Report - pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html

Report Overview

Submitted URL
pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
IP
104.18.3.35
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 16:46:47
Access
public
Website Title
Log In to My Account | American Express US
Final URL
pub-8a45a991f2304c5faa41697125b93c63.r2.dev/ff2b2359-b206-439c-982c-18673d14fc3f
Tags
american_express financial phishing
urlquery detections
Phishing - American Express

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
icm.aexp-static.com	14960	2010-10-07	2014-03-19	2024-04-01	866 B	31 kB	104.110.3.84
lpchat.americanexpress.com	32480	1995-06-04	2020-04-02	2024-01-25	2.3 kB	1.2 MB	34.120.154.120
www.americanexpress.com	13613	1995-06-04	2013-04-24	2024-04-11	395 B	1.9 kB	104.110.22.253
cdaas.aexp.com	185816	unknown	No data	No data	443 B	0 B	0.0.0.0
pub-8a45a991f2304c5faa41697125b93c63.r2.dev	unknown	unknown	No data	No data	999 B	900 B	104.18.2.35
www.aexp-static.com	12486	2010-10-07	2012-05-24	2024-04-12	11 kB	598 kB	104.110.3.84
dev-mysterious202.pantheonsite.io	unknown	2016-01-29	2024-02-25	2024-03-18	897 B	355 kB	23.185.0.1
ct.contentsquare.net	20990	2017-02-16	2020-03-05	2024-03-22	472 B	14 kB	54.230.111.113
cdaas.americanexpress.com	36912	1995-06-04	2017-10-27	2024-04-03	1.7 kB	74 kB	139.71.113.91
static.wixstatic.com	5648	2013-04-10	2013-06-07	2024-04-15	434 B	47 kB	143.204.55.40
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-16	404 B	5.5 kB	104.17.25.14
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24	2024-04-16	389 B	31 kB	152.199.19.160

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html	American Express

PhishTank

Scan Date	Severity	Indicator	Alert
2024-03-31	medium	pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html	American Express

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	pub-8a45a991f2304c5faa41697125b93c63.r2.dev	Sinkholed
2024-04-16	medium	pub-8a45a991f2304c5faa41697125b93c63.r2.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js	61 kB	2023-04-20	2024-04-24
Pretty URL ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 00:27:25 Last Seen2024-04-24 07:45:12 Times Seen156 Hash aa3cbdb491e81732a5d832f42af9c472 cfdfb96d9de6100037b91473ac60959314f6b648 9f532955099a9275d70302ecd0ba9fd9a311d3e8f746f5a607353152a599fa08 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560	40 kB	2023-03-08	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-29
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-29 19:10:47 Times Seen106911 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560	94 kB	2023-03-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560	999 kB	2023-04-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 16:58:13 Last Seen2024-04-24 07:45:12 Times Seen228 Hash e14121e1120a46de140ce3d55dbec5b2 a4b28624a67b22ad8d152140fb946c81a6914000 ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b Loading...

	icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70	154 kB	2023-03-07	2024-04-24
Pretty URL icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70 IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:25:41 Last Seen2024-04-24 07:45:12 Times Seen268 Hash 67f4fe4e3f7cf282addfc6d5b86d5780 f146ae0a6ebedd0614e0f999caa0a749058ab0bb 48df559b7f72977b57934382932681001ee1ea38375fb8bf6c51adecd9c587e1 Loading...

	cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js	3.2 kB	2023-05-29	2024-04-24
Pretty URL cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js IP 139.71.113.91 ASN #6307 AMERICAN-EXPRESS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 00:17:50 Last Seen2024-04-24 07:45:12 Times Seen161 Hash f6efadd784e4a924115dc32a16f59f81 86c46b36f734a37f5754d1786e2e418e87505251 71e7da9aa463a8be3a95848a9ff158473d323fcac8109889e1391ee9ab7f3288 Loading...

	www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js	63 kB	2023-03-26	2024-04-24
Pretty URL www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:13:21 Last Seen2024-04-24 07:45:12 Times Seen228 Hash 772c9c6eaeedba2508e606a78b991205 39832a714d5a9cfffbc522a14a7122d811da8002 d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250 Loading...

