www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://membershiprewards.com/
Effective URL:
https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Submission: On November 07 via manual (November 7th 2023, 2:07:11 pm UTC) from US — Scanned from SE

Summary HTTP 145 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 4 domains to perform 145 HTTP transactions. The main IP is 23.212.221.34, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 16646.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 3rd 2023. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.91.14.111 104.91.14.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.212.209.212 23.212.209.212	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	23.212.210.226 23.212.210.226	16625 (AKAMAI-AS) (AKAMAI-AS)
72	23.212.203.180 23.212.203.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5	139.71.2.98 139.71.2.98	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	23.212.220.184 23.212.220.184	16625 (AKAMAI-AS) (AKAMAI-AS)
16	139.71.21.230 139.71.21.230	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
9	139.71.89.13 139.71.89.13	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
12	23.212.221.34 23.212.221.34	16625 (AKAMAI-AS) (AKAMAI-AS)
4	139.71.9.142 139.71.9.142	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
2	52.222.236.100 52.222.236.100	16509 (AMAZON-02) (AMAZON-02)
1	139.71.2.46 139.71.2.46	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	139.71.16.158 139.71.16.158	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
2	139.71.18.163 139.71.18.163	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
145	13

1 104.91.14.111 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-14-111.deploy.static.akamaitechnologies.com

membershiprewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.209.212 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-209-212.deploy.static.akamaitechnologies.com

www.membershiprewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.212.210.226 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-210-226.deploy.static.akamaitechnologies.com

global.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 23.212.203.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-203-180.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.71.2.98 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: loyalty-3-r2-vip.americanexpress.com

loyalty-3.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.212.220.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-220-184.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 139.71.21.230 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions2a-vip.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.71.89.13 (United States)

ASN6307 (AMERICAN-EXPRESS, US)

dynatracepsg.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.212.221.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-221-34.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.9.142 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: one-release-r1-vip.americanexpress.com

one-release.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-100.fra56.r.cloudfront.net

www.cdn-path.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.2.46 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: pirecommendation-r2-vip.americanexpress.com

pirecommendation.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.16.158 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi22.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.71.18.163 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv42.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 13591 icm.aexp-static.com Failed	3 MB
64	americanexpress.com 1 redirects global.americanexpress.com — Cisco Umbrella Rank: 26581 loyalty-3.americanexpress.com — Cisco Umbrella Rank: 185932 one-xp.americanexpress.com — Cisco Umbrella Rank: 26191 functions.americanexpress.com — Cisco Umbrella Rank: 20523 dynatracepsg.americanexpress.com — Cisco Umbrella Rank: 24068 www.americanexpress.com — Cisco Umbrella Rank: 16646 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 20439 Failed one-release.americanexpress.com — Cisco Umbrella Rank: 31638 pirecommendation.americanexpress.com — Cisco Umbrella Rank: 34243 gct.americanexpress.com — Cisco Umbrella Rank: 47123	606 KB
2	cdn-path.com www.cdn-path.com — Cisco Umbrella Rank: 19419	40 KB
2	membershiprewards.com 2 redirects membershiprewards.com www.membershiprewards.com	474 B
145	4

	Domain	Requested by
72	www.aexp-static.com	global.americanexpress.com www.aexp-static.com www.americanexpress.com
16	functions.americanexpress.com	global.americanexpress.com www.americanexpress.com
12	www.americanexpress.com	www.aexp-static.com www.americanexpress.com
9	dynatracepsg.americanexpress.com	global.americanexpress.com www.americanexpress.com
7	global.americanexpress.com	1 redirects global.americanexpress.com www.aexp-static.com
5	loyalty-3.americanexpress.com	global.americanexpress.com
4	one-release.americanexpress.com	global.americanexpress.com www.americanexpress.com
4	iwmapapi.americanexpress.com	global.americanexpress.com www.americanexpress.com
4	one-xp.americanexpress.com	global.americanexpress.com
2	gct.americanexpress.com	www.americanexpress.com
2	www.cdn-path.com	www.aexp-static.com
1	pirecommendation.americanexpress.com	www.americanexpress.com
1	www.membershiprewards.com	1 redirects
1	membershiprewards.com	1 redirects
0	icm.aexp-static.com Failed	global.americanexpress.com
145	15

This site contains links to these domains. Also see Links.

Domain
online.americanexpress.com
ir.americanexpress.com
network.americanexpress.com
global.americanexpress.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-07` - `2024-08-05`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
loyalty-3-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-06-10` - `2024-06-06`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2024-07-29`	a year	crt.sh
functions.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-28` - `2024-08-26`	a year	crt.sh
dynatracepsg.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-31` - `2024-05-29`	a year	crt.sh
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-08-03` - `2024-08-01`	a year	crt.sh
one-release-r1.americanexpress.com DigiCert EV RSA CA G2	`2023-03-11` - `2024-03-07`	a year	crt.sh
*.cdn-path.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-03`	a year	crt.sh
pirecommendation-r2.americanexpress.com DigiCert EV RSA CA G2	`2023-05-09` - `2024-05-07`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-07-21` - `2024-07-19`	a year	crt.sh
gctv42.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-10-26` - `2024-10-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Frame ID: DFBACB0BDD23B91325B2D1444AFC01DD
Requests: 134 HTTP requests in this frame

Frame: https://one-release.americanexpress.com/_/report/security/csp-violation
Frame ID: 8D4F206C351D7B44347C6B96763702CB
Requests: 1 HTTP requests in this frame

Frame: https://one-release.americanexpress.com/_/report/security/csp-violation
Frame ID: D5B8159C8A76BBADB879344D67A593DE
Requests: 1 HTTP requests in this frame

Frame: https://one-release.americanexpress.com/_/report/security/csp-violation
Frame ID: 6BC930A507A4F7BD63E3B81FD5453643
Requests: 1 HTTP requests in this frame

Frame: https://one-release.americanexpress.com/_/report/security/csp-violation
Frame ID: DF3636D4679FF150E29585625DA395D7
Requests: 1 HTTP requests in this frame

Frame: https://www.cdn-path.com/s2?t=AQPq4GgwoqIF0UmydOq%2Fo4SH&x=1&sid=ee490b8fb9a4d570&tid=LOGIN-adfba2ac-ca69-418e-b957-d3ab0f5a9a69
Frame ID: 1CC3162CA6AA9F6D7DF6F322A5DFFA67
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In to My Account | American Express US

Page URL History Show full URLs

http://membershiprewards.com/ HTTP 301
https://www.membershiprewards.com/ HTTP 301
https://global.americanexpress.com/rewards Page URL
https://global.americanexpress.com/dashboard HTTP 302
https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdash... Page URL

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

145
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

15
Subdomains

13
IPs

3
Countries

3613 kB
Transfer

13246 kB
Size

28
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Register&Face=en_US
Title: Create New Online Account

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Activation&Face=en_US
Title: Confirm Card Received

Search URL Search Domain Scan URL

URL: https://ir.americanexpress.com/investor-relations/default.aspx?inav=us_footer_about_investor_relations
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/globalnetwork/v4/?inav=us_footer_about_global_network
Title: Global Network

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=footer_contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards?us_nu=dd&inav=footer_mr
Title: Membership Rewards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressUS

Search URL Search Domain Scan URL

URL: https://twitter.com/americanexpress

Search URL Search Domain Scan URL

URL: https://www.instagram.com/AmericanExpress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://membershiprewards.com/ HTTP 301
https://www.membershiprewards.com/ HTTP 301
https://global.americanexpress.com/rewards Page URL
https://global.americanexpress.com/dashboard HTTP 302
https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://membershiprewards.com/ HTTP 301
https://www.membershiprewards.com/ HTTP 301
https://global.americanexpress.com/rewards

145 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

rewards Show response
global.americanexpress.com/
Redirect Chain

http://membershiprewards.com/
https://www.membershiprewards.com/
https://global.americanexpress.com/rewards

364 KB
43 KB

1792ms
1539ms

Document
text/html

23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc566d213bcdfb4c42844f7be70682d342ab4601d867bc8dbdc1baf06e142564

Security Headers

Name	Value
Content-Security-Policy	report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'nonce-55aa949a-a6ba-400e-8e34-1c90e860a28d' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn .americanexpress.com wss://.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 39559
content-security-policy: report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'nonce-55aa949a-a6ba-400e-8e34-1c90e860a28d' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn *.americanexpress.com wss://*.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 14:07:02 GMT
etag: W/"5a20a-v5/2E/VEANO/rnCoUVtrc1f4/Sk:dtagent10261230220152234FRyy"
one-app-version: 5.21.0-20c20c55
pragma: no-cache
referrer-policy: same-origin
server-timing: dtSInfo;desc="0", dtRpid;desc="-541922537"
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 39204 0 pmb=mTOE,3
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 14:07:00 GMT
Expires: Tue, 07 Nov 2023 14:07:00 GMT
Location: https://global.americanexpress.com/rewards
Pragma: no-cache
Server: AkamaiGHost

GET
H2 200 ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js Show response
global.americanexpress.com/rewards/ 347 KB
127 KB 182ms
182ms Script
text/javascript 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

bbd02ece7aaca005e3318703e318eaf5dd794fffb2dd432a5c5ba6df9a961997

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://global.americanexpress.com/rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=67584
content-length: 129680
expires: Wed, 08 Nov 2023 08:53:26 GMT

GET
H2 200 dls.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/ 343 KB
46 KB 285ms
96ms Stylesheet
text/css 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls.min.css
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74015fccf87ad143f1285f9f7aee8f5199d88822239e1315f3f25cd131b47afc

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 15:56:14 GMT
etag: W/"6349869e-55b53"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 46837

GET
H2 200 dls-data-visualization.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/ 41 KB
5 KB 363ms
175ms Stylesheet
text/css 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.23.0/package/dist/6.23.0/styles/dls-data-visualization.min.css
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c86d0b6dc060faa52a220fcc5a0f2ee6ffc3e4a3780966968a79a5993c2ac38

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 15:56:14 GMT
etag: W/"6349869e-a58d"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 4929

POST
H/1.1 204
No Content csp-violation
loyalty-3.americanexpress.com/_/report/security/ 0
4 KB 636ms
169ms Other
text/plain 139.71.2.98
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty-3.americanexpress.com/_/report/security/csp-violation

