www.americanexpress.com Open in urlscan Pro
104.102.52.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Submission: On July 31 via api (July 31st 2023, 2:30:17 am UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 17 domains to perform 161 HTTP transactions. The main IP is 104.102.52.74, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.americanexpress.com. The Cisco Umbrella rank of the primary domain is 15364.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 14th 2022. Valid for: a year.

This is the only time www.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.102.52.74 104.102.52.74	16625 (AKAMAI-AS) (AKAMAI-AS)
63	23.201.241.3 23.201.241.3	16625 (AKAMAI-AS) (AKAMAI-AS)
10	139.71.18.229 139.71.18.229	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	35.168.201.13 35.168.201.13	14618 (AMAZON-AES) (AMAZON-AES)
5	139.71.55.230 139.71.55.230	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	104.102.51.105 104.102.51.105	16625 (AKAMAI-AS) (AKAMAI-AS)
6	139.71.16.158 139.71.16.158	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1	139.71.27.117 139.71.27.117	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
4	2600:9000:249... 2600:9000:2490:f200:c:7c62:1240:93a1	16509 (AMAZON-02) (AMAZON-02)
4	139.71.89.13 139.71.89.13	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
1 2	34.251.50.248 34.251.50.248	16509 (AMAZON-02) (AMAZON-02)
3	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
4	63.140.62.160 63.140.62.160	15224 (OMNITURE) (OMNITURE)
8	52.50.14.35 52.50.14.35	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	34.247.45.95 34.247.45.95	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
1	2a04:4e42::448 2a04:4e42::448	54113 (FASTLY) (FASTLY)
8	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
1	198.160.127.57 198.160.127.57	15026 (ACXIOM) (ACXIOM)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
161	27

5 104.102.52.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-52-74.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 23.201.241.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-241-3.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.71.18.229 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: acquisition-12.americanexpress.com

acquisition-1.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.201.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-201-13.compute-1.amazonaws.com

track.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.71.55.230 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: functions-r2a.americanexpress.com

functions.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.51.105 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-51-105.deploy.static.akamaitechnologies.com

one-xp.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.71.16.158 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: iwmapapi22.americanexpress.com

iwmapapi.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.27.117 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: acqgateway-r1-vip.americanexpress.com

acqgateway.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:f200:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)

ct.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.71.89.13 (United States)

ASN6307 (AMERICAN-EXPRESS, US)

dynatracepsg.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.50.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-50-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

tms.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.140.62.160 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.50.14.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.45.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-45-95.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::448 (United States)

ASN54113 (FASTLY, US)

publisher.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpchat.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.160.127.57 (Conway, United States)

ASN15026 (ACXIOM, US)

aeopprodvip.acxiom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 12969 icm.aexp-static.com — Cisco Umbrella Rank: 14906	2 MB
50	americanexpress.com www.americanexpress.com — Cisco Umbrella Rank: 15364 acquisition-1.americanexpress.com — Cisco Umbrella Rank: 178511 functions.americanexpress.com — Cisco Umbrella Rank: 22032 one-xp.americanexpress.com — Cisco Umbrella Rank: 25446 iwmapapi.americanexpress.com — Cisco Umbrella Rank: 17737 acqgateway.americanexpress.com — Cisco Umbrella Rank: 305497 dynatracepsg.americanexpress.com — Cisco Umbrella Rank: 24295 tms.americanexpress.com — Cisco Umbrella Rank: 57747 gct.americanexpress.com Failed omns.americanexpress.com — Cisco Umbrella Rank: 15824 lpchat.americanexpress.com — Cisco Umbrella Rank: 56835	782 KB
12	contentsquare.net ct.contentsquare.net — Cisco Umbrella Rank: 23792 c.contentsquare.net — Cisco Umbrella Rank: 3814	123 KB
8	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3412 publisher.liveperson.net — Cisco Umbrella Rank: 21586 va.v.liveperson.net — Cisco Umbrella Rank: 3846	140 KB
6	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3282	12 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 319	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	3 KB
1	acxiom.com aeopprodvip.acxiom.com — Cisco Umbrella Rank: 168794	429 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1234	428 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1510	637 B
1	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 809	570 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1224	634 B
1	rkdms.com track.sv.rkdms.com — Cisco Umbrella Rank: 11501	263 B
0	linkedin.com Failed px4.ads.linkedin.com Failed
0	google.de Failed adservice.google.de Failed www.google.de Failed
0	wdsvc.net Failed tags.wdsvc.net Failed
161	17

	Domain	Requested by
41	www.aexp-static.com	www.americanexpress.com www.aexp-static.com
22	icm.aexp-static.com	www.americanexpress.com www.aexp-static.com ct.contentsquare.net lpchat.americanexpress.com
10	acquisition-1.americanexpress.com	www.americanexpress.com www.aexp-static.com
8	lpchat.americanexpress.com	lptag.liveperson.net
8	c.contentsquare.net
6	accdn.lpsnmedia.net	lptag.liveperson.net lpchat.americanexpress.com
6	iwmapapi.americanexpress.com	www.aexp-static.com ct.contentsquare.net
5	va.v.liveperson.net	lptag.liveperson.net va.v.liveperson.net
5	functions.americanexpress.com	www.aexp-static.com
5	www.americanexpress.com	www.americanexpress.com ct.contentsquare.net
4	omns.americanexpress.com	www.aexp-static.com
4	dynatracepsg.americanexpress.com	www.aexp-static.com dynatracepsg.americanexpress.com
4	ct.contentsquare.net	www.aexp-static.com ct.contentsquare.net
4	one-xp.americanexpress.com	www.aexp-static.com
3	tms.americanexpress.com	www.aexp-static.com
2	lptag.liveperson.net	www.aexp-static.com
2	s.amazon-adsystem.com	1 redirects
2	www.facebook.com
2	dpm.demdex.net	1 redirects
1	aeopprodvip.acxiom.com	ct.contentsquare.net
1	publisher.liveperson.net	lptag.liveperson.net
1	jadserve.postrelease.com
1	alb.reddit.com
1	ct.pinterest.com
1	sp.analytics.yahoo.com
1	acqgateway.americanexpress.com	www.aexp-static.com
1	track.sv.rkdms.com	www.aexp-static.com
0	www.google.de Failed
0	px4.ads.linkedin.com Failed
0	adservice.google.de Failed
0	tags.wdsvc.net Failed
0	gct.americanexpress.com Failed	www.aexp-static.com
161	32

This site contains links to these domains. Also see Links.

Domain
online.americanexpress.com
global.americanexpress.com
www347.americanexpress.com
personalsavings.americanexpress.com
www.bluebird.com
www.serve.com
www.amexgiftcard.com
www.amextravel.com
hotel-booking.americanexpress.com
www.americanexpresscruise.com
www.amexglobalbusinesstravel.com
aeti.americanexpress.com
americanexpress.com
ir.americanexpress.com
network.americanexpress.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-14` - `2023-09-14`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
acquisition-12.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-01-07` - `2024-01-04`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-26`	9 months	crt.sh
functions.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-10-10` - `2023-10-09`	a year	crt.sh
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA	`2022-09-13` - `2023-09-12`	a year	crt.sh
iwmapapi.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-08-10` - `2023-08-09`	a year	crt.sh
acqgateway-r1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-03-01` - `2024-02-28`	a year	crt.sh
ct-tag.clicktale.net Amazon RSA 2048 M02	`2023-04-26` - `2024-05-25`	a year	crt.sh
dynatracepsg.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-31` - `2024-05-29`	a year	crt.sh
tms.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
omns.americanexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-06-04`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
liveperson.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-28` - `2024-01-29`	a year	crt.sh
lpchat.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2023-05-27` - `2024-05-23`	a year	crt.sh
AEOPPRODVIP.ACXIOM.COM Entrust Certification Authority - L1K	`2023-02-24` - `2024-03-24`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Frame ID: A59A0A1CB5122668EA53858412F8DF13
Requests: 153 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: D7D544B5A78BA1D72EB7BB5230D4C1AB
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: A56A44F5593FA5C789C0601F5E37DAC9
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: 375C169B2613DC4C80C3BC48D80DD99F
Requests: 1 HTTP requests in this frame

Frame: https://acquisition-1.americanexpress.com/home/report/security/csp-violation
Frame ID: F568B581AA6EBE09CB4B032994765027
Requests: 1 HTTP requests in this frame

Frame: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: D930C5DA4AADFA6AE1E0F373471BD22F
Requests: 2 HTTP requests in this frame

Frame: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690770609539&loc=https%3A%2F%2Fwww.americanexpress.com
Frame ID: EAE873855C4A43FA58B86551D84BA4F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cash Back Credit Cards | American Express axp-glyph-down axp-glyph-down axp-icon-search axp-icon-search axp-icon-search axp-glyph-right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

161
Requests

91 %
HTTPS

12 %
IPv6

17
Domains

32
Subdomains

27
IPs

3
Countries

3405 kB
Transfer

10992 kB
Size

46
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Register&Face=en_US#/&inav=menu_myacct_create_online_account
Title: Create Your Online Account

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=menu_myacct_acctsum
Title: Account Home

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/gce/us/action/home?request_type=un_Activation&Face=en_US#/&inav=menu_myacct_confirm_card
Title: Confirm Your Card

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/activity?inav=menu_myacct_viewstmt
Title: Statements & Activity

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/account-management?inav=menu_myacct_profile_preference
Title: Account Services

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/card-benefits/view-all?inav=menu_myacct_cardbenefits
Title: Card Benefits

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=menu_myacct_smallbusiness
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www347.americanexpress.com/ATWORK/en_US/atwork.do?pageAction=initialize&inav=menu_myacct_atwork
Title: American Express @Work

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/onlinebanking/login.do?extlink=ps2020=GIN-H&inav=us_menu_my_account_other_accounts_savings_accounts
Title: Savings Accounts

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/summary?inav=menu_myacct_mrpointsum
Title: Membership Rewards® Point Summary

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/?solid=iNavMyAccountbb&inav=menu_myacct_bluebird&intlink=us-amex-prepaid-bluebird-inav_menu_myacct
Title: BlueBird Alternative to Banking

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/login/en-US?DestPage=https%3A%2F%2Ffreecreditscore.americanexpress.com%2Fmycreditguide%2Fenroll.do&inav=menu_myacct_creditscore
Title: Free Credit Score & Report

Search URL Search Domain Scan URL

URL: https://www.serve.com/?SOLID=4AMEX&extlink=us-amex-home-header&inav=menu_cards_reloadablecards
Title: Prepaid Debit Cards

Search URL Search Domain Scan URL

URL: https://www.amexgiftcard.com/?extlink=us-giftcard-home-footer&inav=menu_cards_giftcards&SOLID=AMEX1
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/onlinebanking/login.do?&inav=us_menu_savings_and_loans_savings_accounts_login
Title: Log In To Your Savings Account

Search URL Search Domain Scan URL

URL: https://www.amextravel.com/featured-hotel-searches?inav=us_menu_travel_personal_travel_bookfhr
Title: Book Fine Hotels & Resorts®

Search URL Search Domain Scan URL

URL: https://hotel-booking.americanexpress.com/en-us/thc/welcome?inav=us_menu_travel_personal_travel_bookthc
Title: Book The Hotel Collection

Search URL Search Domain Scan URL

URL: https://www.americanexpresscruise.com/promos/cruise
Title: Book Cruise Privileges Program

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/?inav=menu_travel_corporate_travel_solutions
Title: Corporate Travel Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/meetings-events/?inav=menu_travel_business_travel_meetings_events
Title: Meetings and Events

Search URL Search Domain Scan URL

URL: https://aeti.americanexpress.com/travel-insurance/home.do?inav=menu_travel_protection
Title: Travel Insurance

Search URL Search Domain Scan URL

URL: https://americanexpress.com/us/credit-cards/features-benefits/policies/?inav=menu_travel_covid
Title: COVID-19 Travel Insurance FAQ

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards?inav=us_menu_rewards_benefits_rewards_mr
Title: Membership Rewards®

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/entertainment/home?inav=us_menu_rewards_benefits_benefits_entertainment_events
Title: Entertainment and Events

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/calculator?inav=us_menu_rewards_benefits_manage_membership_points_value_calculator
Title: Points Value Calculator

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/points-for-charges?inav=us_menu_rewards_benefits_manage_membership_cover_card_charges
Title: Cover Card Charges

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/pay-with-points?inav=us_menu_rewards_benefits_manage_membership_pay_with_points
Title: Pay with Points

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards/gift-cards?inav=us_menu_rewards_benefits_manage_membership_redeem_points_gift_cards
Title: Redeem points for Gift Cards

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=iNUtlContact
Title: Help

Search URL Search Domain Scan URL

URL: https://ir.americanexpress.com/investor-relations/default.aspx?inav=us_footer_about_investor_relations
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/globalnetwork/v4/?inav=us_footer_about_global_network
Title: Global Network

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/help?inav=footer_contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/rewards?us_nu=dd&inav=footer_mr
Title: Membership Rewards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressUS

Search URL Search Domain Scan URL

URL: https://twitter.com/askamex

Search URL Search Domain Scan URL

URL: https://www.instagram.com/AmericanExpress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-express

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmericanExpress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632

Request Chain 86

https://ad.doubleclick.net/ddm/activity/src=8627703;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906? HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906? HTTP 302
https://adservice.google.com/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906 HTTP 0
https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906

Request Chain 87

https://dc.ads.linkedin.com/collect/?pid=1197&fmt=gif HTTP 0
https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQJvf8K4oKYfEQAAAYmpyAyey0Ol22YzeUKfYuknNAAnBMdtIe6HCCf07hJJY5mkhlffO2EtiK_fvw

Request Chain 92

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=368381787.33440906 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=368381787.33440906&dcc=t

Request Chain 93

https://www.googleadservices.com/pagead/conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rxzHZOiYEuOi9u8PhsSfoAI&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gAMVY5H9Bx0G4gck HTTP 302
https://www.google.com/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gAMVY5H9Bx0G4gck&is_vtc=1&ocp_id=rxzHZOiYEuOi9u8PhsSfoAI&cid=CAQSKQBpAlJW9VarOtwRS9K9y5ueKGpoBg6dlf8pqHhnEetKznrGXAm9Qevr&random=1468325069 HTTP 0
https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gAMVY5H9Bx0G4gck&is_vtc=1&ocp_id=rxzHZOiYEuOi9u8PhsSfoAI&cid=CAQSKQBpAlJW9VarOtwRS9K9y5ueKGpoBg6dlf8pqHhnEetKznrGXAm9Qevr&random=1468325069&ipr=y

Request Chain 150

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null HTTP 302
https://www.google.com/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386 HTTP 0
https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386&ipr=y

161 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.americanexpress.com/us/credit-cards/category/cash-back/ 268 KB
47 KB 242ms
205ms Document
text/html 104.102.52.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.52.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-52-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

c7210e8df68b75f38fa50cc5cf9cbf8c3ce4dc1fd18f648f02822f89022e5784

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'nonce-110b48e7-5735-4de2-94f5-d17c6c0c16ae' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-security-policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'nonce-110b48e7-5735-4de2-94f5-d17c6c0c16ae' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
content-type: text/html; charset=utf-8
date: Mon, 31 Jul 2023 02:30:05 GMT
etag: W/"42f0a-kV/FOA/2urIIhlTY81nrEk5Ym2I"
one-app-version: 4.92.1-af1f6806
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 43383 0 pmb=mTOE,1
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
38 KB 55ms
15ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-94c5"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 38085
expires: Mon, 28 Sep 2020 06:37:16 GMT

GET
H2 200 325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/nav/ngn/fonts/ 68 KB
69 KB 75ms
36ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-11086"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 69766
expires: Thu, 01 Oct 2020 14:26:25 GMT

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ 36 KB
37 KB 74ms
35ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-9121"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37153
expires: Mon, 25 Jan 2021 11:07:20 GMT

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
37 KB 74ms
35ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-943d"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37949
expires: Fri, 27 Nov 2020 03:31:12 GMT

GET
H2 200 dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/iconfont/ 34 KB
34 KB 74ms
35ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/iconfont/dls-icons.woff?v=5.10.0
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-87c4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 34756

GET
H2 200 acq-shop-us-consumer.css
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 310 KB
43 KB 54ms
15ms Stylesheet
text/css 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2af7fe57e1230c553d70476ffe391127aacf4a0d3d7bcf712675f3e27c643171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-4d9c7"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 43586

GET
H2 200 dls.min.css
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/ 362 KB
48 KB 73ms
34ms Stylesheet
text/css 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/styles/dls.min.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 862ae6720e612d09b0f08cf8fa87e0e0e9e5808ea957adce4a3c0e432161031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 21:23:58 GMT
etag: W/"64936a6e-5a775"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 48725

GET
H2 200 CardCategory.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 625 KB
180 KB 73ms
34ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/CardCategory.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f5fe1cbea688b8fa501f4a7b6a26234c488f6880fef3de82d9ce88160deb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-9c3bb"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 184397

GET
H2 200 CardCategory.css
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 76 KB
12 KB 72ms
34ms Stylesheet
text/css 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/CardCategory.css
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65d652511a319fef8f7d3d5619f75d4432ca874322df389d6efe902c90eabf7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-13020"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 11619

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 49ms
47ms Image
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-c95"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1355

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 43ms
41ms Image
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 372c8a5ed0a956b5d75d6e865751c2098b0bc1be5d3d3ddec7f0e9c108a45d18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-b47"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1189

GET
H2 200 dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/ 3 KB
1 KB 43ms
42ms Image
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack-white.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a3cac8efcfbdd85c05051c74db0f67f2ff1de09da283973a6c2db9b1691d16c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-b47"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1187

GET
H2 200 dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/ 10 KB
2 KB 43ms
41ms Image
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/dls-flag-us.svg
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e69d49b8806f3eccd600d3e715c879031ead2bb7227338ebc2dc5a2b7b50da9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2018 21:42:58 GMT
etag: W/"5a6a4f62-26d2"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1732

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 app~vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 996 KB
232 KB 17ms
15ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app~vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-f8f36"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 237539

GET
H2 200 runtime.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 14 KB
5 KB 34ms
32ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/runtime.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-39bf"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5273

GET
H2 200 vendors.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 787 KB
201 KB 27ms
25ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-c4c2b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 205949

GET
H2 200 en-US.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/ 25 KB
4 KB 27ms
25ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en-US.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-65aa"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 4154

GET
H2 200 axp-acq-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-acq-root/3.27.0/ 232 KB
61 KB 43ms
41ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-acq-root/3.27.0/axp-acq-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0c058f37d15bc97cf0a2358bcfd2e4447954044a6854145e09991b31b944c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2023 12:35:56 GMT
etag: W/"6464ca2c-39ef7"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 62448

GET
H2 200 axp-root.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/ 39 KB
11 KB 27ms
25ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/axp-root.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f8678499879f157a0335a8553172733efe468a81f2a565045fff0751659eb16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 15:28:56 GMT
etag: W/"5f3e96b8-9d96"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 10782

GET
H2 200 acq-shop-us-consumer.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/ 2 MB
437 KB 43ms
41ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6a48547b7ca5cee0d0409f9973ec1dc82018a1a03d3a2e3ade3b084cad7f8ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 17:07:59 GMT
etag: W/"64beafef-1a3d15"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 447473

GET
H2 200 axp-data-layer.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/ 213 KB
57 KB 42ms
41ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47846f8145bd543eea6812f17609c398d31e65a7b9bf6a9218fa7b8f2eff3e05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 16:54:22 GMT
etag: W/"5f5908be-354a0"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 58210

GET
H2 200 axp-one-seo.client.js Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-one-seo/1.4.1/ 37 KB
11 KB 29ms
27ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-one-seo/1.4.1/axp-one-seo.client.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e78a54c2b44d2d2e1db439e13e8d248dedfaf568377d6cc11d0053ec6958ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 16:02:39 GMT
etag: W/"5ff7309f-953a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 11416

GET
H2 200 app.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/ 204 KB
50 KB 30ms
28ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-32f27"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 51004

GET
H2 200 dls.min.js Show response
www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/scripts/ 118 KB
26 KB 30ms
28ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/dls/6.25.2/package/dist/6.25.2/scripts/dls.min.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c610ed2fb331794caac511b4905f20eaea7d8c2b1a790fc18bcadf40c692021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 21:23:37 GMT
etag: W/"64936a59-1d75b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 25950

GET
H2 200 navScript.js Show response
icm.aexp-static.com/content/Navigation/NavScript/ 3 KB
1 KB 40ms
16ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/Navigation/NavScript/navScript.js

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cfae73d7f4bacf9d15c4e26acfd4dc290d2468d840f93b43395ded65b779f8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Thu, 27 Jul 2023 06:40:45 GMT
server: Akamai Resource Optimizer
etag: "ba4-5ff2b974177f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=8294
accept-ranges: bytes
content-length: 1030

GET
H2 200 one-xp-qa-tool-E3.js Show response
www.aexp-static.com/cdaas/one-xp-qa-tool/ 42 KB
11 KB 27ms
25ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one-xp-qa-tool/one-xp-qa-tool-E3.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9462374d6e795d42042dc2c976daa90aa0f640aa31303d27230017a3af5cef32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 19:35:03 GMT
etag: W/"5f89f5e7-a7d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 11252
expires: Mon, 19 Apr 2021 20:25:04 GMT

GET
H2 200 PB0CFn4 Show response
www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/ 206 KB
74 KB 155ms
155ms Script
application/javascript 104.102.52.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.52.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-52-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 17:14:24 GMT
etag: "4ae962072dc2c7e374b2ff8b2d2d17b19dd05831b57b20557ddcc7f961dbbd8a"
stored-attribute-sha-checksum: ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21600
content-length: 75203

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 708ms
132ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-c3e9e341-a6f7-4867-abea-6dbeb5a99cbd' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-c3e9e341-a6f7-4867-abea-6dbeb5a99cbd' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:06 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/ 75 KB
75 KB 16ms
16ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/Roboto-Regular.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

Request headers

Referer: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-12bf8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 76792

GET
H2 200 Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/ 71 KB
72 KB 24ms
24ms Font
font/woff 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/fonts/Roboto-Medium.woff
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

Request headers

Referer: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.css
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-11cfc"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 72956

GET
H2 200 script-supplier.js Show response
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/ 81 KB
27 KB 16ms
16ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77166e2033cc977e5f8397e64bc0398ff43237bab55d4c807148184fba9fa4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:05 GMT
content-encoding: gzip
last-modified: Sat, 24 Jun 2023 00:37:39 GMT
etag: W/"64963ad3-14402"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 27139

GET
H2 200 tracking.gif Show response
track.sv.rkdms.com/ 43 B
263 B 401ms
103ms Fetch
image/gif 35.168.201.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.sv.rkdms.com/tracking.gif?sv_cid=5345_04530&sv_uid=51587411554400647649956183062870984894|9
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.201.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-201-13.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:06 GMT
server: nginx/1.22.0
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.americanexpress.com
cache-control: private, no-cache, proxy-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 en-BB~i1~a1e63395.js Show response
www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/ 18 KB
2 KB 19ms
19ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/i18n/en~i18n/en-001~i18n/en-150~i18n/en-AG~i18n/en-AI~i18n/en-AS~i18n/en-AT~i18n/en-AU~i18n/en-BB~i1~a1e63395.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 15:42:22 GMT
etag: W/"6273f05e-4995"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 1695

POST
H2 201 PB0CFn4 Show response
www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/ 18 B
843 B 271ms
271ms XHR
application/json 104.102.52.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.52.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-52-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 371aba82-6d69-4f7a-9ecb-dd3fa28631ad
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 447 B
503 B 429ms
128ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=user-consent-management&version=%5E1.0.0&environment=e3&cache=1690770

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

f1070bb9a8a71c8cbde3234cb1acaa84478957d3279d906d14dd21c6d8d38d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Mon, 31 Jul 2023 02:30:06 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 318

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 282ms
175ms Preflight 104.102.51.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.51.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-51-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 31 Jul 2023 02:30:06 GMT
Expires: Mon, 31 Jul 2023 02:30:06 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 367ms
148ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 31 Jul 2023 02:30:06 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 25330 Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/vac/category/ 282 KB
56 KB 987ms
515ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/vac/category/25330?filters=cash-back

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e8272a7d64bea30f2c77a0f97dbc55293b8134bf35ee06c14194e500f4b64073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:06 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=2650;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET
H2 200 categoryStaticPageData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 54 KB
12 KB 156ms
156ms Fetch
application/json 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/categoryStaticPageData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

b65848085c070eb7e149c1f9e9f72016726a0136abc9d49e1449455ec8b305ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:06 GMT
last-modified: Thu, 13 Apr 2023 19:14:31 GMT
etag: "d6ed-5f93c88c12897-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=12719
accept-ranges: bytes
content-length: 11727

GET
H2 200 cpsTnlData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 92 KB
11 KB 53ms
53ms Fetch
application/json 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/cpsTnlData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

56b05208c2ef3ff2e15b56c18dfc4572be92cbc080337d23649d1c13e439870e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:06 GMT
last-modified: Thu, 13 Jul 2023 17:30:51 GMT
etag: "1718c-60061b193aa2c-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=8695
accept-ranges: bytes
content-length: 10724

GET
H2 200 dls-icon-right-filled.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 235 B
406 B 499ms
499ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-right-filled.svg

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

328ce5d279d3460b4be91c3ecc12443071e59b1e1353542622cb102e0d713aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:06 GMT
last-modified: Sun, 25 Sep 2022 22:27:15 GMT
server: Akamai Resource Optimizer
etag: "eb-57d4b419a09b0-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=16954
accept-ranges: bytes
content-length: 160

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 46 B
1 KB 313ms
293ms Fetch
application/json 104.102.51.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.51.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-51-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdef96856fe5bd7ac5cdda67fd898f88e775f87d9fd25857546bde9673df9be6

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 02:30:06 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 46
Expires: Mon, 31 Jul 2023 02:30:06 GMT