	pub-8a45a991f2304c5faa41697125b93c63.r2.dev/ff2b2359-b206-439c-982c-18673d14fc3f	2.7 kB	2024-03-30	2024-04-16
Pretty URL pub-8a45a991f2304c5faa41697125b93c63.r2.dev/ff2b2359-b206-439c-982c-18673d14fc3f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-30 06:58:56 Last Seen2024-04-16 18:46:55 Times Seen4 Hash 805950fb0a2d87dd099190c2e0160e5d d001205892d0b48777940bed3cff2291b64ab7d1 369a50e818f15d7f4fb41c8c8ff1a7ca6ed5b559ec13546cf91c9806449fe684 Loading...

	www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js	2.5 kB	2023-03-26	2024-04-24
Pretty URL www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:13:21 Last Seen2024-04-24 07:45:12 Times Seen152 Hash 38b6bfbc51c97cbed3a9c199cf2214a8 674f8e3bcbd3820c604e7d53e08b3393ce2d16e8 1c3af0f5ae3a08efeae217399270988bf0e5251b5a44be77ab97fcba28602af9 Loading...

	www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js	82 kB	2023-05-24	2024-04-24
Pretty URL www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 12:15:43 Last Seen2024-04-24 07:45:12 Times Seen207 Hash 44eb8c26271dc0fdc48a99d625418d63 72b766568a27b14fcd7358a3434ec1cd2db8fcf5 9ad6508c3b1ec50fb822906413eef4ce884138325c780efa68eb945a255b43de Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560	90 kB	2023-03-08	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2024-04-24 07:45:12 Times Seen437 Hash 8f52a626981f930e71e87f22a5f0080d 4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c 57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js	20 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-29 19:38:10 Times Seen3643 Hash 053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44 Loading...

	pub-8a45a991f2304c5faa41697125b93c63.r2.dev/ff2b2359-b206-439c-982c-18673d14fc3f	305 B	2023-10-15	2024-04-24
Pretty URL pub-8a45a991f2304c5faa41697125b93c63.r2.dev/ff2b2359-b206-439c-982c-18673d14fc3f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-15 14:04:36 Last Seen2024-04-24 07:45:12 Times Seen76 Hash 7a3bf5d3d8d5b25a782e99dc5a648347 bb5592735776bb1fc63f9388d91c73fb0b1d8126 a04f0873f5c6c36a2d80925e1ad6dd921ff09a4a08e33a62e54f21d95f9942a9 Loading...

HTTP Transactions (43)

URL IP Response Size

pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html

104.18.2.35

200 OK

593 B

URL User Request GET HTTP/1.1
pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
IP
104.18.2.35:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0
ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
593 B (593 bytes)
Hash
0ff736959b668621671651f99cedbbc2
0a556e69d9032e0138a6338c9067268b6870dba0
874632403faafc6851f8198e4137b598a7cf4d3f5c918481d192ba10ede0f663

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
OpenPhish	phishing	American Express
PhishTank	phishing	American Express
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.html HTTP/1.1
Host: pub-8a45a991f2304c5faa41697125b93c63.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:46:19 GMT
Content-Type: text/html
Content-Length: 593
Connection: keep-alive
Accept-Ranges: bytes
ETag: "0ff736959b668621671651f99cedbbc2"
Last-Modified: Fri, 29 Mar 2024 17:13:53 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8755a69c9c9b56a8-OSL

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

104.17.25.14

200 OK

4.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
4.5 kB (4517 bytes)
Hash
053305c2b293c27c02523cda42962c09
556b0af7346b9e21a8eea1be8b195b563169ecd5
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:46:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 326235
expires: Sun, 06 Apr 2025 16:46:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlsJpd3M%2FP3OVeDOe%2BkN2HlVHAKT4mlZQtfYQhQ1OgcMDS2Jvi70E8thnq5e1YsT1HYzA%2FkIUlmqQkkNM5YO1oIoiV8OA6fPZgz4sDdjv7MCqCgUq8mZIMCJRnycHS%2B%2FHvFDC5Mt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8755a6a3de85712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