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.2.98 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

loyalty-3-r2-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-4bb79df8-f443-4bc4-bc77-d321672e8121' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn .americanexpress.com wss://.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-4bb79df8-f443-4bc4-bc77-d321672e8121' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn *.americanexpress.com wss://*.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:03 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-264918270", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.21.0-20c20c55
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://global.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

GET
H2 200 543ecfae Show response
global.americanexpress.com/akam/13/ 26 KB
9 KB 76ms
76ms Script
application/javascript 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/akam/13/543ecfae

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

04763f567754fa13c29c6ca95d8f0182db2a77e8667d37d731c37e32aa89c2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://global.americanexpress.com/rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 09 Feb 2022 15:06:36 GMT
etag: "c0f7f14c0d4906abc5c54f245ae642f00a92142be4030321ec7f783611a1015c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8774
expires: Tue, 07 Nov 2023 14:07:03 GMT

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/ 432 KB
115 KB 276ms
107ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/app~vendors.js
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77f26c37870b9f2f423827ef89cd03b978407f2b09f705c071d4a6b632cc38ed

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 19:39:51 GMT
etag: W/"64d3eb87-6c091"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 117658

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/ 16 KB
6 KB 597ms
428ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/runtime.js
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 19:39:51 GMT
etag: W/"64d3eb87-3e70"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 5625

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/ 150 KB
49 KB 598ms
429ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/vendors.js
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1993d483de6ac6f9d818408dfc8c2cf53361154e406551f1018bd707af3cc460

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 19:39:51 GMT
etag: W/"64d3eb87-25835"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 49851

GET
H2 200 se-SE.js Show response
www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/i18n/ 3 KB
2 KB 608ms
439ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/i18n/se-SE.js
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0482e90aaf1af7365b7c8ae3c4c4205eb6ded8137e41fac3713018e8ccf32c2a

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 19:39:51 GMT
etag: W/"64d3eb87-d6e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1336

GET
H2 200 axp-loyalty-root.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-root/3.34.1/ 852 KB
228 KB 473ms
304ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-root/3.34.1/axp-loyalty-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

d7dd7857f9c4d611cf4c440c53b621260182ef0a8bf348fecce397e163fe371e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self';
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
content-length: 233168
last-modified: Tue, 24 Oct 2023 13:08:31 GMT
etag: W/"6537c1cf-d51f1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
vary: Origin, Accept-Encoding
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-global-header.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.4/ 218 KB
46 KB 457ms
288ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.4/axp-global-header.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0046b29b4fd29215318f4d42bd1b249ab569c60f715e7fb343a098d767554712

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 21:00:00 GMT
etag: W/"64405650-366ae"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 46826

GET
H2 200 axp-loyalty-orchestrator.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-orchestrator/3.5.1/ 304 KB
81 KB 585ms
416ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-orchestrator/3.5.1/axp-loyalty-orchestrator.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-203-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

c23e2c3515d20018686f8d63788b51908573ba5bf7db7b4ba55bf47c7a7c55e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self';
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
content-length: 82117
last-modified: Tue, 24 Oct 2023 13:10:47 GMT
etag: W/"6537c257-4c1d7"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
vary: Origin, Accept-Encoding
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 axp-voice-of-customer.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-voice-of-customer/2.1.0/ 59 KB
16 KB 583ms
415ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-voice-of-customer/2.1.0/axp-voice-of-customer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13b79bc533b3de8be0c39d86f90623bb650718569217ad3bdd2f5fd94aa99cc3

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 00:03:37 GMT
etag: W/"61492159-ebe8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 16482

GET
H2 200 axp-global-rewards-accelerator-summary.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-rewards-accelerator-summary/4.4.0/ 217 KB
60 KB 542ms
374ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-rewards-accelerator-summary/4.4.0/axp-global-rewards-accelerator-summary.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f12de8271d72c205038a8ef8f07b2f07bcee7d60960da9ebe47b77f602c46dfc

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Thu, 29 Jun 2023 19:52:19 GMT
etag: W/"649de0f3-36271"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 61451

GET
H2 200 axp-loyalty-observability.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-observability/1.2.1/ 57 KB
13 KB 561ms
393ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-observability/1.2.1/axp-loyalty-observability.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11e42fe3d942bcb20935dafdf9698da4d51ad818fbea42e0c3c96237d7524271

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 18:13:25 GMT
etag: W/"640a21c5-e5f1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 13235

GET
H2 200 axp-site-area-nav-container.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-site-area-nav-container/3.3.4/ 409 KB
60 KB 574ms
406ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-site-area-nav-container/3.3.4/axp-site-area-nav-container.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a66e4cd60738b694440d9848a9154cd22dd377419e4505f90a8dc88ae1d3ea33

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Sat, 13 May 2023 00:36:47 GMT
etag: W/"645edb9f-6632f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 60731

GET
H2 200 axp-page-wrapper.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-page-wrapper/3.5.0/ 9 KB
4 KB 550ms
382ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-page-wrapper/3.5.0/axp-page-wrapper.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a9dfec7d3e1780b0744d6e29fa9f3c348dc06c0b798e537a8085e39520438a4

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 17:54:02 GMT
etag: W/"6446c23a-22f7"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 3234

GET
H2 200 axp-benefits-loyalty-dashboard-preview.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-benefits-loyalty-dashboard-preview/4.3.4/ 288 KB
75 KB 415ms
247ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-benefits-loyalty-dashboard-preview/4.3.4/axp-benefits-loyalty-dashboard-preview.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5184d067916d3aff05d527533caa8d3826049baad5bf4b240532f93619e60d1

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 23:09:44 GMT
etag: W/"6525d9b8-47fc2"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 76026

GET
H2 200 axp-rewards-transactions-preview.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-rewards-transactions-preview/3.2.4/ 182 KB
48 KB 551ms
383ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-rewards-transactions-preview/3.2.4/axp-rewards-transactions-preview.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ac2f8d570c1c4802b4fbf9a10c17b4203932507992fe77969e0d2be3cf8c0c59

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 20:24:13 GMT
etag: W/"654010ed-2d7ea"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 48800

GET
H2 200 axp-loyalty-dashboard-container.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-dashboard-container/3.7.1/ 271 KB
78 KB 526ms
359ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-dashboard-container/3.7.1/axp-loyalty-dashboard-container.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46f4bdcca1f96977dbd4990b5f5029a64f4c560bed77880b9e0f5d42ace1f058

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 19:04:58 GMT
etag: W/"654938da-43d64"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 79256

GET
H2 200 axp-loyalty-iguazu-config.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-iguazu-config/2.13.0/ 153 KB
39 KB 556ms
389ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-iguazu-config/2.13.0/axp-loyalty-iguazu-config.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33df4e63faa6d1c9206722d7ed2743e29cf6da93ee59462f214b2ae51a51f893

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 21:11:23 GMT
etag: W/"6549567b-26550"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 39237

GET
H2 200 axp-account-switcher.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-account-switcher/6.30.3/ 303 KB
73 KB 566ms
398ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-account-switcher/6.30.3/axp-account-switcher.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f802322ca608264d45f2c1727bbac16f91289fe1b922bb58ee53b1ae88dc00a0

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 20:16:21 GMT
etag: W/"64ff7595-4bab4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 74297

GET
H2 200 axp-myca-site-area-nav.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-myca-site-area-nav/4.30.6/ 66 KB
17 KB 540ms
373ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-myca-site-area-nav/4.30.6/axp-myca-site-area-nav.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd1d6ee6d64c66f5834166033d00e5f198e10a5c5e550408d6abd6d22a14c2e6

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Fri, 22 Sep 2023 15:25:20 GMT
etag: W/"650db1e0-10785"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 17291

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/ 137 KB
38 KB 579ms
412ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.21.0-20c20c55/app.js
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a7391b8f629b696fb5fab606acddf06d9e51cb6a227c41a82db2ee989e6df25

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 19:39:51 GMT
etag: W/"64d3eb87-22446"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 38968

GET
H2 200 DAnJiUB Show response
global.americanexpress.com/0omVwox2fD/IruiLEcL/Od/1iX3tLm20D/Z1VmRmZ6JA/C1FsW/ 223 KB
85 KB 88ms
88ms Script
application/javascript 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/0omVwox2fD/IruiLEcL/Od/1iX3tLm20D/Z1VmRmZ6JA/C1FsW/DAnJiUB

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f9e199f23b80f24166017f602b9f32335d63c8a83286b002e3fa841eb65ee8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://global.americanexpress.com/rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:02 GMT
content-encoding: br
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 02 Aug 2023 16:14:34 GMT
etag: "ec302306421c387a8f6f929621a057b1b73578c17be7e8f2ea0fa20b45b959cf"
stored-attribute-sha-checksum: 5f9e199f23b80f24166017f602b9f32335d63c8a83286b002e3fa841eb65ee8f
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 86339

GET
H2 200 ruxitagentjs_D_10261230220152234.js
global.americanexpress.com/rewards/ 42 KB
16 KB 92ms
92ms Other
text/javascript 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/rewards/ruxitagentjs_D_10261230220152234.js

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

67c3c40ab14d35bfd633ca21ff028cb78c84c732f046d716183aa6f16eed0a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://global.americanexpress.com/rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:03 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=9601
content-length: 15760
expires: Tue, 07 Nov 2023 16:47:04 GMT

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 389ms
194ms Preflight 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://global.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://global.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 14:07:04 GMT
Expires: Tue, 07 Nov 2023 14:07:04 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 ReadScriptRegistry.v1
functions.americanexpress.com/ 448 B
405 B 459ms
171ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:04 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 317

GET
H2 200 ReadScriptRegistry.v1
functions.americanexpress.com/ 474 B
500 B 454ms
168ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dxt-script-supplier-helper&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:03 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 314

POST
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ 46 B
2 KB 404ms
232ms Fetch
application/json 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: application/json
Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 14:07:04 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://global.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 46
Expires: Tue, 07 Nov 2023 14:07:04 GMT

GET dashboard
global.americanexpress.com/ 0
0

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7
dynatracepsg.americanexpress.com/bf/ 3 KB
3 KB 853ms
204ms Ping
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_perc_100000_ol_0_mul_1_app-3A93a0f6e6bb5c4ea1_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&modifiedSince=1699339439689&rf=https%3A%2F%2Fglobal.americanexpress.com%2Frewards&bp=3&app=93a0f6e6bb5c4ea1&crc=1688871519&en=jf4wyxxa&end=1
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:04 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://global.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 3071