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 444 B
416 B 342ms
135ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=adobe&version=1.0.0&environment=e3&cache=1690770

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

a663c0b584d67ae10b9e7e3a9f82ecf0b4c3f20dc78a486edef1b9928f5e6c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Mon, 31 Jul 2023 02:30:06 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 329

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 454 B
415 B 342ms
135ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=ensighten&version=0.1.0&environment=e3&cache=1690770

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

cb7a63249a50fab04696f8a6a0d70fc0118cc922fa739bb2316e63242aadbeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Mon, 31 Jul 2023 02:30:06 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 328

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 433 B
400 B 338ms
131ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=dynatrace&version=%5E1.0.0&environment=e3&cache=1690770

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

4d725d85b8124351470aa8d83334cea0ca7b06c1b7be1158efb55c97bcff82cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Mon, 31 Jul 2023 02:30:06 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 313

GET
H2 200 ReadScriptRegistry.v1 Show response
functions.americanexpress.com/ 442 B
407 B 337ms
131ms Fetch 139.71.55.230
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://functions.americanexpress.com/ReadScriptRegistry.v1?name=contentsquare&version=%5E1.0.0&environment=e3&cache=1690770

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.55.230 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

functions-r2a.americanexpress.com

Software

Resource Hash

6cb25f29b93e0195c3379980e8de9aa0288f009bef4f5de89f2e9302f079c40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
date: Mon, 31 Jul 2023 02:30:06 GMT
access-control-max-age: 86400
vary: origin
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
http_status_code: 200
content-length: 321

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 357ms
146ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/axp-data-layer.client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:06 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 axp-root.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/en-us/ 193 B
831 B 18ms
17ms Fetch
application/json 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-root/5.0.0/en-us/axp-root.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 15:28:44 GMT
etag: "5f3e96ac-c1"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 157

GET
H2 200 axp-data-layer.json Show response
www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/en-us/ 232 B
812 B 17ms
17ms Fetch
application/json 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/axp-app/modules/axp-data-layer/5.0.0/en-us/axp-data-layer.json
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 16:54:11 GMT
etag: "5f5908b3-e8"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 141

GET
H/1.1 404
Not Found mid Show response
acqgateway.americanexpress.com/ 122 B
1 KB 626ms
131ms Fetch
application/json 139.71.27.117
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acqgateway.americanexpress.com/mid?pznid=51587411554400647649956183062870984894|9

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.27.117 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acqgateway-r1-vip.americanexpress.com

Software

Resource Hash

babb54e4e3249f10bf3739c171818622ae9cfa157b0a2079cc231e0d4b6e0795

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:06 GMT
X-Permitted-Cross-Domain-Policies: none
x-b3-traceid: d6c7ca7a8e3e8a402f9618ee504107e3
X-DNS-Prefetch-Control: off
Connection: keep-alive
content-length: 122
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
vary: Origin
X-Download-Options: noopen
access-control-allow-origin: https://www.americanexpress.com
content-type: application/json; charset=utf-8
cache-control: no-store, max-age=0
access-control-allow-credentials: true
access-control-expose-headers: x-b3-traceid
Keep-Alive: timeout=5

GET
H2 200 UCM.js Show response
www.aexp-static.com/cdaas/one/user-consent-management/1.9.10/ 134 KB
42 KB 16ms
16ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/user-consent-management/1.9.10/UCM.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 843bcfc0054f7a749fd2919e84db101733044c763c29fc87bb1b03202bd98efe

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 03:22:39 GMT
etag: W/"649e4a7f-2168d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 43045

GET
H2 200 csq.js Show response
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/ 1 KB
769 B 22ms
22ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/csq.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87ecca46c83d2913c0d381687200345db8d9a62255c78e84e5f614f2b173def9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 14:32:53 GMT
etag: W/"64b00b15-421"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 558

GET
H2 200 dynatrace.js Show response
www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/ 31 KB
13 KB 22ms
22ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/dynatrace.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48c5e532bf11365bc3fdc42a9152d003511abed903c9645a1fa7067880c21b90

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 03:09:32 GMT
etag: W/"6376f76c-7bc4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 12691

GET
H2 200 launch-b363d6c28b7c.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/ 283 KB
67 KB 21ms
21ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 804ba55c228a81126b8e2b9a260bc7df58051bfcc820d3d2148350749764d622

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 04:00:51 GMT
etag: W/"649275f3-46a3e"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 68244

GET
H2 200 Bootstrap.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/ 80 KB
23 KB 21ms
21ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de286d1f8cdeb8399d37ca532ded83f7fe18ee155c32f8e921a542574748dfdb

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 07:49:50 GMT
etag: W/"6295c89e-140ab"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: https://www.americanexpress.com
cache-control: max-age=31536000, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 22730

POST
H2 201 PB0CFn4 Show response
www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/ 18 B
821 B 249ms
248ms XHR
application/json 104.102.52.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.52.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-52-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 70c2d206-49f3-439c-82b9-3cca660b52b1
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 uxa.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 402 KB
86 KB 81ms
10ms Script
application/javascript 2600:9000:2490:f200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.15/csq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbce028756fa1340b4e66d4bd45a6f812f7d9c8acb77c40aa06c4a3966e8fd68

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: _js5CtCdf_uNbTJBseRY4PJDP1ldgFgX
content-encoding: br
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 14:52:34 GMT
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 87509
last-modified: Tue, 11 Jul 2023 01:36:51 GMT
server: AmazonS3
etag: "d3bfbc82ca45cead96f3c0a762f8f46a"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: fdORFvIWwmcJROosX4CUsq8be480tik7eLSthbQx12GS68fqBynKyg==

GET
H/1.1 200
OK ruxitagent_A27Vfhjqrux_10233220224103020.js Show response
dynatracepsg.americanexpress.com/jstag/managed/ 198 KB
76 KB 657ms
160ms Script
application/javascript 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/dynatrace-js-client/1.4.0/dynatrace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 87b1236a89f18934179862bf5fd808af2460c7dff7a0b7cbadbbe3a07e88e4ab

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 02:30:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: Tue, 30 Jul 2024 01:41:55 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632

4 KB
2 KB

34ms
33ms

XHR
application/json

34.251.50.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632

Protocol

HTTP/1.1

Server

34.251.50.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-50-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

539882221a0bdc8c7fdf44232c9a115ddedec0eaddc70e2bd9425dfaa011bf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0acdecd4d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: oDWKesqESwE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.americanexpress.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1391
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0b40121e0.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HEhxeKvYTsE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.americanexpress.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1690770606632
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js Show response
www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/ 58 KB
21 KB 17ms
17ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0acd7808230fbefd316cf2523581b2f92fa7f12a59f63e4cf4bc295bbfc47889

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 03:01:45 GMT
etag: W/"64926819-e969"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 20797

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame D7D5 0
0

GET
H2 200 global.min.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/ 16 KB
3 KB 16ms
15ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneapp-webanalytics/global.min.js?vr=1.0
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:28:28 GMT
etag: W/"63be651c-3ee4"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 2415

GET
H2 200 gct_global.js Show response
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 19 KB
5 KB 16ms
15ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct_global.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:33:52 GMT
etag: W/"64358bf0-4aae"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 5153

GET
H2 200 serverComponent.php Show response
tms.americanexpress.com/amex/amexcom/ 389 B
578 B 123ms
39ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards%26ens_env%3D3%26ensMarket%3Den-US%26ensApp%3Dacq%26deviceType%3Dlarge
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: b28210ef50632d1fe99d7b416bda427b67ab76bede635dcf16fa3ed9e0023ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: McskXtVBKgwmVe8-dNVzXhln_rM0YU3Ub44IPtxTpWEeLN3caft3DQ==
expires: Mon, 31 Jul 2023 02:30:05 GMT

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame A56A 0
4 KB 110ms
110ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-3c3fe93d-335b-4c3b-ac89-cb0dc345cf02' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-3c3fe93d-335b-4c3b-ac89-cb0dc345cf02' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:06 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

POST captureevents.do
gct.americanexpress.com/gct/ 0
0

GET
H2 200 ptc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 67 KB
14 KB 9ms
9ms Script
application/javascript 2600:9000:2490:f200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 552768fa93ffc02374e2b586800c238d7fe70d0849bf39817015d0bd398afdc9

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: GFYIXZ_D7hgUc24mDxTDQ6O__XMFGjRY
content-encoding: br
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 14:52:34 GMT
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13882
last-modified: Tue, 11 Jul 2023 01:36:50 GMT
server: AmazonS3
etag: "e7592b40163469fa2ec9dddf2e1b7262"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: zQNZ4DnsN4F7QWTl4JO8opjO2DXEQY1wsxiw6i523_ZBZIHOJf2AVQ==

GET
H2 200 id Show response
omns.americanexpress.com/ 48 B
476 B 69ms
22ms XHR
application/x-javascript 63.140.62.160
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=42149742706775848622089073966257404587&ts=1690770606829

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/launch-b363d6c28b7c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

c305389d0402895649fcaf8426794751f621bdf9f8945df0648a7cbd26d5f339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.americanexpress.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 9840ffd2-0145-4553-8ef1-fcae4ed8efe1
https://www.americanexpress.com/ 36 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanexpress.com/9840ffd2-0145-4553-8ef1-fcae4ed8efe1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ae73a1b8ab93248d6e01191eee887d490c31411cd5935f542f55231040ccfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 36377
Content-Type: application/javascript

GET
H2 200 pcc.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 77 KB
18 KB 9ms
9ms Script
application/javascript 2600:9000:2490:f200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/pcc.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d38ce08adc40ded591c1d4733a9c3dcaad864d8f0172cd950287e4af3d25540

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: rmyb2l2iOSI2CC0ljgS3cW9QAro6cU8Q
content-encoding: br
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 14:52:35 GMT
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18122
last-modified: Tue, 11 Jul 2023 01:36:50 GMT
server: AmazonS3
etag: "84f06e75513780da273fcb15bf6f006d"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: cLOLcC0JB9eangmCzBhyqn8rYEqzQ2Ft9GTMgQJQPDekhtAK0JpiBQ==

GET
H2 200 wr.js Show response
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ 6 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:2490:f200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/wr.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/ptc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f

Request headers

Referer
Origin: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: ymXhHMcWrhUf5SVQxBl7yoGTLFTQoFTS
content-encoding: br
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Sun, 30 Jul 2023 10:10:16 GMT
x-amz-cf-pop: FRA56-P6
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2017
last-modified: Tue, 11 Jul 2023 01:36:49 GMT
server: AmazonS3
etag: "e53f78d1c505fc3271aa87ff1a71d5ac"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: 9IUgjsENDZaGaf8Ns2FALV93sE4Cr2CD1CSBStpQjzm1q41nLpxQzg==

GET
H2 200 87f0334110f27414904b4e29902d34a5.js Show response
tms.americanexpress.com/amex/amexcom/code/ 77 KB
9 KB 24ms
23ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/87f0334110f27414904b4e29902d34a5.js?conditionId0=4829101
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 96a8c21d34ba72c3b1befb7684d57fb64105bc4cbc73645d52067df9259a2bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
x-amz-version-id: moF3xHFz67f.qNwGyu8mI4CptmoT7R.E
content-encoding: br
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 9829071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Mar 2023 10:28:19 GMT
server: CloudFront
etag: W/"17efa3486547e4ffa42835e13a546cc3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: jF_G-5DxQunsWpve6JQtsA-gvQ6BQwDibVb-UcF6rgsGFiwc5E3N_A==

GET
H2 200 fe63bf27e2c0e7ba75765fc8af48766f.js Show response
tms.americanexpress.com/amex/amexcom/code/ 11 KB
4 KB 17ms
16ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.americanexpress.com/amex/amexcom/code/fe63bf27e2c0e7ba75765fc8af48766f.js?conditionId0=421808
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
x-amz-version-id: pZOQgqFNxPOGtiZI4rb1GR_NSN41scWK
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 6817164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 May 2023 03:21:13 GMT
server: CloudFront
etag: W/"d3605580e68458a8c9209b69ed427ab6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: KeuQSRsZjJ3Uf8wWpvjdev4hbHJgo8xBQs-CtwQJGQcW-h69y8ekuQ==