152.199.19.160

200 OK

30 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4
ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30394 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 1952780
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 16 Apr 2024 16:46:20 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js

104.110.3.84

200 OK

42 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (42165), with LF, NEL line terminators
Size
42 kB (42087 bytes)
Hash
9800b8b1d3e95db022afaa61ab87ab3b
a0cf11b39cec89678b3b3e3039e8537a9384955f
98ec0a182491d0f23aaaedc0c771e65b88ad23038d22d27477e05b089f28db7c

HTTP Headers

GET /cdaas/one/user-consent-management/1.6.6/UCM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 20:40:52 GMT
etag: W/"63fe66d4-20c5a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 42087
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js

104.110.3.84

200 OK

27 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (50952), with NEL line terminators
Size
27 kB (26660 bytes)
Hash
44eb8c26271dc0fdc48a99d625418d63
72b766568a27b14fcd7358a3434ec1cd2db8fcf5
9ad6508c3b1ec50fb822906413eef4ce884138325c780efa68eb945a255b43de

HTTP Headers

GET /cdaas/one/axp-script-supplier/5.1.2/script-supplier.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 10:52:18 GMT
etag: W/"62f0eae2-13f4b"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 26660
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

dev-mysterious202.pantheonsite.io/YYY/basic.js

23.185.0.1

200 OK

250 kB

URL GET HTTP/2
dev-mysterious202.pantheonsite.io/YYY/basic.js
IP
23.185.0.1:443
ASN
#54113 FASTLY

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subjectpantheonsite.io
Fingerprint23:29:40:F0:5B:2A:65:6E:BF:46:58:A1:10:8F:CF:AE:E4:77:7A:DA
ValidityWed, 24 Jan 2024 20:55:39 GMT - Tue, 23 Apr 2024 20:55:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65277), with CRLF line terminators
Size
250 kB (249826 bytes)
Hash
7b1c3185115b8635665980b0c308ad97
63e05618f36dae49ee7709820c75a5e027adc4c9
abf625b45accb9c4db4fa5d29e83318b396a3a3ab7e9a979b8b9870c251c7956

HTTP Headers

GET /YYY/basic.js HTTP/1.1
Host: dev-mysterious202.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6606c9cc-eb65b"
expires: Tue, 16 Apr 2024 16:46:19 GMT
last-modified: Fri, 29 Mar 2024 14:01:48 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-qvkkb
x-styx-req-id: da1b6f4d-fc10-11ee-9990-f656e1ab073b
cache-control: no-cache, must-revalidate
date: Tue, 16 Apr 2024 16:46:20 GMT
x-served-by: cache-chi-kigq8000155-CHI, cache-hel1410028-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713285980.332414,VS0,VE147
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css

104.110.3.84

200 OK

51 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51294 bytes)
Hash
4bd9811ba7caedefaf1d5b4d348b5402
61de1ffedee8e64b1b383710f42eb9539aa0fe85
3488e209e7ecf29039fda4dfc5a98bfabb7a682c79bdb0d3e848dc5509fdc776

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 10 Oct 2019 22:16:00 GMT
etag: W/"5d9fada0-5655a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self';
content-encoding: gzip
content-length: 51294
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js

54.230.111.113

200 OK

13 kB

URL GET HTTP/2
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js
IP
54.230.111.113:443
ASN
#16509 AMAZON-02

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerAmazon
Subjectct-tag.clicktale.net
Fingerprint10:39:DF:70:AE:32:9B:84:B8:81:D6:1D:49:EF:00:D6:AD:D8:DD:B3
ValidityWed, 27 Mar 2024 00:00:00 GMT - Sat, 26 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2457)
Size
13 kB (13091 bytes)
Hash
aa3cbdb491e81732a5d832f42af9c472
cfdfb96d9de6100037b91473ac60959314f6b648
9f532955099a9275d70302ecd0ba9fd9a311d3e8f746f5a607353152a599fa08