GET
H2

200

Primary Request login Show response
www.americanexpress.com/se-se/account/
Redirect Chain

https://global.americanexpress.com/dashboard
https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

37 KB
14 KB

668ms
484ms

Document
text/html

23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-orchestrator/3.5.1/axp-loyalty-orchestrator.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

d50bb6369b45a6630eb408e715864804e174793ed9c1a70451f209966dd9b278

Security Headers

Name	Value
Content-Security-Policy	report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-30ce252329524048d34e3788946ef043' 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-30ce252329524048d34e3788946ef043' 'nonce-9fb48356-a851-478c-af23-4951caa26ae7' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action .cdn-net.com .cdn-path.com .americanexpress.com sso.americanexpress.com; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers
access-control-allow-methods
access-control-allow-origin: https://atworkcp.americanexpress.com
cache-control: no-store
content-encoding: gzip
content-length: 10373
content-security-policy: report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-30ce252329524048d34e3788946ef043' 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-30ce252329524048d34e3788946ef043' 'nonce-9fb48356-a851-478c-af23-4951caa26ae7' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action *.cdn-net.com *.cdn-path.com *.americanexpress.com sso.americanexpress.com; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 14:07:04 GMT
etag: W/"6781-GSqV4iLypnVc5czJtqeM6Xs6SDA:dtagent10255221104040649iKbc"
one-app-version: 5.13.1-e28210f6
pragma: no-cache
referrer-policy: same-origin
server-timing: dtSInfo;desc="0", dtRpid;desc="592970120"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 10096 0 pmb=mTOE,3
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store
content-length: 302
content-security-policy: report-uri https://client-logger.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-64f38184f4a7a4ef90e7b582ac59113f' 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net; script-src 'nonce-64f38184f4a7a4ef90e7b582ac59113f' 'nonce-f0e20cd1-ea5f-4da9-8ef8-fa989919ebbc' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.lpsnmedia.net https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net https://americanexpress-axemonitor.dequecloud.com cdn.getpinwheel.com staging.cdn-net.com www.cdn-path.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.lpsnmedia.net *.americanexpress.com wss://*.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com; frame-src blob: 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com cdn.getpinwheel.com staging.cdn-net.com www.cdn-path.com; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net; object-src 'self' *.aexp.com *.americanexpress.com
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 14:07:04 GMT
location: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
one-app-version: 5.22.0-e9879399
pragma: no-cache
referrer-policy: same-origin
server-timing: dtSInfo;desc="0", dtRpid;desc="1375297069"
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: ALLOW-FROM https://global.americanexpress.com/rewards
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

OPTIONS
H/1.0 200
OK errors
loyalty-3.americanexpress.com/_/report/ Frame 0
0 142ms
142ms Preflight 139.71.2.98
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://loyalty-3.americanexpress.com/_/report/errors
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.71.2.98 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: loyalty-3-r2-vip.americanexpress.com
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://global.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://global.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 204
No Content errors
loyalty-3.americanexpress.com/_/report/ 0
4 KB 153ms
153ms Fetch 139.71.2.98
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty-3.americanexpress.com/_/report/errors

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.2.98 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

loyalty-3-r2-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-17af085c-e47a-4657-9ab0-927073780c2c' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn .americanexpress.com wss://.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-17af085c-e47a-4657-9ab0-927073780c2c' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn *.americanexpress.com wss://*.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:04 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="0", dtRpid;desc="158764163", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.21.0-20c20c55
X-XSS-Protection: 1; mode=block
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI:dtagent10261230220152234FRyy"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://global.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

GET dashboard-exp.json
icm.aexp-static.com/one-amex/loyalty/se-se/axp-loyalty-dashboard-container/ 0
0

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 298ms
198ms Preflight 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://global.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://global.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 14:07:04 GMT
Expires: Tue, 07 Nov 2023 14:07:04 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ 46 B
1 KB 319ms
206ms Fetch
application/json 23.212.220.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.220.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-220-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: application/json
Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 14:07:04 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://global.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 46
Expires: Tue, 07 Nov 2023 14:07:04 GMT

GET
H2 200 dxt-script-supplier-helper.js
www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/ 127 KB
49 KB 73ms
73ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-root/3.34.1/axp-loyalty-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:04 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 03:14:19 GMT
etag: W/"651cd88b-1fa47"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 49599

GET
H2 200 UCM.js
www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.4/ 216 KB
64 KB 85ms
85ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.4/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-loyalty-root/3.34.1/axp-loyalty-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:04 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 03:33:08 GMT
etag: W/"651cdcf4-35fc9"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 64679

GET
H2 200 ReadScriptRegistry.v1
functions.americanexpress.com/ 444 B
415 B 157ms
157ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:04 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 327

GET
H2 200 ReadScriptRegistry.v1
functions.americanexpress.com/ 451 B
403 B 156ms
156ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-stream-data-handler&version=%5E0.1.2&environment=e3&cache=1699366

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:04 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

OPTIONS
H/1.0 200
OK errors
loyalty-3.americanexpress.com/_/report/ Frame 0
0 142ms
142ms Preflight 139.71.2.98
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://loyalty-3.americanexpress.com/_/report/errors
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.71.2.98 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: loyalty-3-r2-vip.americanexpress.com
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://global.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://global.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 204
No Content errors
loyalty-3.americanexpress.com/_/report/ 0
4 KB 155ms
155ms Fetch 139.71.2.98
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty-3.americanexpress.com/_/report/errors

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards/ruxitagentjs_ICA27NQVfghjqrux_10261230220152234.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.2.98 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

loyalty-3-r2-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-e8841027-b466-4475-8a85-e934de123ae8' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn .americanexpress.com wss://.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-e8841027-b466-4475-8a85-e934de123ae8' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn *.americanexpress.com wss://*.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:04 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-138407132", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.21.0-20c20c55
X-XSS-Protection: 1; mode=block
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI:dtagent10261230220152234FRyy"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://global.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

GET
H2 200 oneStream.js
www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/ 2 KB
1 KB 72ms
71ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/oneStream.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
Origin: https://global.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:04 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 18:10:56 GMT
etag: W/"5ff4abb0-7eb"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://global.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 885

OPTIONS beacon
iwmapapi.americanexpress.com/ Frame 0
0

POST beacon
iwmapapi.americanexpress.com/ 0
0

GET
H2 200 ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js Show response
www.americanexpress.com/dashboard/ 345 KB
126 KB 108ms
102ms Script
text/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

f21f90f0f1de1219b6d20c6133ea5f442bb68a18f8a81b055e33df1880ab4b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
x-cnection: close
content-length: 128758
expires: Sat, 28 Sep 2024 21:51:41 GMT

GET
H2 200 543ecfae Show response
www.americanexpress.com/akam/13/ 26 KB
9 KB 273ms
269ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/543ecfae

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

04763f567754fa13c29c6ca95d8f0182db2a77e8667d37d731c37e32aa89c2c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:06:36 GMT
etag: "c0f7f14c0d4906abc5c54f245ae642f00a92142be4030321ec7f783611a1015c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-length: 8774

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/ 431 KB
114 KB 113ms
108ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 666482ae3f904190f36dbe56980a231b30659a19451a7e0da14f2fdfc17e0b8f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 20:18:28 GMT
etag: W/"62324614-6bc54"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 116464

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/ 16 KB
6 KB 162ms
158ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 20:18:28 GMT
etag: W/"62324614-3e70"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5625

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/ 148 KB
48 KB 121ms
117ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c89cf198bfb7ee5661fe2ea31a5e6bd0799dd5486305b82167931045ef7b30a

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 20:18:28 GMT
etag: W/"62324614-251b4"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 49329

GET
H2 200 se-SE.js Show response
www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/i18n/ 3 KB
2 KB 270ms
267ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/i18n/se-SE.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fd881cce2812d683e6b005861ffe28f8b26507dfdcc0f0ee62a17b669cf1cb

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 20:18:28 GMT
etag: W/"62324614-d6e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1336

GET
H2 200 one-identity-root.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/ 1 MB
349 KB 128ms
124ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/one-identity-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 244a1f4e99621680e3ede84eec94e23fae20d16eaf742c6d1c0ee3ca24fedd0e

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 18:44:17 GMT
etag: W/"65429c81-16d5c0"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 356806

GET
H2 200 one-identity-login-page.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/ 1 MB
301 KB 147ms
144ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/one-identity-login-page.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9980c2d752827bb8cbbe305d4f3c485d2a0906b8c121005d04a4f9cf720db6b4

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 18:42:33 GMT
etag: W/"652ed599-13190e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 307756

GET
H2 200 one-identity-universal-session-manager.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-universal-session-manager/2.1.1/ 124 KB
39 KB 154ms
151ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-universal-session-manager/2.1.1/one-identity-universal-session-manager.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f2e5b88c7ed1bb248f7f4c1cad363dd3cd218f0fdfd0afcdfec7ecb50a7790b

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 21:28:17 GMT
etag: W/"6500d7f1-1ee3f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 39701

GET
H2 200 axp-page-wrapper.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-page-wrapper/3.6.4/ 9 KB
4 KB 156ms
153ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-page-wrapper/3.6.4/axp-page-wrapper.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d71d0c59a312289e730f585b89643cd8d820e60f202f8bbd4be2ad48dd4f885

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Fri, 20 Oct 2023 20:19:23 GMT
etag: W/"6532e0cb-237f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 3237

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/ 314 KB
95 KB 156ms
154ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e2401edc898f0ebd685f99752832539d5339729adaeb456f7398a14ccbe75510

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 20:18:28 GMT
etag: W/"62324614-4e908"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 96388

GET
H2 200 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 223 KB
85 KB 232ms
229ms Script
application/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f9e199f23b80f24166017f602b9f32335d63c8a83286b002e3fa841eb65ee8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 16:14:34 GMT
etag: "ec302306421c387a8f6f929621a057b1b73578c17be7e8f2ea0fa20b45b959cf"
stored-attribute-sha-checksum: 5f9e199f23b80f24166017f602b9f32335d63c8a83286b002e3fa841eb65ee8f
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21600
content-length: 86340