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 364ms
31ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=3776&uu=3b48e6e1-b416-a26b-b213-a67d209df792&sn=1&hd=1690770606&pn=1&dw=1600&dh=2920&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards&uc=1&la=en-US&cvars=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%7D&cvarp=%7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%7D&v=13.28.5&pvt=n&ex=&r=859949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 328ms
32ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&dv=H4sIAAAAAAAAAy2OXWvCMBhG%2F8pLrhRsmvQjXfWqTNiG6xjY4cUcJTFvZjBrS1PZh%2FjfzcVuz%2BF5OBdSvdbtumm36L3tu6c1WZJUZXcokEcq4yKSiVCRSngaSVHohJXaFGVCOVmQN49j9YndFEZ1%2F2edk3FOGcx2ttP9t4eXBjijbAUBiGwFPyKbQzUMDneoNnaK87SgqYDZ5rGpnxfg7AnhAQ%2Bnfg73x7H%2Fwpjz8EjzomSUcwZbaeRo%2F3choTpPxxBgD3JCHTKMdB4DNxadbmUn3W%2BQvjVn54K%2B7MkwogmlqPdk%2Bf5xJdcbdqNNawQBAAA%3D&ct=2&r=779786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 s24879188283953 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 44ms
44ms Script
application/x-javascript 63.140.62.160
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s24879188283953?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=31%2F6%2F2023%202%3A30%3A6%201%200&d.&nsid=15&jsonv=1&.d&mid=42149742706775848622089073966257404587&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&g=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=0&.cm&omn.&lob=acq&country=us&language=en&inav=menu_cards_pc_cashbackcards&.omn&.c&cc=USD&server=www.americanexpress.com&events=event140&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Cacq%7Ccredit-cards%7Ccategory&c3=en&c4=US&c6=D%3Dv6&v8=menu_cards_pc_cashbackcards&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Cacq&c24=US%7Cacq%7Ccredit-cards&v27=US&c30=US%7Cacq%7Ccredit-cards%7Ccategory&c31=US&c38=US%7Cacq%7Ccredit-cards%7Ccategory&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.3.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-06-21&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1600&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&c75=Launch&v75=42149742706775848622089073966257404587&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=169077060658970UAJF2284FBVS3H82TDEHCE1U2F63MN&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.3.9/dcb19cbd6cbf/b4385da1798a/74e098123439/EX480c649e1d664adbae05f25dad34956e-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

7eb91eaedc8fd6282b3fbc4be0ede69b9b7cafec14498f5f0a4a6d515214bd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: FN5fyh66QtY=
date: Mon, 31 Jul 2023 02:30:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4167
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v050-0c77e4b94.edge-irl1.demdex.com 3 ms
pragma: no-cache
last-modified: Tue, 01 Aug 2023 02:30:06 GMT
server: jag
etag: 3630902230896312320-4619667058844176320
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 30 Jul 2023 02:30:06 GMT

GET
H2 200 le-mtagconfig.js Show response
www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/ 2 KB
1 KB 14ms
14ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/oneamex/0.1.1/Bootstrap.js?version_for=0.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:06 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 13:24:48 GMT
etag: W/"5e43fca0-75b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 832
expires: Sun, 14 Feb 2021 08:01:05 GMT

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 109ms
109ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-fe388488-1233-4e4a-afe8-a5b4142ec692' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-fe388488-1233-4e4a-afe8-a5b4142ec692' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:07 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET noscriptamex
tags.wdsvc.net/ 0
0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
634 B 262ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10091564&ec=CPSA9_ZZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 31 Jul 2023 02:30:07 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 235ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1087025278065923&ev=PageView&dpo=LDU&dpoco=0&dpost=0&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 31 Jul 2023 02:30:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8627703;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc...
https://ad.doubleclick.net/ddm/activity/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu...
https://adservice.google.com/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_...
https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_c...

0
0

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=1197&fmt=gif
https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQJvf8K4oKYfEQAAAYmpyAyey0Ol22YzeUKfYuknNAAnBMdtIe6HCCf07hJJY5mkhlffO2EtiK_fvw

0
0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
570 B 263ms
35ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613808224364&event=pagevisit&[line_items][0][product_id]=%271%27&ed[line_items][0][product_name]=CPSA9_ZZ&noscript=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d1d5ce17.1690770607.9288f3d9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1517652732534775
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 333ms
105ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?id=t2_vjf6aeeo&event=Lead&integration=noscript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 conversion
jadserve.postrelease.com/ 43 B
428 B 157ms
39ms Image
image/gif 34.247.45.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/conversion?ntv_pixel_id=d7c4ff32d4374e7da2aef8b33664f6c0&ntv_pixel_value=[optional_float]&ord=368381787.33440906
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.45.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-45-95.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1087025278065923&ev=PageView&cd[product]=ZZ&cd[page_description]=CPSA9_ZZ&dl=https://www.americanexpress.com/&dpo=LDU&dpoco=0&dpost=0&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 31 Jul 2023 02:30:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%...

43 B
855 B

125ms
125ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=368381787.33440906&dcc=t

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 02:30:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E9EGMCWV8DBR8KPRTVHJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 02:30:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VQ6DZV8MB8QXF9J64VS2
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3De175c85a-1ce5-e015-d3f1-01cd7f9773f4%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.americanexpress.com/CPSA9_ZZ&ex-hargs=v%3D1.0%3Bc%3D1900396350101%3Bp%3DE175C85A-1CE5-E015-D3F1-01CD7F9773F4&cb=368381787.33440906&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

/
www.google.de/pagead/1p-conversion/9366399813/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rxzHZOiYEuOi9u8PhsSfoA...
https://www.google.com/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3g...
https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gA...

0
0

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 33ms
33ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBAQEAMAgCsEocEbB%2FsW%2Fi00UMnGxVk%2BghczY3grb5Y8KqZSYAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&r=819110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 32ms
32ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAwXBgREAMAQEsJWqKMbx97X%2FCBKXviNGnqdlBBmpGMCbTHiNWsbHAslQhCIoAAAA&ct=2&isETR=false&isCustomHashId=true&v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&r=529069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 33ms
32ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&dv=H4sIAAAAAAAAAwXBsRHAMAgDwF2YACsCQdqkceHWy%2Fiye%2F6PrWfP124jBluEPKUoVgJe7bo6EyE6o2TfDyb7uOEyAAAA&ct=2&r=501983
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame 375C 0
0

POST csp-violation
acquisition-1.americanexpress.com/home/report/security/ Frame F568 0
0

POST
H2 201 PB0CFn4 Show response
www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/ 18 B
815 B 196ms
196ms XHR
application/json 104.102.52.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/zH9B6HsXS/41ZleUd/taJyzPl/Y6nc/QELEJtJQpbXi/IXh6AQ/HEIf/PB0CFn4

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.52.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-52-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.americanexpress.com
access-control-allow-credentials: true
alb-failover-nimval: 0
x_req_id: 8d022019-531e-4047-98f3-95553ea1588a
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 164ms
31ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=14106077

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 515ms
366ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-51111cbb-8bb2-4242-94e1-f82d6c8e9722' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-51111cbb-8bb2-4242-94e1-f82d6c8e9722' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:07 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 35ms
34ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAAystrklMLqxJLkpNySzRTU4sSimuSU4sSU3PL6oEMoozdJMSk7MBk80PUSYAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&r=394680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 35ms
35ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA3NMTw%2FwqyktrklMLqxJLkpNySzRTU4sSimuSU4sSU3PL6oEMoozdJMSk7MBCguh1ywAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&r=835410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 175ms
109ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-75a92fd2-5e38-46a5-bb8d-2ad627d79d0e' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-75a92fd2-5e38-46a5-bb8d-2ad627d79d0e' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:07 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/ 342 KB
121 KB 26ms
26ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/api/axpi/ensighten/liveengage-lp/le-mtagconfig.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

bacf0b12c65fae75b11c94d7ca718629d0f61df43dd7504949a3ab8acc672761

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 431ms
375ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-6541242c-153d-449b-9d79-e48ebb3b084e' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-6541242c-153d-449b-9d79-e48ebb3b084e' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:07 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK find
one-xp.americanexpress.com/variant/ Frame 0
0 182ms
182ms Preflight 104.102.51.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.51.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-51-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, User-Agent, content-type, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 31 Jul 2023 02:30:07 GMT
Expires: Mon, 31 Jul 2023 02:30:07 GMT
Pragma: no-cache
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK find Show response
one-xp.americanexpress.com/variant/ 46 B
1 KB 211ms
211ms Fetch
application/json 104.102.51.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://one-xp.americanexpress.com/variant/find
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.51.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-51-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdef96856fe5bd7ac5cdda67fd898f88e775f87d9fd25857546bde9673df9be6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 02:30:07 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.americanexpress.com
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, User-Agent, Origin, Accept
Content-Length: 46
Expires: Mon, 31 Jul 2023 02:30:07 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/ 7 KB
3 KB 129ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

43156d6b172ff8739106616042d924a411b79ec139228ce2176f48b9a0dc5fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:30:20 GMT

GET
H2 200 consumer_acq.js Show response
publisher.liveperson.net/external-project/14106077/js/ 3 KB
2 KB 454ms
358ms Script
application/javascript 2a04:4e42::448
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.liveperson.net/external-project/14106077/js/consumer_acq.js
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a04:4e42::448 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: ws /
Resource Hash: 0fda5b32bb5f4cfec48b056cff712764f712c23e55251b99381e2ce457a8b7a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-object-meta-lp-version: 1.0.636
content-encoding: gzip
x-openstack-request-id: tx9d974462c07e400ba40b5-0064c1a238
date: Mon, 31 Jul 2023 02:30:08 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
x-trans-id: tx9d974462c07e400ba40b5-0064c1a238
content-length: 1192
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Wed, 26 Jul 2023 22:33:18 GMT
server: ws
x-timer: S1690770608.655208,VS0,VE351
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT
content-type: application/javascript
x-object-meta-mtime: 1690311712.000000
x-timestamp: 1690410797.91351
cache-control: max-age=600
access-control-allow-credentials: true
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
x-object-meta-lp-project: public
x-cache-hits: 1

GET
H2 200 ui-framework.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 40 KB
15 KB 306ms
80ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ui-framework.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:07 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 88 KB
30 KB 326ms
99ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/UMSClientAPI.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:07 GMT

GET
H2 200 lpChatV3.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 92 KB
31 KB 286ms
60ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/lpChatV3.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:07 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 8 KB
3 KB 306ms
80ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/surveylogicinstance.min.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:27 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:07 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ 6 KB
2 KB 126ms
39ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:30:20 GMT

GET
H2 200 storage.secure.min.html Show response
lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/ Frame D930 39 KB
16 KB 66ms
40ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Mon, 31 Jul 2023 02:30:07 GMT
expires: Tue, 30 Jul 2024 02:30:07 GMT
last-modified: Fri, 17 Mar 2023 01:15:35 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/ Frame D930 3 KB
2 KB 40ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/domainprotection/refererrestrictions?cb=lpCb38790x55408

Requested by

Host: lpchat.americanexpress.com
URL: https://lpchat.americanexpress.com/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.americanexpress.com&site=14106077&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

36e1e2059cb11009fdc583ebc656961aa03999fc3ac3c23360fa16d7c3237270

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpchat.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:30:21 GMT

GET
H2 200 desktopEmbedded.js Show response
lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/ 997 KB
311 KB 37ms
36ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_unified_window/10.29.0.0-release_5595/desktopEmbedded.js?version=10.29.0.0-release_5595

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 01:35:26 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:07 GMT

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 107ms
107ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 31 Jul 2023 02:30:08 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 beacon
iwmapapi.americanexpress.com/ Frame 0
0 107ms
107ms Preflight 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.americanexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,GET,PUT,OPTIONS
access-control-allow-origin: https://www.americanexpress.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 31 Jul 2023 02:30:08 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 axp-glyph-down.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 347 B
426 B 545ms
545ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-glyph-down.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

08843cb6db7bb529c5b6a4ca202abd067d55b186dcbb911894c15938a1765b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Sep 2022 21:00:44 GMT
server: Akamai Resource Optimizer
etag: "15b-5b957d41690c7-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9989
accept-ranges: bytes
content-length: 208

GET
H2 200 icon-generic-cards.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 522 B
527 B 544ms
544ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/icon-generic-cards.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a8f4acf91763177692de540d5bc9b6615c1ad09315b2f5bce8592c56f9954174

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 28 Sep 2022 00:31:27 GMT
server: Akamai Resource Optimizer
etag: "20a-5b95805c519be-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7335
accept-ranges: bytes
content-length: 281

GET
H2 200 axp-icon-search.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 555 B
564 B 482ms
482ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-icon-search.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

574bb84ea46b345970f5958691a46e1ac0c1fd2457047b37703824868043f1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Thu, 29 Sep 2022 23:32:27 GMT
server: Akamai Resource Optimizer
etag: "22b-5b9580ce4d314-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7334
accept-ranges: bytes
content-length: 317

GET
H2 200 axp-glyph-right.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/ 353 B
452 B 511ms
511ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/us-consumer/axp-glyph-right.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b5bd6b720d8d106e3574b1d46b1c38c6c81fe5f1a09653f96437aa3d54c0f6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Tue, 27 Sep 2022 23:25:54 GMT
server: Akamai Resource Optimizer
etag: "161-5b957d41523aa-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=9184
accept-ranges: bytes
content-length: 206

GET
H2 200 dls-icon-plus-circle.svg Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/ 360 B
464 B 556ms
556ms XHR
image/svg+xml 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/SVG/dls/dls-icon-plus-circle.svg

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

992fb685b350a623037c0d7dce20da4b6f505eeee59cba92f53bf03cb2a7acbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 28 Sep 2022 10:23:27 GMT
server: Akamai Resource Optimizer
etag: "168-57d4bfe2b696d-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=23328
accept-ranges: bytes
content-length: 217