HTTP Headers

GET /ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js HTTP/1.1
Host: ct.contentsquare.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13091
last-modified: Thu, 23 Mar 2023 23:58:56 GMT
x-amz-server-side-encryption: AES256
content-encoding: br
x-amz-version-id: aV2hZqOzpx_37U8zafww4Uug6Rd1lPK8
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 09:07:15 GMT
cache-control: max-age=900
etag: "358a149c6c09c7f0da1b6c9c624d51be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bw_8JQ1PI6I3wP6F3YaOj8rpKB6s89nKczm0go0YjXQCyrm33KccSA==
age: 0
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js

104.110.3.84

200 OK

11 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33873)
Size
11 kB (10965 bytes)
Hash
5f1dd4c7239209f835dd644b6e36a9c3
b16b7ef7736750128d4720261cabf03aa1e3343f
e179365f08ac25d54800342e439ee5b2427f5f5f6b2b67915c7a2e23b682927d

HTTP Headers

GET /cdaas/one/one-identity-session/1.17.1/timeout.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 17:27:58 GMT
etag: W/"61fd621e-8708"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 10965
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg

104.110.3.84

200 OK

989 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
989 B (989 bytes)
Hash
d97d46fe48d19d2c4f236b9a2cfee5f3
a164f3588bb4b601c472461a24a6eec265bcf8c8
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-962"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 989
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js

104.110.3.84

200 OK

559 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
559 B (559 bytes)
Hash
b2a8d44287800e168bbbb358f5d3263f
1332610f0f71b1a6f2310ef4c23877df839d32a3
d6cea3ef5423ab7bae0f90b5b9ff7b3d575b351e17dc4873174c5d40d1f55bd9

HTTP Headers

GET /cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:10:30 GMT
etag: W/"64230366-421"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 559
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg

104.110.3.84

200 OK

743 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
743 B (743 bytes)
Hash
78af472d7f07aacd83d8e224c119950a
b04f7889c9277106b40ef90b7b19c1091884d876
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66e"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 743
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg

104.110.3.84

200 OK

742 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
742 B (742 bytes)
Hash
7c6c3493f958764fd6b2a550a98ab676
0d89801ff7089bcfddda2f22ab37da7155948ff7
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66b"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 742
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg

104.110.3.84

200 OK

587 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
587 B (587 bytes)
Hash
56addba553083eb384b100cbb7e8632f
f718526f1ef720e5d361536615595d5bfc3c9688
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 04 Sep 2020 17:15:25 GMT
etag: W/"5f52762d-15f8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 587
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg

104.110.3.84

200 OK

712 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
712 B (712 bytes)
Hash
ebbbafae5bdc09d7ded7cef405413ac5
7a635abed6420b798397c62270d2df8b084cd8a8
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 712
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js

104.110.3.84

200 OK

21 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31997), with CRLF line terminators
Size
21 kB (20632 bytes)
Hash
772c9c6eaeedba2508e606a78b991205
39832a714d5a9cfffbc522a14a7122d811da8002
d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250

HTTP Headers

GET /cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:01:07 GMT
etag: W/"634d4403-f769"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 20632
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70

104.110.3.84

200 OK

27 kB

URL GET HTTP/2
icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (926), with CRLF line terminators
Size
27 kB (26810 bytes)
Hash
67f4fe4e3f7cf282addfc6d5b86d5780
f146ae0a6ebedd0614e0f999caa0a749058ab0bb
48df559b7f72977b57934382932681001ee1ea38375fb8bf6c51adecd9c587e1

HTTP Headers

GET /content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "25ba7-5c8e3f2cf33bd-gzip"
last-modified: Sun, 14 Apr 2024 18:32:00 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 26810
cache-control: public, must-revalidate, max-age=14400
date: Tue, 16 Apr 2024 16:46:21 GMT
X-Firefox-Spdy: h2

icm.aexp-static.com/content/dam/chat/prod/lechat/css/chatFrame.css?70

104.110.3.84

200 OK

3.3 kB

URL GET HTTP/2
icm.aexp-static.com/content/dam/chat/prod/lechat/css/chatFrame.css?70
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3257 bytes)
Hash
82650bd01c3776e0a465060e6d6dc506
a600a101a6b11a7cf38c9a0eb60af53f4352e297
43cd810f097c80c86e207e3115cb4bffbda760f9001e7a8e2329afab8985919d