POST
H/1.1 204
No Content csp-violation
one-release.americanexpress.com/_/report/security/ 0
4 KB 779ms
166ms Other
text/plain 139.71.9.142
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://one-release.americanexpress.com/_/report/security/csp-violation

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.9.142 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

one-release-r1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-c4d9b0e1-351f-43a2-bde8-8f00593478a9' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action .cdn-net.com .cdn-path.com .americanexpress.com sso.americanexpress.com; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-c4d9b0e1-351f-43a2-bde8-8f00593478a9' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action *.cdn-net.com *.cdn-path.com *.americanexpress.com sso.americanexpress.com; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:05 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="1", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.13.1-e28210f6
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

GET
H2 200 ruxitagentjs_D_10255221104040649.js
www.americanexpress.com/dashboard/ 42 KB
16 KB 80ms
79ms Other
text/javascript 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/dashboard/ruxitagentjs_D_10255221104040649.js

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bc7b03745f761929af869c573481e525e7ba55dd53efc6e3dba9c498fe6d65c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
x-cnection: close
content-length: 15710
expires: Thu, 10 Oct 2024 04:38:15 GMT

OPTIONS
H2 200 DeleteUserSession.v1
functions.americanexpress.com/ Frame 0
0 153ms
153ms Preflight 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/DeleteUserSession.v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: GET
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type,one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print,ax-operation-mode,vary,one-data-context
access-control-allow-methods: GET,PUT,DELETE,OPTIONS,POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Tue, 07 Nov 2023 14:07:05 GMT

GET
H2 400 DeleteUserSession.v1 Show response
functions.americanexpress.com/ 104 B
307 B 458ms
169ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/DeleteUserSession.v1

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

fc0ee9476197548dbfb6314915f5e97a80d1983e7dd441572ca23771f351a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

one-data-correlation-id: 6dcafb7c-4c38-49ea-93d8-a2a8e194c81b
Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 400
content-length: 123

GET
H2 200 axp-one-seo.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-one-seo/2.1.0/ 30 KB
8 KB 74ms
74ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-one-seo/2.1.0/axp-one-seo.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e24ea596ee33331c894769239bfa9e2ef853f1962e6d099e28636c94b8a14c7a

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 16:11:54 GMT
etag: W/"5faabbca-768e"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 8035

GET
H2 200 axp-footer.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/ 307 KB
81 KB 80ms
79ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/axp-footer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fe6f52603b878eb77c896683e694767dc52332090fdb7ede6bcdf1bd84e56a3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 22:53:01 GMT
etag: W/"64d418cd-4cc74"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 82734

GET
H2 200 axp-global-header.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.18/ 254 KB
58 KB 88ms
87ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.18/axp-global-header.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdb816337330eb053021a9b22b7eaa7b6ede18b3607b22704a3057b18b91c249

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 02:50:51 GMT
etag: W/"64d4508b-3f785"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 59366

GET
H2 200 one-identity-login-alert.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/ 226 KB
48 KB 81ms
81ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/one-identity-login-alert.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0c3588a23da3a1cc3ac25e83b81c66008c431a06b3707fb0fbd7dbf441c45f2

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 16:59:19 GMT
etag: W/"654283e7-38743"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 49135

GET
H2 200 one-identity-login.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/ 389 KB
111 KB 81ms
81ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/one-identity-login.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed4343eecf63745ce175895771935a0d89830dcd7bb6e2c6d3c5ae32b952b124

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 01:38:11 GMT
etag: W/"65499503-614d7"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 113705

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 448 B
404 B 162ms
162ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

5973b36eed5c436c786b4944269180c83496b8ff973edd1c67de31ce53589fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 317

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 474 B
401 B 156ms
155ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dxt-script-supplier-helper&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

32f61fef769c4154a5d9ff29831b5f12f294fc7a83d12b34bc71f2d74119ba45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 314

GET
H2 404 one-identity-root.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/se-se/ 548 B
925 B 305ms
305ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/se-se/one-identity-root.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 404 one-identity-login-page.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/se-se/ 548 B
922 B 376ms
376ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/se-se/one-identity-login-page.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 200 dls.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/ 311 KB
42 KB 79ms
79ms Stylesheet
text/css 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/dls.min.css
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d94d1ea3fed357425b8b06c9180de00d3f29a715151868609d9687682235a469

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 15:11:43 GMT
etag: W/"62a0bc2f-4daaf"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 43085

POST
H2 201 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 18 B
838 B 264ms
264ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 83$166025325_911h11vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 93b26712-8f54-4f9b-844b-61b4a676ccdb
access-control-allow-headers: Content-Type
content-length: 18

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 axp-footer.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/se-se/ 548 B
925 B 237ms
237ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/se-se/axp-footer.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 404 axp-global-header.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.18/se-se/ 548 B
928 B 304ms
304ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.18/se-se/axp-global-header.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 200 dxt-script-supplier-helper.js Show response
www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/ 127 KB
49 KB 70ms
70ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/one-identity-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1904ac92566198828cfcf387ae5e0e42c15471c79d95b05c6cf85cbb483ec0d3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 03:14:19 GMT
etag: W/"651cd88b-1fa47"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 49599

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.4/ 216 KB
64 KB 87ms
86ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.10.4/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/one-identity-root.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 696879af80528079359990dee13bd1f83790e548fffe86b6f8254fded8578991

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 03:33:08 GMT
etag: W/"651cdcf4-35fc9"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 64679

GET
H2 200 one-identity-root.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/en-us/ 40 B
912 B 69ms
69ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/en-us/one-identity-root.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d949006e9173ee9c3167931b501e1c800b037c6d87a2ae895f645f75ec2f3142

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:05 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 18:43:26 GMT
etag: "65429c4e-28"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 60

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 451 B
402 B 162ms
162ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-stream-data-handler&version=%5E0.1.2&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

19a9d930e0e8c2d6c16d7d296cf2d5d341b4ca9d6df2f815e6ab11456de8ff1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 444 B
414 B 163ms
162ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

4da7602dc533958545fd43c0c47e4542c63ca03e08db47d0063f8536d932e0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 327

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 445 B
402 B 169ms
168ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=one-identity-session&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

8a6d92eb5ada2811361b2324fc844454e304eec4ba4727f9842b4bd9be4060a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 315

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 447 B
416 B 174ms
174ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=%5E0.1.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

342651a59f70f6b01849f5d7021d35e819d84f4a1c47ba626a463d5982ad1f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 329

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 428 B
396 B 187ms
187ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=tealeaf&version=%5E1.0.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

0a26b229751f035bc78ee8051f3d7304a329de02264662218b243fa0d04b0084

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 310

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 434 B
401 B 172ms
172ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=qualtrics&version=%5E1.34.0&environment=e3&cache=1699366

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions2a-vip.americanexpress.com

Software

Resource Hash

e4975be7a823ee4ff14c61a92f0232c2d1d89dd9b441139110ec0422836e3c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Tue, 07 Nov 2023 14:07:05 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 314

GET
H2 200 one-identity-login-page.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/en-us/ 3 KB
2 KB 90ms
90ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/en-us/one-identity-login-page.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2bcf070f5dfd7930f14418f083c94fb2d2233fac1911fee32f1942eba66eed88

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 18:41:29 GMT
etag: W/"652ed559-b68"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1294

GET
H2 200 axp-footer.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/en-us/ 7 KB
3 KB 91ms
91ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/en-us/axp-footer.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 378a570bf49d7834c9b9f57f91c789e4a15bf016637a50b72f7944d99117a914

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 22:52:50 GMT
etag: W/"64d418c2-1bd8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1913

GET
H2 200 axp-marketing-offer.browser.js Show response
www.aexp-static.com/cdaas/one-app/modules/axp-marketing-offer/5.0.1/ 172 KB
39 KB 102ms
101ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-marketing-offer/5.0.1/axp-marketing-offer.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/5.13.1-e28210f6/app~vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed996a24a09dbb61adbe97542a59ef87aea9a8b933e88b0f38f8d132fa935b55

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 17:25:05 GMT
etag: W/"63f64ff1-2ae1f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 39406

GET
H2 404 one-identity-login-alert.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/se-se/ 548 B
920 B 398ms
398ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/se-se/one-identity-login-alert.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 404 one-identity-login.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/se-se/ 548 B
925 B 304ms
304ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/se-se/one-identity-login.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

GET
H2 200 gtkp_aa.js Show response
global.americanexpress.com/myca/logon/us/docs/javascript/gatekeeper/ 25 KB
8 KB 91ms
90ms Script
application/javascript 23.212.210.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://global.americanexpress.com/myca/logon/us/docs/javascript/gatekeeper/gtkp_aa.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/one-identity-login.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.210.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-210-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbbaa7c67eefc2511be2ebd4fff4ecad779031c67acf108499ede1f1c2f3e5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Tue, 24 Oct 2023 00:40:50 GMT
vary: Accept-Encoding
access-control-allow-methods
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
x-oneagent-js-injection: true
access-control-allow-credentials: true
server-timing: dtSInfo;desc="1"
accept-ranges: bytes
access-control-allow-headers
content-length: 7866

GET
H2 200 cc.js Show response
www.cdn-path.com/ 39 KB
39 KB 292ms
159ms Script
application/javascript 52.222.236.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-path.com/cc.js?&sid=ee490b8fb9a4d570&tid=LOGIN-adfba2ac-ca69-418e-b957-d3ab0f5a9a69&namespace=inauth
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/one-identity-login.browser.js?clientCacheRevision=0ff83446-9d42-4712-8e86-b01da310ad6a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-100.fra56.r.cloudfront.net
Software: openresty/1.21.4.2 /
Resource Hash: 5d6d41160eff7af3f3a41d5e3c9096462ad28789dd2dde3f48ba6d68a1c961d5

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 14:07:06 GMT
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
server: openresty/1.21.4.2
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
x-ia-request-id: 7a037f663ac91a8615f78e53dc380437
content-length: 39803
x-amz-cf-id: p2xRp97KVuZXfTfq9ojwZ7uub8WWxR09nPoGx6AQ1_PGkrFXdilZvg==

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ 36 KB
37 KB 93ms
93ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer: https://www.americanexpress.com/
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-9121"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 37153