GET
H2 200 category-supermarket-hero-L.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 38 KB
38 KB 59ms
58ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/category-supermarket-hero-L.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: da18e644f997587e9d807924817717747f8ed6b827c24fcdfa6ec59c8269d165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 22 Jun 2022 01:40:56 GMT
server: Akamai Image Manager
x-serial: 59
x-check-cacheable: YES
etag: "84a64-5895d50e67253-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=8980
content-length: 39168
expires: Mon, 31 Jul 2023 04:59:48 GMT

GET
H2 200 TravelCreditCards-GlobalAssist-2x.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/medium-2x/ 199 KB
199 KB 27ms
26ms Image
image/avif 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/medium-2x/TravelCreditCards-GlobalAssist-2x.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6caae24d61dc38fb1cd3870ab692d63e291c730d7d7b868ae7206f50540b2847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.americanexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:07 GMT
last-modified: Tue, 24 Jan 2023 11:23:36 GMT
server: Akamai Image Manager
etag: "57b49-54d05d07420c0-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=59799
content-length: 203771
expires: Mon, 31 Jul 2023 19:06:46 GMT

GET
H2 200 Blue-Cash_Preferred-Refresh-L.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 4 KB
4 KB 99ms
97ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/Blue-Cash_Preferred-Refresh-L.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 950fb16de25e8c7d2dbd8eaf446659756acdb9e69ad936a58bfc9689bdc76171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Sun, 17 May 2020 05:16:09 GMT
server: Akamai Image Manager
etag: "865d-5895e9f960d26-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=62471
content-length: 3936
expires: Mon, 31 Jul 2023 19:51:19 GMT

GET
H2 200 blue-cash-preferred.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 15 KB
16 KB 29ms
27ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/blue-cash-preferred.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4865b51ca0d2483ebc8bfdae6848192a2fe7ff946ceda5fdf18eeb82a0b4afc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 09 Jun 2021 15:11:22 GMT
server: Akamai Image Manager
etag: "ac78-5c456ac03f026-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=22030
content-length: 15730
expires: Mon, 31 Jul 2023 08:37:18 GMT

GET
H2 200 blue-cash-everyday.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 24 KB
24 KB 35ms
34ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/blue-cash-everyday.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4af6fb86e4779b581a95ad12c86e089430de363d5881c507903a19559044ad6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Thu, 14 Jul 2022 07:18:33 GMT
server: Akamai Image Manager
x-serial: 281
x-check-cacheable: YES
etag: "d9c4-5e3bd7143c009-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=74656
content-length: 24718
expires: Mon, 31 Jul 2023 23:14:24 GMT

GET
H2 200 cash-magnet.png
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/ 17 KB
18 KB 28ms
27ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/cardarts/cash-magnet.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e0d4bff370215a2abcb31c028db0209ce00bc6224071e6cf2d81df2bfa4018ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 09 Jun 2021 15:10:13 GMT
server: Akamai Image Manager
etag: W/"bff1-5c456abc08642-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=33591
content-length: 17890
expires: Mon, 31 Jul 2023 11:49:59 GMT

GET
H2 200 cardlanding_category_travel.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 12 KB
12 KB 28ms
27ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_travel.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db90275d202e5fe33cc7f76063284cbf078234319c7d652b20871d68fee95ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Tue, 16 Nov 2021 11:43:00 GMT
server: Akamai Image Manager
etag: "36c9-54d060379a6c0-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75559
content-length: 12370
expires: Mon, 31 Jul 2023 23:29:27 GMT

GET
H2 200 cardlanding_category_cashBack.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 12 KB
12 KB 29ms
28ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_cashBack.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c083b54108b865a25464ebf29b76435428f01bd3e8e43212394663df0b170747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Sat, 29 Jan 2022 22:55:53 GMT
server: Akamai Image Manager
etag: "3dab-54d05fa88d540-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 12278
expires: Mon, 31 Jul 2023 14:30:08 GMT

GET
H2 200 cardlanding_category_rewards.jpg
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/ 5 KB
5 KB 26ms
26ms Image
image/avif 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/category/heros/large/cardlanding_category_rewards.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 325ef38a43306e6fd28ef1873ff1848505ac21c1339bbdd1e4d0e0b903f0e23e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 26 Jul 2023 17:16:07 GMT
server: Akamai Image Manager
etag: "27db-54d05fb02e740-gzip"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=18653
content-length: 4981
expires: Mon, 31 Jul 2023 07:41:01 GMT

GET
H/1.1 200
OK cardshopql Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/v3/ 206 KB
40 KB 2054ms
2053ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/v3/cardshopql?query={cardShop(shop:%22consumer%22,page:%22cc%22,country:%20%22us%22,queryParams:%22{\%22params\%22:{\%22entryEEP\%22:\%2225330\%22}}%22){cards{cardFlags{id%20value}filters%20usesCMPZN%20paymentType%20cardType%20productId%20dtmProductName%20specialInd%20cardTitle%20appAssets%20{cardArt}%20pmcCode%20shortName%20cardHeadline%20applyNowLink{dtmTag%20link%20title%20url}fee{%20header%20text}rates{header%20text}controlHow{header%20text}tncLinks{offerTerms{url%20link%20title%20DXP_url%20dtmTag}ratesFees{url%20link%20title%20DXP_url%20dtmTag}}viewDetailsLink{link%20title}IACode%20uaCtaOffer%20{acquisition_offer_id%20applicant_request_token}ctaPostData%20{acquisition_offer_id%20applicant_request_token}dualOffer{text%20header}designVariations%20{%20experienceId%20arrangementId%20dtmCardName%20cardDesigns%20{%20%20id%20%20displayName%20%20state%20%20name%20%20pickerImage%20%20designDtmTag%20%20formFactor%20%20paymentTechnology%20%20digitalAssetId%20%20default%20%20cardArt%20{%20%20%20%20default%20%20%20%20desktop%20%20%20%20desktop2X%20%20%20%20tablet%20%20%20%20tablet2X%20%20%20%20mobile%20%20%20%20mobile2X%20%20}%20}}welcomeOffer{text%20header%20title%20{%20%20%20%20prospect%20%20%20%20member%20%20}}greatFor{description%20toutId%20order}keyProductFeatures{groupHeader%20groupId%20subGroupNames%20features{%20description%20header%20order}}howYouEarnCashBack{features{%20toutId%20header%20description}}benefitsAtAGlance{benefits{%20toutId%20header%20benefitId%20order%20description}}productFeatures{groups{dtmTag%20groupHeader%20order%20groupId%20features{%20description%20header%20order}subGroups{features{%20description%20header%20order}header{headline%20id%20toutId}}}}productId}}}

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

f44ed4aee0a0f4dda34648f67adcc5ae43de8933aa3d3d5b7f759e4c97771e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:09 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=2650;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET
H2 200 compareStaticPageData.json Show response
icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/ 55 KB
9 KB 19ms
19ms Fetch
application/json 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/Acquisition/US_en/AppContent/OneSite/Data/compareStaticPageData.json

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/axp-app/modules/acq-shop-us-consumer/3.0.63/acq-shop-us-consumer.client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

e30a7da8af51846582e4a4e666745fffe7073c15686b1c754a2a7466fa1c1cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Thu, 20 Jul 2023 05:31:34 GMT
etag: "dcb8-600e476233a16-gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=6755
accept-ranges: bytes
content-length: 8230

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 111ms
111ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 202 beacon
iwmapapi.americanexpress.com/ 0
0 135ms
134ms Fetch
text/plain 139.71.16.158
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://iwmapapi.americanexpress.com/beacon

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.16.158 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

iwmapapi22.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.americanexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK pznExtn Show response
acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/ 2 KB
1 KB 524ms
311ms Fetch
application/json 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/api/acquisition/digital/v1/shop/us/cardshop-api/api/v1/cps/content/pznExtn

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

8ea57d3e741b9183ce06a5d29228e41736bb8157a2ae428ab4104da6d33135b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.americanexpress.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:08 GMT
Surrogate-Control: no-store
Transfer-Encoding: chunked
Server-Timing: , VTO;dur=1134;desc=VTO
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Download-Options: noopen
Access-Control-Max-Age: 3000000
X-Frame-Options: ALLOW-FROM https://www.americanexpress.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Methods
X-Aexp-Timestamp: 2023-07-24 16:06:50
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-Aexp-Build: 1009
Expires: 0

GET noscriptamex
tags.wdsvc.net/ 0
0

GET
H2 200 s28814842047369 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 47ms
46ms Script
application/x-javascript 63.140.62.160
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s28814842047369?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=31%2F6%2F2023%202%3A30%3A8%201%200&d.&nsid=15&jsonv=1&.d&mid=42149742706775848622089073966257404587&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&g=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards&c.&cm.&ssf=0&.cm&omn.&pznid=18532373795692733538320646679775823634%7C9&pznrequestid=hixtdwXHgtxsgYjkpBemk7xXRmiTl1hd1690770606767&identifier=acq-shop-us-consumer&element=PZNImpression&lob=acq&detail=PZNProspect0000%3Asuccess%3E%3E%5B%5D&.omn&.c&cc=USD&events=event141&products=%3Bus%3Aconsumer%3A796%3B%3B%3B%3BeVar101%3DA04EA009MY%7CeVar102%3D1%2C%3Bus%3Aconsumer%3A795%3B%3B%3B%3BeVar101%3DA0000H3HEK%7CeVar102%3D2%2C%3Bus%3Aconsumer%3A1084%3B%3B%3B%3BeVar101%3DA0000FY7FP%7CeVar102%3D3&c3=en&c4=US&v4=acq-shop-us-consumer&v5=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EPZNImpression%3E%3EPZNProspect0000%3Asuccess%3E%3E%5B%5D&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=acq-shop-us-consumer&c22=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EPZNImpression%3E%3EPZNProspect0000%3Asuccess%3E%3E%5B%5D&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.3.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-06-21&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&c75=Launch&v75=42149742706775848622089073966257404587&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&lrt=47&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

4fb2b31352f96103b20caf57a2410c716a05bbab117450568ca76fbb6714813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: fMSb5VlpT04=
date: Mon, 31 Jul 2023 02:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4167
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v050-05e724381.edge-irl1.demdex.com 5 ms
pragma: no-cache
last-modified: Tue, 01 Aug 2023 02:30:08 GMT
server: jag
etag: 3630902233369083904-4619634472404345808
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 30 Jul 2023 02:30:08 GMT

GET
H2 200 ClickStreamVars.js Show response
icm.aexp-static.com/Internet/US/DARE/ 3 KB
1 KB 15ms
14ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/Internet/US/DARE/ClickStreamVars.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-241-3.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 31 Jul 2023 02:30:08 GMT
last-modified: Wed, 26 Jul 2023 10:55:08 GMT
server: Akamai Resource Optimizer
etag: "bbe-5bc03519ae7d0-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7308
accept-ranges: bytes
content-length: 837

GET
H2 200 pzncs.min.js Show response
www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/ 9 KB
3 KB 15ms
15ms Script
application/javascript 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/app/4.92.1-af1f6806/vendors.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e950b6503fdc24893b247cccaed9cc937306c8e09cce0b8c8a21979159429a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 12:46:24 GMT
etag: W/"5e5d0020-23bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3043
expires: Fri, 20 Nov 2020 02:33:58 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ 6 KB
2 KB 41ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:08 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:30:20 GMT

POST
H/1.1 204
No Content v2clickStream Show response
aeopprodvip.acxiom.com/services/ 0
429 B 718ms
279ms XHR
text/html 198.160.127.57
ACXIOM

General

Check archive.org

Show headers Download Go to

Full URL

https://aeopprodvip.acxiom.com/services/v2clickStream

Requested by

Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/51/uxa.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

198.160.127.57 Conway, United States, ASN15026 (ACXIOM, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age:31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 31 Jul 2023 02:30:08 GMT
Strict-Transport-Security: max-age:31536000
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Referer
X-Application-Context

GET
H2 200 s26660064335170 Show response
omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/ 4 KB
4 KB 46ms
45ms Script
application/x-javascript 63.140.62.160
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressenterpriseprod/10/JS-2.23.0-LDQM/s26660064335170?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=31%2F6%2F2023%202%3A30%3A8%201%200&d.&nsid=15&jsonv=1&.d&mid=42149742706775848622089073966257404587&aamlh=6&ce=UTF-8&pageName=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&g=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards&c.&cm.&ssf=0&.cm&omn.&identifier=acq-shop-us-consumer&element=ViewAllCards%3AtopThreeCards&lob=acq&detail=blue-cash-preferred%2Cblue-cash-everyday%2Ccash-magnet&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=acq-shop-us-consumer&v5=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EViewAllCards%3AtopThreeCards%3E%3Eblue-cash-preferred%2Cblue-cash-everyday%2Ccash-magnet&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=acq-shop-us-consumer&c22=us%3E%3Eacq-shop-us-consumer%3E%3Eimpression%3E%3EViewAllCards%3AtopThreeCards%3E%3Eblue-cash-preferred%2Cblue-cash-everyday%2Ccash-magnet&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.3.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-A0-msuite%3Atrue-PD%3A2023-06-21&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back&v75=42149742706775848622089073966257404587&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