HTTP Headers

GET /content/dam/chat/prod/lechat/css/chatFrame.css?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "46ec-59725f3079b96-gzip"
last-modified: Sat, 13 Apr 2024 11:24:01 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 3257
cache-control: public, must-revalidate, max-age=14342
date: Tue, 16 Apr 2024 16:46:21 GMT
X-Firefox-Spdy: h2

dev-mysterious202.pantheonsite.io/YYY/jquery.js

23.185.0.1

200 OK

104 kB

URL GET HTTP/2
dev-mysterious202.pantheonsite.io/YYY/jquery.js
IP
23.185.0.1:443
ASN
#54113 FASTLY

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subjectpantheonsite.io
Fingerprint23:29:40:F0:5B:2A:65:6E:BF:46:58:A1:10:8F:CF:AE:E4:77:7A:DA
ValidityWed, 24 Jan 2024 20:55:39 GMT - Tue, 23 Apr 2024 20:55:38 GMT

File type
gzip compressed data, max speed, from Unix
Size
104 kB (103663 bytes)
Hash
62023e83a75969ed264a10d11f49c732
ca4a765f9074a05f7e0d1dc4224cc0d32cb70d20
1f95581100071c5a8daaefa11cde77390d224f39f3de301c55e3c73c68e0376c

HTTP Headers

GET /YYY/jquery.js HTTP/1.1
Host: dev-mysterious202.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6606c9cc-47090"
expires: Tue, 16 Apr 2024 16:46:19 GMT
last-modified: Fri, 29 Mar 2024 14:01:48 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-5b88b49ff7-vhfjj
x-styx-req-id: da1b47cd-fc10-11ee-824e-ba026af31f79
cache-control: no-cache, must-revalidate
date: Tue, 16 Apr 2024 16:46:20 GMT
x-served-by: cache-chi-kigq8000108-CHI, cache-hel1410028-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713285980.331769,VS0,VE141
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js

139.71.113.91

200 OK

1.1 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1086 bytes)
Hash
f6efadd784e4a924115dc32a16f59f81
86c46b36f734a37f5754d1786e2e418e87505251
71e7da9aa463a8be3a95848a9ff158473d323fcac8109889e1391ee9ab7f3288

HTTP Headers

GET /myca/oce/latest/content/js/common/js/rwd.js HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:46:21 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Apr 2024 18:29:55 GMT
Connection: keep-alive
ETag: W/"661437a3-caa"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Content-Encoding: gzip
Transfer-Encoding: chunked

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

13 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32006)
Size
13 kB (12941 bytes)
Hash
0dfc7fa7d2051d776d5937b7a3a7c4dd
e0548931c28581b7f1975bf8c2d8b03b94591b87
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrpPeOsrvDSd-LvkcYHDhRvgThTRCvDEc-u9LWHzUCAcAdV_g9JU1WLmYfmBwkv-XtyWIZBMdwY-g
date: Tue, 16 Apr 2024 16:46:21 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
x-goog-generation: 1687018979345736
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 40455
content-type: application/javascript
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/css/oce-min.css

139.71.113.91

200 OK

53 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/css/oce-min.css
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
53 kB (52724 bytes)
Hash
e9399d0c0cc6600e41e40d1883754eef
88eaa97a97354f3d04e1bc2e4f83e89f87140794
f6dd7c8a16e567d2d21c126717adf70dc1b67346efbd94e3652e83a907a51b21

HTTP Headers

GET /myca/oce/latest/content/css/oce-min.css HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:46:21 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Apr 2024 18:29:55 GMT
Connection: keep-alive
ETag: W/"661437a3-446a0"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Content-Encoding: gzip
Transfer-Encoding: chunked

static.wixstatic.com/media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif

143.204.55.40

200 OK

46 kB

URL GET HTTP/2
static.wixstatic.com/media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif
IP
143.204.55.40:443
ASN
#16509 AMAZON-02