OPTIONS
H/1.0 200
OK errors
one-release.americanexpress.com/_/report/ Frame 0
0 144ms
144ms Preflight 139.71.9.142
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-release.americanexpress.com/_/report/errors
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.9.142 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: one-release-r1-vip.americanexpress.com
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 204
No Content errors Show response
one-release.americanexpress.com/_/report/ 0
4 KB 305ms
152ms Fetch 139.71.9.142
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://one-release.americanexpress.com/_/report/errors

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.9.142 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

one-release-r1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-ea232388-0f19-474b-82c2-d58c58142b81' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action .cdn-net.com .cdn-path.com .americanexpress.com sso.americanexpress.com; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-ea232388-0f19-474b-82c2-d58c58142b81' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action *.cdn-net.com *.cdn-path.com *.americanexpress.com sso.americanexpress.com; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:06 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1749112243", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.13.1-e28210f6
X-XSS-Protection: 1; mode=block
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI:dtagent10261230220152234G9pr"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

POST csp-violation
one-release.americanexpress.com/_/report/security/ Frame 8D4F 0
0

POST csp-violation
one-release.americanexpress.com/_/report/security/ Frame D5B8 0
0

POST
H2 201 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 18 B
834 B 366ms
366ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 83$166025325_911h27vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: f8a84608-2608-4699-bfdc-ecbec5282bfc
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ 2 KB
890 B 68ms
68ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 712

GET
H2 200 dls-flag-se.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/ 229 B
399 B 82ms
82ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/flags/dls-flag-se.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 49eba92ac084ae995b19995f663640cddd4f05c71d25a085a050ee5ddc28c464

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: "60dde06f-e5"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 189

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 oneStream.js Show response
www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/ 2 KB
1 KB 80ms
80ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/oneStream.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abfc249f54bfeee500682e375f1b07d4b5719688a7775330c68cc371e1a5223c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 18:10:56 GMT
etag: W/"5ff4abb0-7eb"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 885

GET
H2 200 timeout.js Show response
www.aexp-static.com/cdaas/one/one-identity-session/1.35.0/ 36 KB
12 KB 79ms
79ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/one-identity-session/1.35.0/timeout.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1bd41f73d34ebeed1e183bf479c8b98ed900e6990d1543f5ce8bfadf7d56d71c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 18:36:41 GMT
etag: W/"65283cb9-9019"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 11537

GET
H2 200 entrypoint-15983.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/ 70 KB
22 KB 79ms
79ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 417c82467823c079cd8385190edd3f028d108cea13c17a529a4fd92ebecace5e

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:46 GMT
etag: W/"654464b6-116b5"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 22496

GET
H2 200 tealeaf.min.js Show response
www.aexp-static.com/cdaas/akamai/tealeaf/lib/1.2.1/ 150 KB
50 KB 79ms
79ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/akamai/tealeaf/lib/1.2.1/tealeaf.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.0.6/dxt-script-supplier-helper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aac6d71e6dc5b4d24d4df3322f0d70ab0351e39d04b8b9b2689cb96fa4c59b21

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 22:43:08 GMT
etag: W/"618af97c-259a7"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 51097

POST
H2 200 pixel_543ecfae Show response
www.americanexpress.com/akam/13/ 0
810 B 77ms
76ms XHR
text/html 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/akam/13/pixel_543ecfae

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

x-dtpc: 83$166025325_911h28vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
alb-failover-nimval: 0
content-length: 0
x-frame-options: SAMEORIGIN
content-type: text/html

POST
H/1.1 400
Bad Request decisions Show response
pirecommendation.americanexpress.com/amexsite/personalization/v1/customers/treatments/ 205 B
645 B 624ms
168ms Fetch
application/json 139.71.2.46
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://pirecommendation.americanexpress.com/amexsite/personalization/v1/customers/treatments/decisions
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.2.46 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: pirecommendation-r2-vip.americanexpress.com
Software: /
Resource Hash: a944affa42e06151697d92eefe1eb797a8f12e055960fc3a4751d41da2f5eccb

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:06 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, api_key, Authorization, track_events
Content-Length: 205

GET
H2 404 axp-marketing-offer.json Show response
www.aexp-static.com/cdaas/one-app/modules/axp-marketing-offer/5.0.1/se-se/ 548 B
924 B 308ms
307ms Fetch
text/html 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-marketing-offer/5.0.1/se-se/axp-marketing-offer.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 167

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 147ms
147ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 07 Nov 2023 14:07:06 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
386 B 460ms
171ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 07 Nov 2023 14:07:06 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon Show response
iwmapapi.americanexpress.com/ 0
85 B 429ms
177ms XHR
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
content-security-policy: default-src 'self'
date: Tue, 07 Nov 2023 14:07:06 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-permitted-cross-domain-policies: none
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 185ms
184ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 07 Nov 2023 14:07:06 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 201 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 18 B
831 B 279ms
279ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 83$166025325_911h31vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 89ef4e8f-5652-4bbf-b4a4-2ee15fa33a79
access-control-allow-headers: Content-Type
content-length: 18

OPTIONS
H2 200 UpdateUserSession.v1
functions.americanexpress.com/ Frame 0
0 156ms
155ms Preflight 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,one-data-correlation-id
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ax-operation-mode,vary,one-data-context,authorization,x-b3-traceid,credentials,access-control-allow-credentials,x-one-data-host,access-control-allow-origin,x-b3-sampled,x-one-data-forward-address,ce-type,baggage-one-data-correlation-id,content-length,event-type,content-type,one-data-risk-assessment-token,one-data-correlation-id,ce-source,accept,x-mitigator-status,ax-rtf-dynamic-uri-override,ax-correlation-id,access-control-request-headers,agent-id,origin,content-encoding,x-b3-parentspanid,access-control-allow-headers,blueboxpublic,x-requested-with,x-b3-spanid,ax-rtf-filter,user-agent,ax-event-type,access-control-expose-headers,sub-event-type,access-control-max-age,x-mitigator-recommended-action,x-mitigator-finger-print
access-control-allow-methods: PUT,DELETE,OPTIONS,GET,POST
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
content-length: 0
date: Tue, 07 Nov 2023 14:07:06 GMT

POST
H2 401 UpdateUserSession.v1 Show response
functions.americanexpress.com/ 228 B
286 B 160ms
160ms Fetch 139.71.21.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.americanexpress.com/UpdateUserSession.v1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.21.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: functions2a-vip.americanexpress.com
Software: /
Resource Hash: 40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b

Request headers

one-data-correlation-id: 6d251c0d-3812-477f-91d8-4c5ec374a592
Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.americanexpress.com
date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 199
vary: origin

GET
H2 200 info.filled.svg
www.aexp-static.com/one/universal-session-manager-assets/ 361 B
509 B 301ms
301ms Image
image/svg+xml 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/one/universal-session-manager-assets/info.filled.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 04:57:13 GMT
etag: W/"64645ea9-169"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 235

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/ 74 KB
19 KB 69ms
68ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cc948d24e8fc290739a1efce8832dbf4032fe1e088270c8fdff052d2e4378851

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: W/"654464b5-1276e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 18613

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/ 40 KB
30 KB 70ms
69ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f8c2cac1cc87d5e38924916c4b6d6d864ecdc664d6e320602105717cf29d737

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: W/"654464b5-a10b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 30477

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/ 20 KB
5 KB 71ms
70ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/v1.0.80/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7be5675d168d291df088c6a86f690c6312b1e074afdc706d382623b8fece97d3

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: W/"654464b5-4f32"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 4906

GET
H2 200 filter-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/ 206 B
556 B 108ms
107ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/filter-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: "654464b5-ce"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 165

GET
H2 200 sri-hashes.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/ 283 B
611 B 72ms
71ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/sri-hashes.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: W/"654464b5-11b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 226

GET
H2 200 trigger-and-watch-data.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/ 238 B
571 B 94ms
93ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-53608/v1.0.80/trigger-and-watch-data.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: "654464b5-ee"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 181

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 19 KB
5 KB 69ms
69ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:33:52 GMT
etag: W/"64358bf0-4aae"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5153

POST
H2 200 tealeaf Show response
www.americanexpress.com/home/report/ 0
397 B 674ms
674ms Fetch 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/home/report/tealeaf

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

BigIP /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Encoding: gzip
X-Tealeaf-SyncXHR: false
X-Tealeaf: device (UIC) Lib/6.1.1.1991
accept-language: se-SE,se;q=0.9
X-Tealeaf-MessageTypes: 2,7,12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json
x-dtpc: ignore
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
X-Requested-With: fetch
X-TealeafType: GUI
X-PageId: P.EFTVS4MD9KYTL8UCRJHX244T9TT9
X-TeaLeaf-Page-Url: /se-se/account/login

Response headers

date: Tue, 07 Nov 2023 14:07:07 GMT
alb-failover-nimval: 0
server: BigIP
content-length: 0
x-frame-options: SAMEORIGIN

GET
H2 200 one-identity-login.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/en-us/ 4 KB
2 KB 90ms
90ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/en-us/one-identity-login.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fc7990135677884294ec73174343006b5af7df541c858b65735fcafbed07554

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 01:37:51 GMT
etag: W/"654994ef-f33"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1507

GET
H2 200 one-identity-login-alert.json Show response
www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/en-us/ 351 B
1 KB 71ms
71ms Fetch
application/json 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/en-us/one-identity-login-alert.json
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8e13e2c0ac9cac9a179566b63f556dbed3a3d9a652713aa3579e25e29fc92f95

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 16:58:47 GMT
etag: W/"654283c7-15f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 215

POST csp-violation
one-release.americanexpress.com/_/report/security/ Frame 6BC9 0
0

POST csp-violation
one-release.americanexpress.com/_/report/security/ Frame DF36 0
0

POST
H2 201 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 18 B
809 B 225ms
224ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 83$166025325_911h35vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 65484c64-c5ed-466e-b73f-326c32064b5f
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 tag-1-sha256-Bcbj3-zw7-SJacVbf8RotX1AxvAUULwogrgrNbsR-7E=.js Show response
www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/ 15 KB
3 KB 70ms
69ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-tag/tagging/groups/group-18341/tags/tag-1-sha256-Bcbj3-zw7-SJacVbf8RotX1AxvAUULwogrgrNbsR-7E=.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one-tag/tagging/entrypoints/v1.0.80/entrypoint-15983.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05c6e3dfecf0efe48969c55b7fc468b57d40c6f01450bc2882b82b35bb11fbb1

