cache-control max-age=31536000, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 1156
GET H2	200	gtkp_aa.js Show response global.americanexpress.com/myca/logon/us/docs/javascript/gatekeeper/ Frame DBF9	25 KB 10 KB	194ms 64ms	Script application/x-javascript	184.24.15.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://global.americanexpress.com/myca/logon/us/docs/javascript/gatekeeper/gtkp_aa.js Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-login/3.1.1/axp-login.client.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.15.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-15-33.deploy.static.akamaitechnologies.com Software / Resource Hash fbbaa7c67eefc2511be2ebd4fff4ecad779031c67acf108499ede1f1c2f3e5b5 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; includeSubDomains X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 23 May 2018 21:55:25 GMT vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,TRACE content-type application/x-javascript access-control-allow-credentials true strict-transport-security max-age=15768000 ; includeSubDomains accept-ranges bytes content-length 9403
GET		dfpASync.js aug.americanexpress.com/dfp/v2/ Frame DBF9	0 0
GET H2	200	0.2.1.js Show response www.aexp-static.com/cdaas/one/rum-telemetry/ Frame DBF9	84 KB 26 KB	51ms 50ms	Script application/javascript	184.24.6.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/rum-telemetry/0.2.1.js Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/4.2.2/axp-data-layer.client.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.6.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-6-218.deploy.static.akamaitechnologies.com Software / Resource Hash e3843afba5f27163c11b2ec8c5488df6959edeb444ca3c13f2c7602c6d7aeeda Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 12:33:48 GMT content-encoding gzip last-modified Mon, 10 Sep 2018 23:32:49 GMT etag W/"5b96ff21-14fb3" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=15552000 timing-allow-origin * content-length 26647 expires Tue, 02 Mar 2021 18:33:55 GMT
POST H/1.1	204 No Content	csp-violation block-rewards.americanexpress.com/home/report/security/ Frame DBF9	0 2 KB	159ms 158ms	Other text/plain	139.71.20.105 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://block-rewards.americanexpress.com/home/report/security/csp-violation Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/rum-telemetry/0.2.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.71.20.105 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS block-rewards-r1.americanexpress.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com; frame-ancestors *.americanexpress.com *.aexp.com *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.joinrbn.com *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.researchnow.com *.truecardev.com amexnetwork.truecar.com *.winc.com; img-src 'self' data: *.aexp.com *.americanexpress.com *.aexp-static.com; script-src 'self' 'unsafe-inline' *.aexp.com *.americanexpress.com *.aexp-static.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com; frame-src 'self' *.americanexpress.com *.aexp.com; report-uri https://block-rewards.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com X-Xss-Protection 1; mode=block Request headers Referer https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/csp-report Response headers Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://block-rewards.americanexpress.com/flexible/login?partner_id=M000000001&context_id=olfaph4z379bl2xor99i4q&callback=https://www.americanexpress.com Date Mon, 15 Mar 2021 12:33:48 GMT X-Download-Options noopen X-DNS-Prefetch-Control off Access-Control-Allow-Methods Access-Control-Allow-Origin https://block-rewards.americanexpress.com Access-Control-Allow-Credentials true Content-Security-Policy default-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com wss://*.americanexpress.com; frame-ancestors *.americanexpress.com *.aexp.com *.ebates.com homechef-loyaltywallet.points.com homechef-staging.loyaltywallet.io homechef-rc.loyaltywallet.io *.joinrbn.com *.memberopinions.com *.office.com *.rakuten.com *.realbuyer.com *.rbnrewards.com *.researchnow.com *.truecardev.com amexnetwork.truecar.com *.winc.com; img-src 'self' data: *.aexp.com *.americanexpress.com *.aexp-static.com; script-src 'self' 'unsafe-inline' *.aexp.com *.americanexpress.com *.aexp-static.com; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com; frame-src 'self' *.americanexpress.com *.aexp.com; report-uri https://block-rewards.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content Connection keep-alive One-App-Version 4.68.0-ec2f1418 Access-Control-Allow-Headers X-XSS-Protection 1; mode=block
GET		info iwmap.americanexpress.com/monitoring/ Frame DBF9	0 0
GET H2	404	info iwmap.americanexpress.com/monitoring/ Frame DBF9	0 0	138ms 137ms	Fetch	139.71.16.158 AMERICAN-EXPRESS
General Check archive.org Show headers Download Go to Full URL https://iwmap.americanexpress.com/monitoring/info?preflight Requested by Host: www.aexp-static.com URL: https://www.aexp-static.com/cdaas/one/rum-telemetry/0.2.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US), Reverse DNS iwmapapi22.americanexpress.com Software BigIP / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-length 0 server BigIP