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerSectigo Limited
Subject*.wixstatic.com
FingerprintB2:F9:78:29:9F:1D:8B:05:44:BE:8D:28:55:FF:F7:E1:35:EE:21:C8
ValidityMon, 01 Jan 2024 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 231 x 231
Size
46 kB (46309 bytes)
Hash
cb93719526bfbcc31f4cd6a067904c0d
ccc200eb3eac8872f657643d1cfc5efabe77d08b
be09957b988dd42f4fe1655f4869cb79027e5e70a6c211db9a3caa0ac48806ff

HTTP Headers

GET /media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 46309
server: openresty/1.21.4.1
date: Mon, 08 Apr 2024 12:14:06 GMT
expires: Mon, 08 Apr 2024 13:14:06 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Sat, 13 Aug 2022 13:49:12 GMT
etag: "cb93719526bfbcc31f4cd6a067904c0d"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-6fb99f9c5-nj6wj
via: 1.1 google, 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Uo67S2mSTzYroKMXKysmukir5VL5wjeoUpuwV9Ec2lvfCxhszlZ6Ng==
age: 707536
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js

104.110.3.84

200 OK

42 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (42165), with LF, NEL line terminators
Size
42 kB (42087 bytes)
Hash
9800b8b1d3e95db022afaa61ab87ab3b
a0cf11b39cec89678b3b3e3039e8537a9384955f
98ec0a182491d0f23aaaedc0c771e65b88ad23038d22d27477e05b089f28db7c

HTTP Headers

GET /cdaas/one/user-consent-management/1.6.6/UCM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 20:40:52 GMT
etag: W/"63fe66d4-20c5a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 42087
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js

104.110.3.84

200 OK

559 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
559 B (559 bytes)
Hash
b2a8d44287800e168bbbb358f5d3263f
1332610f0f71b1a6f2310ef4c23877df839d32a3
d6cea3ef5423ab7bae0f90b5b9ff7b3d575b351e17dc4873174c5d40d1f55bd9

HTTP Headers

GET /cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:10:30 GMT
etag: W/"64230366-421"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 559
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js

104.110.3.84

200 OK

11 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33873)
Size
11 kB (10965 bytes)
Hash
5f1dd4c7239209f835dd644b6e36a9c3
b16b7ef7736750128d4720261cabf03aa1e3343f
e179365f08ac25d54800342e439ee5b2427f5f5f6b2b67915c7a2e23b682927d

HTTP Headers

GET /cdaas/one/one-identity-session/1.17.1/timeout.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 17:27:58 GMT
etag: W/"61fd621e-8708"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 10965
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/images/common/cid-double.png

139.71.113.91

200 OK

9.1 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/images/common/cid-double.png
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
PNG image data, 460 x 294, 8-bit/color RGBA, non-interlaced
Size
9.1 kB (9066 bytes)
Hash
25fa5e38ad8b621936b4cb8e5e613fd3
ce0acc6c672ca2b7f4b84770b8321f4ea5743d0b
564a66835dbdf4eda01f07e7f60344b644343cef1ed9eb40924108d417459bec

HTTP Headers

GET /myca/oce/latest/content/images/common/cid-double.png HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:46:22 GMT
Content-Type: image/png
Content-Length: 9066
Last-Modified: Wed, 02 Aug 2023 20:22:33 GMT
Connection: keep-alive
ETag: "64cabb09-236a"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Accept-Ranges: bytes

www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff

104.110.3.84

200 OK

37 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 37153, version 1.0
Size
37 kB (37153 bytes)
Hash
c0e3b5653c803f69c05862736a765e4a
4ae2328614d48c62388c8409cbd1d9e7b5d4dfda
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

HTTP Headers

GET /cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 37153
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-9121"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff

104.110.3.84

200 OK

73 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 72956, version 0.0
Size
73 kB (72956 bytes)
Hash
ba8101d8a4e5a90bd9d07a05afd8466d
f616f6471fc3c3badb3cb8b693d4329deb2e2d3b
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 72956
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-11cfc"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff