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:10:45 GMT
etag: W/"654464b5-3b1a"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 2459

POST
H/1.1 200
OK captureevents.do Show response
gct.americanexpress.com/gct/ 0
1 KB 825ms
238ms XHR
application/javascript 139.71.18.163
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.18.163 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv42.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'
Date: Tue, 07 Nov 2023 14:07:07 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
Content-Type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0

POST
H/1.1 200
OK captureevents.do Show response
gct.americanexpress.com/gct/ 0
1 KB 842ms
255ms XHR
application/javascript 139.71.18.163
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.18.163 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

gctv42.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'
Date: Tue, 07 Nov 2023 14:07:07 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET,OPTIONS, DELETE, HEAD, PUT
Content-Type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0

POST
H2 201 dpJTFOUAkC Show response
www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/ 18 B
816 B 270ms
270ms XHR
application/json 23.212.221.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/fhfZx/y/bY/XxJd/WzgJBMqB/E5ak6Dbkczw5/YG9R/TA/dpJTFOUAkC

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.221.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-221-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.americanexpress.com/se-se/account/login?DestPage=https%3A%2F%2Fglobal.americanexpress.com%2Fdashboard%3Fappv5%3Dfalse
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 83$166025325_911h38vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0

Response headers

date: Tue, 07 Nov 2023 14:07:07 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: ccf018b1-9d01-4149-ba9f-fb2c1223a990
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 dls-icons.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.25.0/package/dist/iconfont/ 55 KB
56 KB 70ms
69ms Font
font/woff 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.25.0/package/dist/iconfont/dls-icons.woff?v=2.25.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/dls.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5929a841c8d1ebd7866a5518301ccbecc142efe232d348991b08b887a840b56

Request headers

Referer: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/dls.min.css
Origin: https://www.americanexpress.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:06 GMT
last-modified: Wed, 08 Jun 2022 11:58:44 GMT
etag: "62a08ef4-dd9c"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 56732

POST
H/1.1 204
No Content csp-violation
one-release.americanexpress.com/_/report/security/ Frame 1CC3 0
4 KB 165ms
165ms Other
text/plain 139.71.9.142
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://one-release.americanexpress.com/_/report/security/csp-violation

Requested by

Host: global.americanexpress.com
URL: https://global.americanexpress.com/rewards

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.9.142 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

one-release-r1-vip.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-611dba89-4245-4d5e-bb88-0c01bb28b9ef' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action .cdn-net.com .cdn-path.com .americanexpress.com sso.americanexpress.com; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://one-release.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'self' *.aexp.com *.americanexpress.com wss://*.americanexpress.com *.aexp-static.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; script-src 'nonce-611dba89-4245-4d5e-bb88-0c01bb28b9ef' 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ staging.cdn-net.com www.cdn-net.com www.cdn-path.com; img-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com 'self' *.americanexpress.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn fonts.googleapis.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src *.aexp.com *.americanexpress.com *.aexp-static.com 'self' blob:; frame-ancestors *.aexp.com *.americanexpress.com qwww.americanexpress.com one-dev.americanexpress.com one-qa.americanexpress.com one.americanexpress.com one-identity-staging-dev.americanexpress.com one-identity-staging-qa.americanexpress.com one-identity-staging.americanexpress.com identity-dev.americanexpress.com identity-qa.americanexpress.com; frame-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com service.maxymiser.net *.yodlee.com *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn staging.cdn-net.com www.cdn-net.com www.cdn-path.com https://www.google.com; form-action *.cdn-net.com *.cdn-path.com *.americanexpress.com sso.americanexpress.com; font-src 'self' *.americanexpress.com *.aexp-static.com *.aexp.com assets.adobedtm.com aexp.demdex.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn; object-src 'self' *.aexp.com *.americanexpress.com
X-Content-Type-Options: nosniff
Date: Tue, 07 Nov 2023 14:07:07 GMT
X-DNS-Prefetch-Control: off
Server-Timing: dtSInfo;desc="1", dtTao;desc="1"
Connection: keep-alive
One-App-Version: 5.13.1-e28210f6
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Access-Control-Allow-Headers

POST
H2 200 s2 Show response
www.cdn-path.com/ Frame 1CC3 35 B
372 B 228ms
227ms Document
text/html 52.222.236.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-path.com/s2?t=AQPq4GgwoqIF0UmydOq%2Fo4SH&x=1&sid=ee490b8fb9a4d570&tid=LOGIN-adfba2ac-ca69-418e-b957-d3ab0f5a9a69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-100.fra56.r.cloudfront.net
Software: openresty/1.21.4.2 /
Resource Hash: 3615e30dc95a3e48c66d53a77deb9894e94ddcb79c8759b5faa9625411076551

Request headers

Content-Type: multipart/form-data; boundary=----WebKitFormBoundary05So75pZrkjSxuuU
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
content-type: text/html
date: Tue, 07 Nov 2023 14:07:07 GMT
pragma: no-cache
server: openresty/1.21.4.2
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-id: jmHLpJEK2LOFap5TQ3ebnJAyT_aNP2aLWhs8NdsfQxGWV5Q4I02rwQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-ia-request-id: 4920994c8ccceaaa680b8d2b2d4507f3

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 13 KB
13 KB 791ms
202ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_perc_100000_ol_0_mul_1_app-3A93a0f6e6bb5c4ea1_1_app-3Af32f70c4a19cb7f4_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&modifiedSince=1699360460280&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&crc=3217693540&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 3c6212ccdd60377db83cd0a17e35c0d7dbf7f69b503e0c4ad335ef2990786131

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:08 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 13463

GET
H2 200 dls.min.css Show response
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/ 311 KB
42 KB 70ms
70ms XHR
text/css 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.21.5/package/dist/6.21.5/styles/dls.min.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e75e3c9caf10efe346d5b395277c67ae456ba1a424c04aa631cd3b7ebb041184

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:07:08 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 15:11:43 GMT
etag: W/"62a0bc2f-4daaf"
vary: Origin, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 43085

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 249 B
557 B 398ms
398ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&crc=1443344437&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:08 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 249

OPTIONS
H/1.0 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7
dynatracepsg.americanexpress.com/bf/ Frame 0
0 196ms
195ms Preflight 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&contentType=srBm&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&v=10255221104040648&crc=2031786053&en=jf4wyxxa&end=1
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 249 B
557 B 393ms
393ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&contentType=srBm&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&v=10255221104040648&crc=2031786053&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/octet-stream

Response headers

Date: Tue, 07 Nov 2023 14:07:09 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 249

OPTIONS
H/1.0 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7
dynatracepsg.americanexpress.com/bf/ Frame 0
0 195ms
195ms Preflight 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&contentType=srBm&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&v=10255221104040648&crc=2907580112&en=jf4wyxxa&end=1
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: BigIP /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.americanexpress.com
Connection: Keep-Alive
Content-Length: 0
Server: BigIP

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 249 B
557 B 204ms
204ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&contentType=srBm&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&v=10255221104040648&crc=2907580112&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/octet-stream

Response headers

Date: Tue, 07 Nov 2023 14:07:10 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 249

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 249 B
557 B 201ms
200ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&contentType=srTe&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&v=10255221104040648&crc=102995245&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:10 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 249

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 249 B
557 B 202ms
202ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?type=js3&sn=v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=83&flavor=cors&vi=UHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0&modifiedSince=1699363676215&rf=https%3A%2F%2Fwww.americanexpress.com%2Fse-se%2Faccount%2Flogin%3FDestPage%3Dhttps%253A%252F%252Fglobal.americanexpress.com%252Fdashboard%253Fappv5%253Dfalse&bp=3&app=f32f70c4a19cb7f4&crc=1297495398&en=jf4wyxxa&end=1
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/dashboard/ruxitagentjs_ICA27NQVfghjqrux_10255221104040649.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Nov 2023 14:07:10 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 249

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.americanexpress.com
URL: https://global.americanexpress.com/dashboard

Domain: icm.aexp-static.com
URL: https://icm.aexp-static.com/one-amex/loyalty/se-se/axp-loyalty-dashboard-container/dashboard-exp.json

Domain: iwmapapi.americanexpress.com
URL: https://iwmapapi.americanexpress.com/beacon

Domain: iwmapapi.americanexpress.com
URL: https://iwmapapi.americanexpress.com/beacon

Domain: one-release.americanexpress.com
URL: https://one-release.americanexpress.com/_/report/security/csp-violation

Domain: one-release.americanexpress.com
URL: https://one-release.americanexpress.com/_/report/security/csp-violation

Domain: one-release.americanexpress.com
URL: https://one-release.americanexpress.com/_/report/security/csp-violation

Domain: one-release.americanexpress.com
URL: https://one-release.americanexpress.com/_/report/security/csp-violation