032b93704be356c7229a9304e5d878c0897dc441b3fd5ceb0f5edd9b106e53e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: ZP87Wa+eTtQ=
date: Mon, 31 Jul 2023 02:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4166
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v050-01c7d5f9c.edge-irl1.demdex.com 5 ms
pragma: no-cache
last-modified: Tue, 01 Aug 2023 02:30:08 GMT
server: jag
etag: 3630902233498910720-4619792802599350428
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 30 Jul 2023 02:30:08 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 32ms
31ms Image
text/plain 52.50.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=H4sIAAAAAAAAA0XKOwrDMBBF0Q15NpBiwLhOE4z7ifQSCfTLjGVjyOJj3KQ8l%2Fu4j99uzOI%2BZKE26kauFusZyhxzU5jFWpiXiH1MaRL1dltrm4MCl5ifqYOcWKDzf0EVfvg3bNDDyzFcyvIuWH9Me4jieAAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.28.5&pid=3776&pn=1&sn=1&uu=3b48e6e1-b416-a26b-b213-a67d209df792&r=965380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-14-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 02:30:08 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 243 B
1 KB 654ms
183ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?&cb=lpCb43076x94305&t=sp&ts=1690770608878&pid=5629575405&tid=132218928&pt=Cash%20Back%20Credit%20Cards%20%7C%20American%20Express&u=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards&sec=%5B%22consumer-acquisitions-onsite%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

ca4f08cb555fb1bc5d869d7002d31c7ddc7fa477006719031a2022cc7ed95da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET

/
www.google.de/pagead/1p-user-list/977472328/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null
https://www.google.com/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386
https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386&ipr=y

0
0

POST
H/1.1 204
No Content csp-violation
acquisition-1.americanexpress.com/home/report/security/ 0
4 KB 118ms
118ms Other
text/plain 139.71.18.229
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.71.18.229 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

acquisition-12.americanexpress.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-b2625a0e-df6a-4601-936b-da0da56c84fc' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Security-Policy: report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'self' dstatic.dev.ipc.us.aexp.com wss://*.americanexpress.com wss://*.aexp.com *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://*.liveperson.net *.liveperson.net *.liveperson.com *.lpsnmedia.net *.liveengage.net *.liveengage.com *.liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-b2625a0e-df6a-4601-936b-da0da56c84fc' c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com *.liveperson.net *.lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' *.aexp.com *.americanexpress.com *.aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ *.doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' *.aexp.com *.aexp-static.com *.liveperson.net *.americanexpress.com; connect-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net *.liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com; worker-src 'self' *.aexp.com *.americanexpress.com *.aexp-static.com blob:; frame-ancestors none; frame-src blob: *.aexp.com aexp.demdex.net *.idfy.io *.idfy.no *.americanexpress.com *.liveperson.net service.maxymiser.net *.aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
X-Content-Type-Options: nosniff
Date: Mon, 31 Jul 2023 02:30:09 GMT
X-Download-Options: noopen
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods
Access-Control-Allow-Origin: https://www.americanexpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
One-App-Version: 4.92.1-af1f6806
Keep-Alive: timeout=5
Access-Control-Allow-Headers
X-XSS-Protection: 1; mode=block

GET
H2 200 postmessage.min.html Show response
va.v.liveperson.net/postmessage/ Frame EAE8 11 KB
5 KB 803ms
803ms Document
text/html 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690770609539&loc=https%3A%2F%2Fwww.americanexpress.com

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding: gzip
content-type: text/html
date: Mon, 31 Jul 2023 02:30:10 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
335 B 156ms
156ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-11%24CM8376J3PVQSLB3IGGH3A8HB2VTBSS1E;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards;visitID=OMRHMUPMHWROOFSHHKDUKCUOEAJSCBQK-0;app=24FF88ADA3BFD2CE;crc=1160880534;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 31 Jul 2023 02:30:09 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

POST
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ Frame EAE8 385 B
1 KB 207ms
207ms XHR
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=bQHENszxR46BmxnPx52NvA&__d=53142

Requested by

Host: va.v.liveperson.net
URL: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690770609539&loc=https%3A%2F%2Fwww.americanexpress.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

db28a5341b4eb8eb02e0292a1d034b790f2321fa405fd2ba5a49088112bfd221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

LP-DOMAIN-REFERER: https://www.americanexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.v.liveperson.net/postmessage/postmessage.min.html?bust=1690770609539&loc=https%3A%2F%2Fwww.americanexpress.com
X-Requested-With: XMLHttpRequest
LP-URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-allow-origin: https://va.v.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/ 10 KB
4 KB 24ms
21ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/overlay.js?_v=3.55.0.0-release_5152

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

990d600d7846c6aafbb84ed023425439171f2aaa319572bc9c1cf4d1c9bdc36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:46:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:10 GMT

GET
H2 200 UISuite.js Show response
lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/ 30 KB
12 KB 44ms
41ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/UISuite.js?_v=3.55.0.0-release_5152

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 May 2023 01:46:33 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 30 Jul 2024 02:30:10 GMT

GET
H2 200 5786 Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/campaigns/263832514/engagements/263841314/revision/ 2 KB
2 KB 45ms
44ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/campaigns/263832514/engagements/263841314/revision/5786?v=3.0&cb=lp263841314&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

70a50f9026f589e94f618afc733fdf07aaa3998a0d64463df6884d3c7aa19d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:31:10 GMT

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 95ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=bQHENszxR46BmxnPx52NvA&cb=lpCb74218x89069&t=pl&ts=1690770608882&pid=5629575405&tid=132218928&vid=I5NzQ3NjAwN2M5OWFmYmI4

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

42848fb75d20d10b01e829a3fb5823c83f9ccdf9b2d7c932f4fa1ec3c4ca54db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 263840714 Show response
accdn.lpsnmedia.net/api/account/14106077/configuration/engagement-window/window-confs/ 5 KB
3 KB 42ms
42ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/14106077/configuration/engagement-window/window-confs/263840714?cb=lpCb5164x65310

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

2d9e3858d4b843b4b0f51d854c2be749c88c84a610eafd4ed00dc52147cd0a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 31 Jul 2023 02:31:10 GMT

GET
H2 200 pill-button.png
icm.aexp-static.com/Internet/SMC/images/Chat/ 4 KB
5 KB 17ms
17ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/SMC/images/Chat/pill-button.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
last-modified: Sun, 30 Oct 2022 09:47:37 GMT
server: Akamai Image Manager
x-serial: 1145
x-check-cacheable: YES
etag: "2637-54ea041d89480-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=52658
content-length: 4576
expires: Mon, 31 Jul 2023 17:07:48 GMT

GET
H2 200 pill-button.png
icm.aexp-static.com/Internet/SMC/images/Chat/ 4 KB
5 KB 16ms
16ms Image
image/webp 23.201.241.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icm.aexp-static.com/Internet/SMC/images/Chat/pill-button.png
Requested by: Host: lpchat.americanexpress.com
URL: https://lpchat.americanexpress.com/le_re/3.55.0.0-release_5152/jsv2/overlay.js?_v=3.55.0.0-release_5152
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.241.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-241-3.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
last-modified: Sun, 30 Oct 2022 09:47:37 GMT
server: Akamai Image Manager
x-serial: 1145
x-check-cacheable: YES
etag: "2637-54ea041d89480-gzip"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=52658
content-length: 4576
expires: Mon, 31 Jul 2023 17:07:48 GMT

GET
H2 200 14106077 Show response
va.v.liveperson.net/api/js/ 42 B
838 B 94ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/14106077?sid=bQHENszxR46BmxnPx52NvA&cb=lpCb82594x20893&t=uc&ts=1690770610721&pid=5629575405&tid=132218928&vid=I5NzQ3NjAwN2M5OWFmYmI4&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A263832514%2C%22engId%22%3A263841314%2C%22revision%22%3A5786%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=consumer-acquisitions-onsite&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

cb8b785f6dfd889cdfe716bf3ec35643fc335f83e213e4cc547fc1692ee97629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 02:30:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
335 B 155ms
155ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-11%24CM8376J3PVQSLB3IGGH3A8HB2VTBSS1E;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards;visitID=OMRHMUPMHWROOFSHHKDUKCUOEAJSCBQK-0;app=24FF88ADA3BFD2CE;crc=3336669243;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 31 Jul 2023 02:30:10 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

POST
H/1.1 200
OK 8264482b-dee3-4f6d-be79-c4d3fee1d8c7 Show response
dynatracepsg.americanexpress.com/bf/ 28 B
335 B 310ms
309ms XHR
text/plain 139.71.89.13
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL: https://dynatracepsg.americanexpress.com/bf/8264482b-dee3-4f6d-be79-c4d3fee1d8c7?dtCookie=-11%24CM8376J3PVQSLB3IGGH3A8HB2VTBSS1E;dtLatC=19;referer=https%3A%2F%2Fwww.americanexpress.com%2Fus%2Fcredit-cards%2Fcategory%2Fcash-back%2F%3Finav%3Dmenu_cards_pc_cashbackcards;visitID=OMRHMUPMHWROOFSHHKDUKCUOEAJSCBQK-0;app=24FF88ADA3BFD2CE;crc=2228806737;end=1
Requested by: Host: dynatracepsg.americanexpress.com
URL: https://dynatracepsg.americanexpress.com/jstag/managed/ruxitagent_A27Vfhjqrux_10233220224103020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.89.13 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS
Software: /
Resource Hash: 1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 31 Jul 2023 02:30:12 GMT
Access-Control-Allow-Methods
Content-Type: text/plain;charset=utf-8
Access-Control-Allow-Origin: https://www.americanexpress.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Content-Length: 28

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: gct.americanexpress.com
URL: https://gct.americanexpress.com/gct/captureevents.do?js_source=cdaas_gctglobal

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: adservice.google.de
URL: https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQJvf8K4oKYfEQAAAYmpyAyey0Ol22YzeUKfYuknNAAnBMdtIe6HCCf07hJJY5mkhlffO2EtiK_fvw

Domain: www.google.de
URL: https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gAMVY5H9Bx0G4gck&is_vtc=1&ocp_id=rxzHZOiYEuOi9u8PhsSfoAI&cid=CAQSKQBpAlJW9VarOtwRS9K9y5ueKGpoBg6dlf8pqHhnEetKznrGXAm9Qevr&random=1468325069&ipr=y

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: acquisition-1.americanexpress.com
URL: https://acquisition-1.americanexpress.com/home/report/security/csp-violation

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: tags.wdsvc.net
URL: https://tags.wdsvc.net/noscriptamex?id=100239