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aug.americanexpress.com

URL

https://aug.americanexpress.com/dfp/v2/dfpASync.js?dfpArguments=tid:USLOGON-fa4dbdcd-3934-499d-8dd5-1283ce2f3430,clientName:USLOGON,ts=1615811626930

Domain

iwmap.americanexpress.com

URL

https://iwmap.americanexpress.com/monitoring/info?preflight

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| DLS string| FRE_iframeDomain object| fre string| FRE_eventMethod function| FRE_eventer string| FRE_messageEvent function| randomString function| showiframeData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			block-rewards.americanexpress.com/	1969-12-31 23:59:59	Name: contextId Value: olfaph4z379bl2xor99i4q
			block-rewards.americanexpress.com/	1969-12-31 23:59:59	Name: callback Value: https://www.americanexpress.com
			block-rewards.americanexpress.com/	1969-12-31 23:59:59	Name: partnerId Value: M000000001
			block-rewards.americanexpress.com/	1969-12-31 23:59:59	Name: TS01f36146 Value: 0152a806c1bccf191b3e7047f707af3e04c52ef556f40b9fbcc46689071906bafb15cc4f398d496d86ccdfcb85fc5b97b7867675ac

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aug.americanexpress.com
block-rewards.americanexpress.com
developer.americanexpress.com
flexiblerewards.americanexpress.com
flexpartnerlogin.americanexpress.com
global.americanexpress.com
iwmap.americanexpress.com
www.aexp-static.com
aug.americanexpress.com
iwmap.americanexpress.com
139.71.16.158
139.71.20.105
139.71.20.35
139.71.21.213
184.24.15.33
184.24.6.218
2a02:26f0:f1:280::14a1
1c9f0254037c3c724a052e53958917798dc4a7734642cf298b77ed0124ecab5c
1f56bb170b051fbc1872b7a296e70e14cbb463c24f0310ee5127e9d276bf1ac3
2ead4d8b477d88f5d0aacb41249a0b1fd5655737b2a7651e44801eec474e5302
462808c4c1e39291fdb37e21552c3bab31466713168ab82ddd5caaa4380b0d65
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
53266852c2099ec3981617b60819b05998e5dc46fefe3481c4d048e6fa82e91a
5a62f409e3fb936d87ea6e5b5d442e3e97ee00839aa1aae180b667c8e9433f67
5be6d00c433d336919328a45624830df56a16d9318be2461b83b7ca3bcab72c3
5f8369811b7dbbbf027ee09896f6f9af78910cab4f6a9dc17cb5f5673b2e9bf3
5f852534f115b69fae0a569957fabfcf1bd467df69def0b0235c6c815bbbdf9f
603b80693d6833108069b8e69f2715d9530282ba3e18eceb2a4853b383db4df0
682c0b3b482d4bfd8625298741c273a4e6ff269eace07955ec04e0425034bb47
73e682808c8daa300095439d42a8a82e1d09f5288d2ecac81e51f0eb1d3df459
79a91a7fdea543e4079c457aaea25dae6c4536a2819e3af5d348faee89e90fc8
79f1dc5a5df0b51731530acae6dc243186047ecd3f51d19bbdcf1f0387ee3289
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
8a68ab6a9d21567cd57b1f42e67513870b75a68a50a9423e6f221b8d6ce92912
911dd95d8a493b3f56417efd56fb531d46eebe2fcfe3fa55b2431fa6fccac537
a0d832d322ddbe5fc892db506706d3d060bb4b96c49347c3ec2b6323f65d9527
a12952606fd28dd9120c88a41affc6e439c769e14e659d9bed1f233464da4b76
a782be0fdb337b55983852fc8251ec2df2d5a9a0f69700eb5908cd884b6ca775
a9719f83fd6b3f23175ada56ecb9da48d59c906f039712495a829e8834bb6888
acb8e02766ab655acb4a605b761bd0f3ff5439507191400c3771d541e0e61227
adac23207d029eb6b520fb18c8ca62cf031310bd4efcffb089685a0eca836737
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
d5feb22f5fdbf1808b4e04811d3811df46e625188278d0cb376d65bea5f3659d
e3843afba5f27163c11b2ec8c5488df6959edeb444ca3c13f2c7602c6d7aeeda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815
fbbaa7c67eefc2511be2ebd4fff4ecad779031c67acf108499ede1f1c2f3e5b5
fd1cf1f2e81a8f42b6636932428fb12902020e7db2a8f604a687ca3caa0bb344
fd34ecf65639b6289871b9aa46b7445518b9703cabade81e1651cf53c4aa741a