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: testcookie Value: 2023-11-07/07:07:07:533
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: JSESSIONID Value: 4st2sONlbwQnTpZgtKYquFw4lvyAQeSZZiaP-kiN.vc-deployment-112-xjt59
gct.americanexpress.com/gct	1969-12-31 23:59:59	Name: TS01b3a5dc Value: 0152a806c1ecd5b17b08ac7ede028092ef5d898591b7dd0a5c813aba5aae537842b9028866ea0b339b643fe78eb39a5f4fb83236b5
.americanexpress.com/	1970-01-21 00:48:22	Name: agent-id Value: 00eebd23-8243-45b5-9be1-0a0d1b3056d1
.americanexpress.com/	1970-01-20 16:03:00	Name: bm_sz Value: B49629178D1F5FFC84E8ABFFAA77CA41~YAAQ1eIlFy65YaSLAQAAdq4bqhWI28pRjKbADF/+nIFu/DmcNt2/Q64lU3GBLiyExbe8fXYpZfL+EMgpRoioIskd0xgLC93GFcPDfLMOinw7X9EEYj4bs6HpznIsI6PKGrjRSGqFYhHj8kJ3+D6TdDzozNiMQLHnwTL4kRav1/UBpcRmKLx/GjVj9ts7+oOBTTR4g8bUCB5gtbOtbOXyQ1qDdRyUeV/XYpPv2U3hOZUviikhx2aUcng/F1ZYEXESwwSEJ/c635TEQLSNccNbmZdhJyHIafcl3/CVjZMeu1v6xr8R0d7g55h8OAw=~3289142~3421250
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 169936602311251U55OSQPECK8BF3VGSEHA0TI90U7RUG
global.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0103f93e5c906136faa605edc4a1d566ba360d7821c5265e9f55d0d05feb96f963bac4b8e83b37d817ac740d1a02f0ea89b473e172
one-xp.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0152a806c114fd225866e4c730cf38f811b5793c1767a8ac019722b139a3cc515651dd399449e926e3439f82ec6201126a13bf91dd
www.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0144d4a8395289f28e89d195803c6a57cd6b4b5ab3676670499f3397b489536d948ff546d4e6c437856b3a07a8291e5dbfb919aee3
www.americanexpress.com/	1969-12-31 23:59:59	Name: akaalb_www_ONE_v2 Value: ~op=www_one_LBM:onereleaseE3origin\|~rv=79~m=onereleaseE3origin:0\|~os=9184cb63cc50160c7345890467a4f9a2~id=a3ef9752bf47d6cba09981631e3ba7b3
.americanexpress.com/	1970-01-20 16:02:53	Name: bm_mi Value: 68F73B75EA79AED6DC73152803EFC23F~YAAQz+IlF9rMbmyLAQAAGrcbqhVYPSpiFo/kFcIsj3TvO26Zx9s76v8WvKihXcpyA8vPGta8drDb+nC1UKBLaZ2gM21p5a96eLvbJk8o9WrI4eEKBeqvGYEYD61vJERW66rYhTl6lDJ+ZnVPfm/cCbA3WEWQ6Uv5hRHbcq/bdPuolw3eMYF3auiFXpavFQs2ie5kpO/a17KkLl1ZrvYGTb6tlZ33CRiHl06Iqjy98aNl62IaGTgVvrG/1UEw9x5jA8JwHU/G4PqCYNA4DA+JC1HNjku/NyRXhj+Y/6PBqwZcC9RMFUA0+XM31H2gk2DMv4pIPgS8/3dlzfyx9xXJUqDo5dRrbVxoUuE=~1
.americanexpress.com/	1970-01-20 16:02:53	Name: bm_sv Value: 9CA42A9B2DC725EF1D89C4972B02AF13~YAAQz+IlF9vMbmyLAQAAGrcbqhW0woTIcaoGvzeBBu/iyjRHsjAzb5A/bxs+60WtF9iDJzeQCbMy/Ils2mxcZTbEiWbWKdHHT6g1ufIZDbsGNAeFhvA+f2MlS9tGc/KMa+IhWm+5qwdmWZHNMzCUXY6dIx2cUpYBRZW/vfp5KDYhhDQ3nM4YcXVPaXv4Vb8wkm5MogcWjLwEs125/idTHf54rROTiF+9Hxjmt7hH4IcFT9y2fy5ASgClyLtYhKokhUwTpROQJdV0~1
.americanexpress.com/	1969-12-31 23:59:59	Name: dtLatC Value: 340
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
global.americanexpress.com/	1970-01-20 16:02:46	Name: akaalb_global Value: 1699366626~op=global_mycacanlaclogon_LBM:logonus-e3-epaas\|global_mycaapp_dashboard_LBM:mycaapp-e3-epaas\|global_lyltrewards_LBM:loyalty1benefits-e3-epaas\|global_lyltrewards_v5_LBM:loyalty3-e3-epaas\|~rv=50~m=logonus-e3-epaas:0\|mycaapp-e3-epaas:0\|loyalty1benefits-e3-epaas:0\|loyalty3-e3-epaas:0\|~os=fd3a3bfff9e217a4b692205b139915f8~id=7aad21e2a79dc26014cb4a1daa462cd4
.americanexpress.com/	1970-01-20 16:02:53	Name: ak_bmsc Value: 0A345374F2CF23B57246CD3A658C1120~000000000000000000000000000000~YAAQz+IlF+vMbmyLAQAAWLwbqhWOSWVBIoz+U7mTs29IY/t0NWS1Og3UL9DzItvRihVYEjmgKk4r8J56CQ3xfEHi7E54gEnPBLvejuGmi3PIrIjIMCk6vSc6aEi/DbIvo/74WxQ7brDljgjK8Txfnf/manLHo88GOa1a9mfGZYHq8EPgdCNEAhq19fQVGQYwwJfah+vDudAC2IgDeNC+v3BAx/9HkSxmalCU5YUlljLOcUVKrZb1MAXQRWEv/I2vd01tChHr1/tZdaJ0EBOEvkQ2n7ohPn0yXfc2OKefajkHQ03Q9RwBebwYqwq84ESMNC8X5Jwr+UNuGfOLDKwf61ymevCAZMbmnZqd5gDP8Mk4i4Od2PCrMZ89uXpmLX1AR2s0HnSxaRYzIad7Wf69Vn3NOOBkx1zr9dGdem6OPG8+BYygWZaR1Uc+ytgZ6IIGKtK4asDbllZNw5O8VC0afHbi/W6TnCFjI+sQy13JQukUuTO5uRiOToyL8hYuM9u1a8PSr9dPAR9k3v4TWOlaJoV6M3Yrz9sC3E9dTG1eI63ATg1YHhQ05wiz7ARjl7Jb
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: se-SE
www.cdn-path.com/	1970-01-20 20:21:58	Name: _cc-x Value: OTFkMzQ0NTItNjc3My00MDk5LWFiZmEtMTlmMTRiOTA4Y2FlOjE2OTkzNjYwMjYzMjk
www.americanexpress.com/	1970-01-21 00:48:25	Name: _cc Value: AQPq4GgwoqIF0UmydOq%2Fo4SH
www.americanexpress.com/	1970-01-21 00:48:25	Name: _cid_cc Value: AQPq4GgwoqIF0UmydOq%2Fo4SH
.americanexpress.com/	1970-01-21 00:48:22	Name: _abck Value: 3FC115E472BF8EE1F102E803AF5AF62B~-1~YAAQz+IlF/PMbmyLAQAAGr8bqgovQFvilEYJAe4P9dfDFXZ3qfWzsyTJm0ITs0RmX72+jzMdGzwRJcYGvs0Az1JQCQd2Zn9f4/wu6gKYO0zKa45MBm7Q6gavl9o7uVyR8YXHalCToMDDMNcKrNAykZ7X5C23pYwqoZa/iubYTOg5TNnWurR3XVahRshOVjmGBXmbanjaLQE8hYxhKVX45E+Jp0q1yvOZRAZU87L0sRC77/VoYaaXzwYX+8/L6FZLZwK4QGFLdhN8LnOu/F50P/WZPyrDJrPVRWINIHAEdbTr2AvJwo8QlmhvF9HXxYPab6FVqOytajv08T8jIjvzC/BDzVsluBCrAB5I7d2QMJo3Ow+eGWl4/8I4ODdM8+aLnm3diGttj5JHypvjjshrTkMj2A==~-1~-1~-1
www.americanexpress.com/	1970-01-20 16:02:46	Name: akaalb_www Value: 1699366627~op=www_tleafapinew_LBM:tleafapinew-e3-origin\|~rv=44~m=tleafapinew-e3-origin:0\|~os=9184cb63cc50160c7345890467a4f9a2~id=2aa97712aa7d90a668ffba7cb60ae790
.americanexpress.com/	1970-01-21 01:38:46	Name: gctracus Value: "gctvid=2023-11-07/15:07:06:755-4b72d7a0-df34-2e0c-b573-9a59b27d9a80&eep=null&sno=1&lan=1"
gct.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0152a806c1ecd5b17b08ac7ede028092ef5d898591b7dd0a5c813aba5aae537842b9028866ea0b339b643fe78eb39a5f4fb83236b5
.americanexpress.com/	1969-12-31 23:59:59	Name: TS0114bdae Value: 0152a806c1ecd5b17b08ac7ede028092ef5d898591b7dd0a5c813aba5aae537842b9028866ea0b339b643fe78eb39a5f4fb83236b5
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: 83$166025325_911h-vUHAUQHBPMAVASFSUFNIWRPKRHSCFLCKT-0e0
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_83_sn_2438CF2900D2A7399E1BA667766EA232_app-3Af32f70c4a19cb7f4_1_app-3A93a0f6e6bb5c4ea1_1_ol_0_perc_100000_mul_1_rcs-3Acss_0
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1699367829203\|1699366023114