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386&ipr=y

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.americanexpress.com/	1970-01-20 22:25:06	Name: agent-id Value: a1d81cb3-c856-4e87-b137-2bc2f77f8ffa
.americanexpress.com/	1970-01-20 13:39:37	Name: ak_bmsc Value: 977751B18AB194F17E15484951116B44~000000000000000000000000000000~YAAQhfAQAqeobKmJAQAAzwXIqRT4tYG04NoRBxHj39nfZh3ZofjNirWMZzamj4se34eFRg6t7ANo8sZ8/bO7iccSZfqOEfNHYAuf1V4EXOtqPsdCZQmNmHRlPV6lGiqXrKtUMiidk8ar0UBrfsMSWhSlisX6EdLAOkjZ6zfpDCMrUZ1EH24hkerLL9har2X5twdoKExnVRKhns1LKM/BfMKZ2/fKBKWAXyZir0iev9g+m5G5rTU3um+VHAIhL4I5vlhOeVZqHo0Lbiix2AJbBUd2NSELIVTXIEj+Tp7Ps+NkpgRLkoCFdt9OdiB6fAHojE0zgyjKcIAdtMSGKqhf3P5RkPhNuYeV4+C0uSEURTddN1DJ0AunKp2Wcn2pog6dkVtCK+NzF8xl+ERMp3vPt/WF3PHg
.americanexpress.com/	1970-01-20 13:39:45	Name: bm_sz Value: BB9F71421AC6A5893C7232136A1FAC57~YAAQhfAQAqiobKmJAQAAzwXIqRRjmwzCty4IRd4Z+uKtiw47HSlBAs7z64DOh9qo+3ERCnWuKvHdfgK0zkKpDuqYhGhx1MaN3qsDx5RMhyL8GGV+qc82mTLhxwZ2kgAv7k8G1rwk59XFQ+x7CpUh0IxPphJgabUsU2Fvm9xR4LqPwMHf9fhgB3/q8teBy41tSKykn0VkgjYPHXU73NRE2kLXOeMr7vyTUNyrfL8OB46QNtXsr+1DzUXauuSBjHIagUMHdY8vs0Z/mtI2VeqU/mkkVl/Iojrj0DiCfDUTEKcZEp/109N0URws+mY=~3622201~3159364
.americanexpress.com/	1970-01-20 18:27:30	Name: m_val_pixel Value: 51587411554400647649956183062870984894\|9
.americanexpress.com/	1969-12-31 23:59:59	Name: axplocale Value: en-US
.americanexpress.com/	1969-12-31 23:59:59	Name: dtCookie Value: -11$CM8376J3PVQSLB3IGGH3A8HB2VTBSS1E
.americanexpress.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 169077060658970UAJF2284FBVS3H82TDEHCE1U2F63MN
.demdex.net/	1970-01-20 17:58:42	Name: demdex Value: 41945597107934533982068674662101794339
one-xp.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 0144d4a83958ae09512feb9247a8e9dcd16dfe9dfa39f0e1f0400b9a230f5506a55f0a90fd3c6ec6e29b345169ebab350bda68a53a
.americanexpress.com/	1970-01-20 23:08:54	Name: _cs_c Value: 1
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%226%22%3A%5B%22pageName2%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%2C%228%22%3A%5B%22PageIdentifier%22%2C%22us%7Cacq%7Ccredit-cards%7Ccategory%7Ccash-back%22%5D%7D
.americanexpress.com/	1970-01-20 23:08:54	Name: _cs_id Value: 3b48e6e1-b416-a26b-b213-a67d209df792.1690770606.1.1690770606.1690770606.1.1724934606861
.americanexpress.com/	1970-01-20 23:15:30	Name: s_ecid Value: MCMID%7C42149742706775848622089073966257404587
.americanexpress.com/	1970-01-20 23:15:30	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C42149742706775848622089073966257404587%7CMCAAMLH-1691375406%7C6%7CMCAAMB-1691375406%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1690777806s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0
.americanexpress.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_tp%3D2920%3B%20s_ppv%3Dus%25257Cacq%25257Ccredit-cards%25257Ccategory%25257Ccash-back%252C41%252C41%252C1200%3B%20omn_inav%3Dmenu_cards_pc_cashbackcards%3B%20s_cc%3Dtrue%3B
.americanexpress.com/	1970-01-20 14:22:42	Name: aampros Value: SBO%3D1
.americanexpress.com/	1970-01-20 14:22:42	Name: aam_id Value: 41945597107934533982068674662101794339
.americanexpress.com/	1969-12-31 23:59:59	Name: SaneID Value: 178.162.209.131-1690770606744436
.americanexpress.com/	1970-01-20 23:15:30	Name: pznid Value: 18532373795692733538320646679775823634%7C9
.americanexpress.com/	1969-12-31 23:59:59	Name: CARDSHOP_SESS Value: s%3AhixtdwXHgtxsgYjkpBemk7xXRmiTl1hd.LWhm3TvVcN2MKg5gHiAcoLxRZ%2BKG3zddNU04%2Be5xj%2Fg
acquisition-1.americanexpress.com/	1969-12-31 23:59:59	Name: TS01aa62da Value: 0152a806c1051cff22825698c3c6b419b5d67346aa0384b26433f74b13b69f9a3ff73a20a0ba533b224c5520572e228f03c200d1aa
.americanexpress.com/	1969-12-31 23:59:59	Name: TS019a7663 Value: 0152a806c1051cff22825698c3c6b419b5d67346aa0384b26433f74b13b69f9a3ff73a20a0ba533b224c5520572e228f03c200d1aa
.americanexpress.com/	1970-01-20 22:25:06	Name: lenum Value: 2
.americanexpress.com/	1969-12-31 23:59:59	Name: leshop Value: https://www.americanexpress.com/us/credit-cards/category/cash-back/
.americanexpress.com/	1969-12-31 23:59:59	Name: AMCV_combined Value: 42149742706775848622089073966257404587\|6
.yahoo.com/	1970-01-20 22:25:28	Name: A3 Value: d=AQABBK8cx2QCEMINeJDypa4vHOVBM0U8Ty8FEgEBAQFuyGTQZOANyiMA_eMAAA&S=AQAAAsfuDWm1xK-lOl5KaKXH5vY
.ct.pinterest.com/	1970-01-20 22:25:06	Name: _pinterest_ct_ua Value: "TWc9PSY1LzFZbnFSYmw4cWR6UXBGMXNwcFJ6UEkxTzhiblA5dUJrbTBZb3ZxZnNaOEdWM0hZMHc1c0NjU3IyM21veXBLUWlGaXYyVXlkb0tOdDBidm81T2lOVnAvQlBUSWs3blorbFNsdHRrUTFTOD0mc1BVTGVVdzRxNDBuZVhVWGZYcHlCWUhtb1RzPQ=="
.postrelease.com/	1970-01-20 22:25:06	Name: opt_out Value: 1
.americanexpress.com/	1970-01-20 13:39:32	Name: _cs_s Value: 1.5.0.1690772407304
.linkedin.com/	1970-01-20 22:25:06	Name: bcookie Value: "v=2&fc721a48-498f-435e-8b72-c381142a9b17"
.linkedin.com/	1970-01-20 17:58:42	Name: li_gc Value: MTswOzE2OTA3NzA2MDc7MjswMjGare7/HuJjRfRTns9zwHJj6iIw22qsgw/7nYgRQfA74A==
.linkedin.com/	1970-01-20 13:40:57	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2968:u=1:x=1:i=1690770607:t=1690857007:v=2:sig=AQEkZ3EC2xXrvQjPvpWL55BAYmxA1fPR"
.americanexpress.com/	1970-01-20 22:25:06	Name: _abck Value: 366D59E1B400378884FBDEF7ABBE0389~-1~YAAQhfAQAgOpbKmJAQAA4AzIqQrQS3PSSKkWPc1y6ghovvP25pO/Fy9cs7qqFnp8b+8G9PWRVY858Zk+qNxPPRwWRiTv60AMzmh0hLkVQgeVwlf069GxwAM5e7mYK351qmaqiAys5+nBEcGZcYSv4jn9uXHk9hHy0T7v4fophglLw4k1RGhKSpcXJ8jVQ2T84oO7VxfGTIgQxbm1XFAm0kCBGmAIyyl4InJ6UGYWWr87GXfigG1qVBmUBEOecsbQIf+amQBPUsAyQ9gloCH0ArRM6HLWbOVM1qMz6cQK2tAQphr40bvCPLphjVM4nBARrdKJlbTatMWNME+htkoissAomuIjMvUKOhTPh+I+YX/8l1lAPHfO5dK1NTNpYPIiP/QqGXau/sWrGCvVtCZnQTYp8g==~-1~-1~-1
.doubleclick.net/	1970-01-20 23:01:06	Name: IDE Value: AHWqTUm1Xtxf7vxKH6WmFZo2tZtkXuMeitR_74hYuV0pymYAATHFgqkOYj-ra2f8
.americanexpress.com/	1969-12-31 23:59:59	Name: dtLatC Value: 19
.americanexpress.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.americanexpress.com/	1969-12-31 23:59:59	Name: rxvt Value: 1690772407578\|1690770606590
.americanexpress.com/	1969-12-31 23:59:59	Name: dtPC Value: -11$570606584_158h-vOMRHMUPMHWROOFSHHKDUKCUOEAJSCBQK-0e1
.amazon-adsystem.com/	1970-01-20 19:32:18	Name: ad-id Value: A5cd2mys0U5QhQe_IVg8vBU
.amazon-adsystem.com/	1970-01-20 23:15:30	Name: ad-privacy Value: 0
.americanexpress.com/	1970-01-20 13:39:37	Name: bm_sv Value: 9071F6AA2A12ACC55B9C1E1461028C22~YAAQkfAQAqVJNKmJAQAAFw/IqRSqVf2l0QbzXgC7WDVQimWJk78CBXk6efpKJQCZZ3Ae7gxCkTMaC1QErK7ebXRgKxkDokY2Tl+DkBcKlYEZS0/age5bx1uoEdZmk4sILi7pGh0iMmNg75nAttJqyQqklibik8nFc6og+SHUw6w+Pp5IuN+UUBZjmxGAIK+bbx13LL3CFod4djKzJ2Yxj56xII2dHLB+u2h1t2FOT1PxJP0DYJTGGXuNdMD006tga9uyDOeLm/Os~1
www.americanexpress.com/	1969-12-31 23:59:59	Name: CPS_userType Value: prospect
.americanexpress.com/	1970-01-20 23:15:30	Name: s_pers Value: %20s_tslv%3D1690770606761%7C1753842606761%3B%20s_tbm%3Dtrue%7C1690772406940%3B%20gpv_v41%3Dus%257Cacq%257Ccredit-cards%257Ccategory%257Ccash-back%7C1690772408098%3B
.americanexpress.com/	1970-01-20 22:25:06	Name: LPVID Value: I5NzQ3NjAwN2M5OWFmYmI4
.americanexpress.com/	1969-12-31 23:59:59	Name: LPSID-14106077 Value: bQHENszxR46BmxnPx52NvA

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
network	error	URL: https://acqgateway.americanexpress.com/mid?pznid=51587411554400647649956183062870984894\|9 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://px4.ads.linkedin.com/collect?pid=1197&fmt=gif&e_ipv6=AQJvf8K4oKYfEQAAAYmpyAyey0Ol22YzeUKfYuknNAAnBMdtIe6HCCf07hJJY5mkhlffO2EtiK_fvw' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://adservice.google.de/ddm/fls/p/src=8627703;dc_pre=CKOjw6vzt4ADFXFSkQUdCI0F3A;type=resea0;cat=research;u3=az;u4=https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=368381787.33440906' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://www.google.de/pagead/1p-conversion/9366399813/?label=WYVCNXtmb4DELKYv6oB&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1678713619&sscte=1&crd=&pscrd=IhMIqKzHq_O3gAMVY5H9Bx0G4gck&is_vtc=1&ocp_id=rxzHZOiYEuOi9u8PhsSfoAI&cid=CAQSKQBpAlJW9VarOtwRS9K9y5ueKGpoBg6dlf8pqHhnEetKznrGXAm9Qevr&random=1468325069&ipr=y' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://tags.wdsvc.net/noscriptamex?id=100239' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".
security	error	URL: https://www.americanexpress.com/us/credit-cards/category/cash-back/?inav=menu_cards_pc_cashbackcards Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/977472328/?value=1.00&currency_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&is_vtc=1&random=3486038386&ipr=y' because it violates the following Content Security Policy directive: "img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ *.liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://acquisition-1.americanexpress.com/home/report/security/csp-violation; block-all-mixed-content; default-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'self' dstatic.dev.ipc.us.aexp.com wss://.americanexpress.com wss://.aexp.com .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com omn.americanexpress.com assets.adobedtm.com aexp.demdex.net stage.sp100500b5.guided.ss-omtrdc.net sp100500b5.guided.ss-omtrdc.net service.maxymiser.net api.maxymiser.net wss://.liveperson.net .liveperson.net .liveperson.com .lpsnmedia.net .liveengage.net .liveengage.com .liveper.sn maps.googleapis.com maps.gstatic.com fonts.googleapis.com fonts.gstatic.com csi.gstatic.com ads.yahoo.com cdn.optimizely.com aeopdevvip.acxiom.com aeopprodvip.acxiom.com api.rlcdn.com/api/identity/idl; script-src 'nonce-bebc3cf58af6e40a5bb3d0124eea16d9' 'nonce-110b48e7-5735-4de2-94f5-d17c6c0c16ae' c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com nexus.ensighten.com service.maxymiser.net api.maxymiser.net assets.adobedtm.com .liveperson.net .lpsnmedia.net s.ntv.io ct.contentsquare.net contentsquare.com app.contentsquare.com staging.cdn-net.com www.cdn-net.com utt.impactcdn.com ojrq.net; img-src data: c.evidon.com 'self' .aexp.com .americanexpress.com .aexp-static.com stags.bluekai.com p.adsymptotic.com www.facebook.com www.googleadservices.com/pagead/conversion/ googleads.g.doubleclick.net ad.doubleclick.net ad-emea.doubleclick.net aax-eu.amazon-adsystem.com aax-fe.amazon-adsystem.com private-orm-open-receipt-match.s3.amazonaws.com s.amazon-adsystem.com b92.yahoo.co.jp sp.analytics.yahoo.com b90.yahoo.co.jp b97.yahoo.co.jp alb.reddit.com adservice.google.com www.google.com/ads/user-lists/ www.google.com/pagead/1p-user-list/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ https://ad.soicos.com https://lot.neatpowr.com pixel.sojern.com tag.yieldoptimizer.com dc.ads.linkedin.com px.ads.linkedin.com www.bizographics.com www.linkedin.com/px/ .doublemax.net t.teads.tv track.adform.net jadserve.postrelease.com affleads.latamtracking.com pubads.g.doubleclick.net bat.bing.com/action/ prf.hn c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net pixel.quantserve.com insight.adsrvr.org track.securedvisit.com track.sv.rkdms.com ct.pinterest.com/v3/ .liveperson.net rtb.adgrx.com tags.w55c.net ping.pdst.fm ib.adnxs.com/pixie pmldigital.go2cloud.org/aff_l pixel.efike.co/pixel.php px.sunmedia.tv/tr pixel.loganmedia.mobi/ traffic.kickadsit.com/ tags.srv.stackadapt.com a.tribalfusion.com px.adentifi.com secure.adnxs.com/ amplify.outbrain.com/ tr.outbrain.com/ dr.outbrain.com/ trc.taboola.com/ p1.zemanta.com/ analytics.twitter.com t.co logs-01.loggly.com pixel.cdn.tagular.com tr.line.me d-track.send.microad.jp conv.fout.jp atm.im-apps.net; style-src 'unsafe-inline' .aexp.com .aexp-static.com .liveperson.net .americanexpress.com; connect-src 'self' .aexp.com .americanexpress.com .aexp-static.com c.evidon.com l.evidon.com optoutapi.evidon.com dpm.demdex.net c.contentsquare.net r.contentsquare.net l.contentsquare.net wr-us.contentsquare.net q-aus1.contentsquare.net k-aus1.contentsquare.net .liveperson.net aeopdevvip.acxiom.com aeopprodvip.acxiom.com track.securedvisit.com track.sv.rkdms.com; manifest-src 'self' .aexp.com .americanexpress.com .aexp-static.com; worker-src 'self' .aexp.com .americanexpress.com .aexp-static.com blob:; frame-ancestors none; frame-src blob: .aexp.com aexp.demdex.net .idfy.io .idfy.no .americanexpress.com .liveperson.net service.maxymiser.net .aexp-static.com staging.cdn-net.com www.cdn-net.com; child-src blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
acqgateway.americanexpress.com
acquisition-1.americanexpress.com
adservice.google.de
aeopprodvip.acxiom.com
alb.reddit.com
c.contentsquare.net
ct.contentsquare.net
ct.pinterest.com
dpm.demdex.net
dynatracepsg.americanexpress.com
functions.americanexpress.com
gct.americanexpress.com
icm.aexp-static.com
iwmapapi.americanexpress.com
jadserve.postrelease.com
lpchat.americanexpress.com
lptag.liveperson.net
omns.americanexpress.com
one-xp.americanexpress.com
publisher.liveperson.net
px4.ads.linkedin.com
s.amazon-adsystem.com
sp.analytics.yahoo.com
tags.wdsvc.net
tms.americanexpress.com
track.sv.rkdms.com
va.v.liveperson.net
www.aexp-static.com
www.americanexpress.com
www.facebook.com
www.google.de
acquisition-1.americanexpress.com
adservice.google.de
gct.americanexpress.com
px4.ads.linkedin.com
tags.wdsvc.net
www.google.de
104.102.51.105
104.102.52.74
139.71.16.158
139.71.18.229
139.71.27.117
139.71.55.230
139.71.89.13
151.101.129.140
178.249.97.23
178.249.97.98
178.249.97.99
198.160.127.57
208.89.12.87
212.82.100.181
23.201.241.3
23.206.208.183
2600:9000:2490:f200:c:7c62:1240:93a1
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::448
3.124.173.63
34.247.45.95
34.251.50.248
35.168.201.13
52.46.130.91
52.50.14.35
63.140.62.160
032b93704be356c7229a9304e5d878c0897dc441b3fd5ceb0f5edd9b106e53e5
0768c991ad489ab4b66c8e88a5544abb94115ef3de93e00b3c093e64203b09a5
08843cb6db7bb529c5b6a4ca202abd067d55b186dcbb911894c15938a1765b8f
0acd7808230fbefd316cf2523581b2f92fa7f12a59f63e4cf4bc295bbfc47889
0c545b18b5b3a1a04203b7ce1d5f8bdcadc6ce6973c45907bfa36214d8fa452b
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d38ce08adc40ded591c1d4733a9c3dcaad864d8f0172cd950287e4af3d25540
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e69d49b8806f3eccd600d3e715c879031ead2bb7227338ebc2dc5a2b7b50da9
0fda5b32bb5f4cfec48b056cff712764f712c23e55251b99381e2ce457a8b7a5
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028
1e950b6503fdc24893b247cccaed9cc937306c8e09cce0b8c8a21979159429a6
20f5fe1cbea688b8fa501f4a7b6a26234c488f6880fef3de82d9ce88160deb1b
22c9d84781cb9999dbad4f41d94741eb9719c23095b6cbc6f7e862c45061a696
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2af7fe57e1230c553d70476ffe391127aacf4a0d3d7bcf712675f3e27c643171
2d9e3858d4b843b4b0f51d854c2be749c88c84a610eafd4ed00dc52147cd0a29
301990cbfd7cfbb2598290387839feb818c6b181303ca60a6d05af48e7169430
325ef38a43306e6fd28ef1873ff1848505ac21c1339bbdd1e4d0e0b903f0e23e
328ce5d279d3460b4be91c3ecc12443071e59b1e1353542622cb102e0d713aa7
36c95b7f1550e09a9d117adad5c42308746190679a26dffa399ce87172927e49
36e1e2059cb11009fdc583ebc656961aa03999fc3ac3c23360fa16d7c3237270
372c8a5ed0a956b5d75d6e865751c2098b0bc1be5d3d3ddec7f0e9c108a45d18
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3f30ddd89f97cbcf8892d5960c7c2a497bbad41274665d1cd67bea2ed49aef89
3fdfd860586c30eef9a7ec8baa9619ba862a4d54a679d0d51ce086ae230c193d
42848fb75d20d10b01e829a3fb5823c83f9ccdf9b2d7c932f4fa1ec3c4ca54db
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
43156d6b172ff8739106616042d924a411b79ec139228ce2176f48b9a0dc5fce
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f
47846f8145bd543eea6812f17609c398d31e65a7b9bf6a9218fa7b8f2eff3e05
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
4865b51ca0d2483ebc8bfdae6848192a2fe7ff946ceda5fdf18eeb82a0b4afc1
48c5e532bf11365bc3fdc42a9152d003511abed903c9645a1fa7067880c21b90
491cb352713665f97da7646c38e12eb9d92c8cc2202a42d649f251d5cd34932d
4af6fb86e4779b581a95ad12c86e089430de363d5881c507903a19559044ad6a
4d725d85b8124351470aa8d83334cea0ca7b06c1b7be1158efb55c97bcff82cc
4e78a54c2b44d2d2e1db439e13e8d248dedfaf568377d6cc11d0053ec6958ac0
4fb2b31352f96103b20caf57a2410c716a05bbab117450568ca76fbb6714813a
539882221a0bdc8c7fdf44232c9a115ddedec0eaddc70e2bd9425dfaa011bf7f
53a6c1585cc607835204cc8425e3017c78b9bf420404281315379f22e9464c0a
552768fa93ffc02374e2b586800c238d7fe70d0849bf39817015d0bd398afdc9
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
56b05208c2ef3ff2e15b56c18dfc4572be92cbc080337d23649d1c13e439870e
574bb84ea46b345970f5958691a46e1ac0c1fd2457047b37703824868043f1f9
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5ae73a1b8ab93248d6e01191eee887d490c31411cd5935f542f55231040ccfff
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
65d652511a319fef8f7d3d5619f75d4432ca874322df389d6efe902c90eabf7b
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
69bbce9bc2b08413f077ae55654a7c0f344758608291844a21a4d2542da733c4
6caae24d61dc38fb1cd3870ab692d63e291c730d7d7b868ae7206f50540b2847
6cb25f29b93e0195c3379980e8de9aa0288f009bef4f5de89f2e9302f079c40f
70a50f9026f589e94f618afc733fdf07aaa3998a0d64463df6884d3c7aa19d7d
77166e2033cc977e5f8397e64bc0398ff43237bab55d4c807148184fba9fa4b1
7ca4de911c9fbbcfb473cae42fabeb87d8f73166201567b9ebe9ca229e271551
7eb91eaedc8fd6282b3fbc4be0ede69b9b7cafec14498f5f0a4a6d515214bd3c
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
804ba55c228a81126b8e2b9a260bc7df58051bfcc820d3d2148350749764d622
820cbaecb2ce33be20cd054723b72b2d238255bbc8cc2eab8883d0e0ebb66227
843bcfc0054f7a749fd2919e84db101733044c763c29fc87bb1b03202bd98efe
862ae6720e612d09b0f08cf8fa87e0e0e9e5808ea957adce4a3c0e432161031d
87b1236a89f18934179862bf5fd808af2460c7dff7a0b7cbadbbe3a07e88e4ab
87ecca46c83d2913c0d381687200345db8d9a62255c78e84e5f614f2b173def9
8a3cac8efcfbdd85c05051c74db0f67f2ff1de09da283973a6c2db9b1691d16c
8ea57d3e741b9183ce06a5d29228e41736bb8157a2ae428ab4104da6d33135b5
9462374d6e795d42042dc2c976daa90aa0f640aa31303d27230017a3af5cef32
950fb16de25e8c7d2dbd8eaf446659756acdb9e69ad936a58bfc9689bdc76171
96a8c21d34ba72c3b1befb7684d57fb64105bc4cbc73645d52067df9259a2bdc
990d600d7846c6aafbb84ed023425439171f2aaa319572bc9c1cf4d1c9bdc36a
992fb685b350a623037c0d7dce20da4b6f505eeee59cba92f53bf03cb2a7acbe
9a6bd5c144d709b1e498999209e75c0c667dbfe5722d46d2b06322484e8359d5
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9c610ed2fb331794caac511b4905f20eaea7d8c2b1a790fc18bcadf40c692021
9f8678499879f157a0335a8553172733efe468a81f2a565045fff0751659eb16
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a663c0b584d67ae10b9e7e3a9f82ecf0b4c3f20dc78a486edef1b9928f5e6c90
a8f4acf91763177692de540d5bc9b6615c1ad09315b2f5bce8592c56f9954174
adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b28210ef50632d1fe99d7b416bda427b67ab76bede635dcf16fa3ed9e0023ba0
b5bd6b720d8d106e3574b1d46b1c38c6c81fe5f1a09653f96437aa3d54c0f6dc
b65848085c070eb7e149c1f9e9f72016726a0136abc9d49e1449455ec8b305ea
b6a48547b7ca5cee0d0409f9973ec1dc82018a1a03d3a2e3ade3b084cad7f8ea
babb54e4e3249f10bf3739c171818622ae9cfa157b0a2079cc231e0d4b6e0795
bacf0b12c65fae75b11c94d7ca718629d0f61df43dd7504949a3ab8acc672761
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c083b54108b865a25464ebf29b76435428f01bd3e8e43212394663df0b170747
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c305389d0402895649fcaf8426794751f621bdf9f8945df0648a7cbd26d5f339
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c7210e8df68b75f38fa50cc5cf9cbf8c3ce4dc1fd18f648f02822f89022e5784
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
ca4f08cb555fb1bc5d869d7002d31c7ddc7fa477006719031a2022cc7ed95da6
cb7a63249a50fab04696f8a6a0d70fc0118cc922fa739bb2316e63242aadbeed
cb8b785f6dfd889cdfe716bf3ec35643fc335f83e213e4cc547fc1692ee97629
cbce028756fa1340b4e66d4bd45a6f812f7d9c8acb77c40aa06c4a3966e8fd68
ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
cfae73d7f4bacf9d15c4e26acfd4dc290d2468d840f93b43395ded65b779f8db
d29fa2441296f06e157e332de16ee872b8d0cca8c95f6c15faee70c9bbf2228b
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
da18e644f997587e9d807924817717747f8ed6b827c24fcdfa6ec59c8269d165
db28a5341b4eb8eb02e0292a1d034b790f2321fa405fd2ba5a49088112bfd221
db90275d202e5fe33cc7f76063284cbf078234319c7d652b20871d68fee95ca6
de286d1f8cdeb8399d37ca532ded83f7fe18ee155c32f8e921a542574748dfdb
e0c058f37d15bc97cf0a2358bcfd2e4447954044a6854145e09991b31b944c2b
e0d4bff370215a2abcb31c028db0209ce00bc6224071e6cf2d81df2bfa4018ef
e30a7da8af51846582e4a4e666745fffe7073c15686b1c754a2a7466fa1c1cd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d10bc08b4ecaf6140aaa1510477bdecc7f28776e70281ed7c64dfd01f42ced
e8272a7d64bea30f2c77a0f97dbc55293b8134bf35ee06c14194e500f4b64073
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1070bb9a8a71c8cbde3234cb1acaa84478957d3279d906d14dd21c6d8d38d96
f44ed4aee0a0f4dda34648f67adcc5ae43de8933aa3d3d5b7f759e4c97771e33
f9e337f8b638f175b0d6540c865a7cd3ded40b8325b7e3b88430417715111815
fdef96856fe5bd7ac5cdda67fd898f88e775f87d9fd25857546bde9673df9be6
ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d

www.americanexpress.com Open in urlscan Pro 104.102.52.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

91 %HTTPS

12 %IPv6

17 Domains

32 Subdomains

27 IPs

3 Countries

3405 kBTransfer

10992 kBSize

46 Cookies

38 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.americanexpress.com Open in urlscan Pro
104.102.52.74 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

91 %
HTTPS

12 %
IPv6

17
Domains

32
Subdomains

27
IPs

3
Countries

3405 kB
Transfer

10992 kB
Size

46
Cookies

161 HTTP transactions
5 data transactions