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://global.americanexpress.com/rewards Message: Access to fetch at 'https://icm.aexp-static.com/one-amex/loyalty/se-se/axp-loyalty-dashboard-container/dashboard-exp.json' from origin 'https://global.americanexpress.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://icm.aexp-static.com/one-amex/loyalty/se-se/axp-loyalty-dashboard-container/dashboard-exp.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-root/2.19.5/se-se/one-identity-root.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-page/2.10.0/se-se/one-identity-login-page.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-footer/4.30.10/se-se/axp-footer.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-global-header/4.3.18/se-se/axp-global-header.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://functions.americanexpress.com/DeleteUserSession.v1 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login/6.28.0/se-se/one-identity-login.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/one-identity-login-alert/4.2.0/se-se/one-identity-login-alert.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aexp-static.com/cdaas/one-app/modules/axp-marketing-offer/5.0.1/se-se/axp-marketing-offer.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://functions.americanexpress.com/UpdateUserSession.v1 Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://pirecommendation.americanexpress.com/amexsite/personalization/v1/customers/treatments/decisions Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://loyalty-3.americanexpress.com/_/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'self' .aexp.com .americanexpress.com wss://.americanexpress.com .aexp-static.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; script-src 'nonce-e918e6215c90fb5ac75be53b88320d4a' 'nonce-55aa949a-a6ba-400e-8e34-1c90e860a28d' 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com assets.adobedtm.com nexus.ensighten.com service.maxymiser.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ ct.contentsquare.net contentsquare.com app.contentsquare.com t.contentsquare.net; img-src 'self' .aexp.com .americanexpress.com .aexp-static.com data: c.evidon.com assets.adobedtm.com aexp.demdex.net siteintercept.qualtrics.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn https://maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com https://www.gstatic.com/recaptcha/ www.google.com/recaptcha/ c.contentsquare.net r.contentsquare.net l.contentsquare.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com 'self' .americanexpress.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn fonts.googleapis.com; connect-src 'self' .aexp.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net siteintercept.qualtrics.com stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn .americanexpress.com wss://.americanexpress.com c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src .aexp.com .americanexpress.com .aexp-static.com 'self' blob:; frame-ancestors .aexp.com .americanexpress.com; frame-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com service.maxymiser.net .yodlee.com .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; font-src 'self' .americanexpress.com .aexp-static.com .aexp.com assets.adobedtm.com aexp.demdex.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn; object-src 'self' .aexp.com .americanexpress.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dynatracepsg.americanexpress.com
functions.americanexpress.com
gct.americanexpress.com
global.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
loyalty-3.americanexpress.com
membershiprewards.com
one-release.americanexpress.com
one-xp.americanexpress.com
pirecommendation.americanexpress.com
www.aexp-static.com
www.americanexpress.com
www.cdn-path.com
www.membershiprewards.com
global.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
one-release.americanexpress.com
104.91.14.111
139.71.16.158
139.71.18.163
139.71.2.46
139.71.2.98
139.71.21.230
139.71.89.13
139.71.9.142
23.212.203.180
23.212.209.212
23.212.210.226
23.212.220.184
23.212.221.34
52.222.236.100
0046b29b4fd29215318f4d42bd1b249ab569c60f715e7fb343a098d767554712
04763f567754fa13c29c6ca95d8f0182db2a77e8667d37d731c37e32aa89c2c2
0482e90aaf1af7365b7c8ae3c4c4205eb6ded8137e41fac3713018e8ccf32c2a
05c6e3dfecf0efe48969c55b7fc468b57d40c6f01450bc2882b82b35bb11fbb1
0a26b229751f035bc78ee8051f3d7304a329de02264662218b243fa0d04b0084
11e42fe3d942bcb20935dafdf9698da4d51ad818fbea42e0c3c96237d7524271
13b79bc533b3de8be0c39d86f90623bb650718569217ad3bdd2f5fd94aa99cc3
1904ac92566198828cfcf387ae5e0e42c15471c79d95b05c6cf85cbb483ec0d3
1993d483de6ac6f9d818408dfc8c2cf53361154e406551f1018bd707af3cc460
19a9d930e0e8c2d6c16d7d296cf2d5d341b4ca9d6df2f815e6ab11456de8ff1e
1a7391b8f629b696fb5fab606acddf06d9e51cb6a227c41a82db2ee989e6df25
1bd41f73d34ebeed1e183bf479c8b98ed900e6990d1543f5ce8bfadf7d56d71c
1c0cedd9344eba764d5d842050767745fa35e47312a6ab2459c426d39c9fc25f
1c86d0b6dc060faa52a220fcc5a0f2ee6ffc3e4a3780966968a79a5993c2ac38
244a1f4e99621680e3ede84eec94e23fae20d16eaf742c6d1c0ee3ca24fedd0e
2bcf070f5dfd7930f14418f083c94fb2d2233fac1911fee32f1942eba66eed88
32f61fef769c4154a5d9ff29831b5f12f294fc7a83d12b34bc71f2d74119ba45
33df4e63faa6d1c9206722d7ed2743e29cf6da93ee59462f214b2ae51a51f893
342651a59f70f6b01849f5d7021d35e819d84f4a1c47ba626a463d5982ad1f4f
3615e30dc95a3e48c66d53a77deb9894e94ddcb79c8759b5faa9625411076551
378a570bf49d7834c9b9f57f91c789e4a15bf016637a50b72f7944d99117a914
3a9dfec7d3e1780b0744d6e29fa9f3c348dc06c0b798e537a8085e39520438a4
3c6212ccdd60377db83cd0a17e35c0d7dbf7f69b503e0c4ad335ef2990786131
40a91b0413e3680ee73fe6ecb6c52d2e509d11d57a584e873f73dc3ef059750b
417c82467823c079cd8385190edd3f028d108cea13c17a529a4fd92ebecace5e
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
46f4bdcca1f96977dbd4990b5f5029a64f4c560bed77880b9e0f5d42ace1f058
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
49eba92ac084ae995b19995f663640cddd4f05c71d25a085a050ee5ddc28c464
4da7602dc533958545fd43c0c47e4542c63ca03e08db47d0063f8536d932e0d7
53b28d3040d42a0f9330149cca113a715451abb33a6fd8ec93eb06e9a470f8c6
5973b36eed5c436c786b4944269180c83496b8ff973edd1c67de31ce53589fc3
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5d6d41160eff7af3f3a41d5e3c9096462ad28789dd2dde3f48ba6d68a1c961d5
5f8c2cac1cc87d5e38924916c4b6d6d864ecdc664d6e320602105717cf29d737
5f9e199f23b80f24166017f602b9f32335d63c8a83286b002e3fa841eb65ee8f
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
666482ae3f904190f36dbe56980a231b30659a19451a7e0da14f2fdfc17e0b8f
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
67c3c40ab14d35bfd633ca21ff028cb78c84c732f046d716183aa6f16eed0a2c
696879af80528079359990dee13bd1f83790e548fffe86b6f8254fded8578991
69fd881cce2812d683e6b005861ffe28f8b26507dfdcc0f0ee62a17b669cf1cb
7066a1bd1fc62016f82e111b3a3253bb0306d9e5f69bcbbcfbdfc20bddadb640
74015fccf87ad143f1285f9f7aee8f5199d88822239e1315f3f25cd131b47afc
77f26c37870b9f2f423827ef89cd03b978407f2b09f705c071d4a6b632cc38ed
7be5675d168d291df088c6a86f690c6312b1e074afdc706d382623b8fece97d3
803f3f4d0980ad55b62c9f59d90d10c2f8db913b112bb8611349d8fe47fdb250
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8a6d92eb5ada2811361b2324fc844454e304eec4ba4727f9842b4bd9be4060a6
8e13e2c0ac9cac9a179566b63f556dbed3a3d9a652713aa3579e25e29fc92f95
8f2e5b88c7ed1bb248f7f4c1cad363dd3cd218f0fdfd0afcdfec7ecb50a7790b
9980c2d752827bb8cbbe305d4f3c485d2a0906b8c121005d04a4f9cf720db6b4
9c89cf198bfb7ee5661fe2ea31a5e6bd0799dd5486305b82167931045ef7b30a
9d71d0c59a312289e730f585b89643cd8d820e60f202f8bbd4be2ad48dd4f885
9fc7990135677884294ec73174343006b5af7df541c858b65735fcafbed07554
9fe6f52603b878eb77c896683e694767dc52332090fdb7ede6bcdf1bd84e56a3
a66e4cd60738b694440d9848a9154cd22dd377419e4505f90a8dc88ae1d3ea33
a944affa42e06151697d92eefe1eb797a8f12e055960fc3a4751d41da2f5eccb
aac6d71e6dc5b4d24d4df3322f0d70ab0351e39d04b8b9b2689cb96fa4c59b21
abfc249f54bfeee500682e375f1b07d4b5719688a7775330c68cc371e1a5223c
ac2f8d570c1c4802b4fbf9a10c17b4203932507992fe77969e0d2be3cf8c0c59
bbd02ece7aaca005e3318703e318eaf5dd794fffb2dd432a5c5ba6df9a961997
bc7b03745f761929af869c573481e525e7ba55dd53efc6e3dba9c498fe6d65c4
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c23e2c3515d20018686f8d63788b51908573ba5bf7db7b4ba55bf47c7a7c55e4
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c5184d067916d3aff05d527533caa8d3826049baad5bf4b240532f93619e60d1
c5929a841c8d1ebd7866a5518301ccbecc142efe232d348991b08b887a840b56
cc566d213bcdfb4c42844f7be70682d342ab4601d867bc8dbdc1baf06e142564
cc948d24e8fc290739a1efce8832dbf4032fe1e088270c8fdff052d2e4378851
cdb816337330eb053021a9b22b7eaa7b6ede18b3607b22704a3057b18b91c249
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d50bb6369b45a6630eb408e715864804e174793ed9c1a70451f209966dd9b278
d7dd7857f9c4d611cf4c440c53b621260182ef0a8bf348fecce397e163fe371e
d949006e9173ee9c3167931b501e1c800b037c6d87a2ae895f645f75ec2f3142
d94d1ea3fed357425b8b06c9180de00d3f29a715151868609d9687682235a469
dd1d6ee6d64c66f5834166033d00e5f198e10a5c5e550408d6abd6d22a14c2e6
e2401edc898f0ebd685f99752832539d5339729adaeb456f7398a14ccbe75510
e24ea596ee33331c894769239bfa9e2ef853f1962e6d099e28636c94b8a14c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced
e4975be7a823ee4ff14c61a92f0232c2d1d89dd9b441139110ec0422836e3c2f
e6f48c54e0c4880c8d11aa153ea798b5386cc3989b440ddda26b6b128edc7fbe
e75e3c9caf10efe346d5b395277c67ae456ba1a424c04aa631cd3b7ebb041184
ed4343eecf63745ce175895771935a0d89830dcd7bb6e2c6d3c5ae32b952b124
ed996a24a09dbb61adbe97542a59ef87aea9a8b933e88b0f38f8d132fa935b55
f0c3588a23da3a1cc3ac25e83b81c66008c431a06b3707fb0fbd7dbf441c45f2
f12de8271d72c205038a8ef8f07b2f07bcee7d60960da9ebe47b77f602c46dfc
f1c2fda9627351e28491ab6832e1b716b32ddd416da7e2715f62140721866f91
f21f90f0f1de1219b6d20c6133ea5f442bb68a18f8a81b055e33df1880ab4b28
f802322ca608264d45f2c1727bbac16f91289fe1b922bb58ee53b1ae88dc00a0
fbbaa7c67eefc2511be2ebd4fff4ecad779031c67acf108499ede1f1c2f3e5b5
fc0ee9476197548dbfb6314915f5e97a80d1983e7dd441572ca23771f351a5c5

www.americanexpress.com Open in urlscan Pro 23.212.221.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

94 %HTTPS

0 %IPv6

4 Domains

15 Subdomains

13 IPs

3 Countries

3613 kBTransfer

13246 kBSize

28 Cookies

11 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanexpress.com Open in urlscan Pro
23.212.221.34 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

15
Subdomains

13
IPs

3
Countries

3613 kB
Transfer

13246 kB
Size

28
Cookies

145 HTTP transactions
7 data transactions