104.110.3.84

200 OK

40 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 40332, version 1.0
Size
40 kB (40332 bytes)
Hash
6d616bd3a5427bc276ed155995b12294
71f3cd6fb8f03d6a56962802058d8a0830122d4c
80239f6b5f0ac5edc4a589c5bba51392f015dddf3c2d7ba9ce922058d63d8ec2

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 40332
last-modified: Thu, 10 Oct 2019 22:15:49 GMT
etag: "5d9fad95-9d8c"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

79 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7866), with no line terminators
Size
79 kB (79172 bytes)
Hash
d53092c1d6e0a7a3d1bb802c67a6e1e9
2556ea4f15518fa36d0b92666e22ce28edec6745
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrSzeuh728Bez31SINrWJaH6-_30lq7c6E7Pj3UpnDs8dQmBTO81Y5Ialr2y2tvt03x5AUS1ZvXgw
date: Tue, 16 Apr 2024 16:46:21 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
x-goog-generation: 1687018979285447
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7866
content-type: application/javascript
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff

104.110.3.84

200 OK

74 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 73604, version 0.0
Size
74 kB (73604 bytes)
Hash
7294a33a9bec0eae9f3adddbcfe009c9
6e2cf6a463aab5c238468b67831a30dbdf430bda
e9f9fab2d479b79aca1d3d3bf0a9fc36131752869363180bef040905a008cc1b

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 73604
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-11f84"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0

104.110.3.84

200 OK

57 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 56824, version 1.0
Size
57 kB (56824 bytes)
Hash
0c8ca2c3b2337e728ee9e14246a5d58f
69f859084816f38c2e5531a2b46c4059b71d9f9b
3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052

HTTP Headers

GET /cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0 HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 56824
last-modified: Mon, 01 Aug 2022 18:53:07 GMT
etag: "62e82113-ddf8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/images/common/cm15-double-card.png

139.71.113.91

200 OK

9.8 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/images/common/cm15-double-card.png
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
PNG image data, 558 x 192, 8-bit/color RGBA, non-interlaced
Size
9.8 kB (9831 bytes)
Hash
f202d934ae46a217782a194055f32a41
8a00fa595e7468dae0a2d9f1da3f698b0720060a
a185f56fce5110dfca7a78b8b5d22bb82d5dc4e597a3d589158cbe5e1fa9fac7

HTTP Headers

GET /myca/oce/latest/content/images/common/cm15-double-card.png HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:46:22 GMT
Content-Type: image/png
Content-Length: 9831
Last-Modified: Wed, 02 Aug 2023 20:22:33 GMT
Connection: keep-alive
ETag: "64cabb09-2667"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Accept-Ranges: bytes

www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js

104.110.3.84

200 OK

21 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31997), with CRLF line terminators
Size
21 kB (20632 bytes)
Hash
772c9c6eaeedba2508e606a78b991205
39832a714d5a9cfffbc522a14a7122d811da8002
d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250

HTTP Headers

GET /cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:01:07 GMT
etag: W/"634d4403-f769"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 20632
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.americanexpress.com/favicon.ico

104.110.22.253

1.4 kB

URL GET
www.americanexpress.com/favicon.ico
IP
104.110.22.253:0
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.americanexpress.com
Fingerprint64:A2:B0:4D:11:47:D0:C0:37:73:B5:62:91:90:F7:0D:1F:42:FA:10
ValidityThu, 03 Aug 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1381 bytes)
Hash
974ccc6c4c6e1c7f04606973beb3ba20
0f96f86d488a4b5805744fa067c3cfd57c928406
265d3f591d92fadfe95f4660c382ee64a23538a7353b9880434205a102833de0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=15552000;
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1381
x-cnection: close
content-type: image/x-icon
date: Tue, 16 Apr 2024 16:46:22 GMT
set-cookie: agent-id=bdb69ac9-5e04-4760-8f80-090f890102bb; expires=Wed, 16-Apr-2025 16:46:22 GMT; path=/; domain=.americanexpress.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

36 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32002)
Size
36 kB (36023 bytes)
Hash
d32e789b3183ed4536dc36e4cabf74ec
6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoQ4FrT0UHbes7cmuQX0KpkHzpTEyAii97u5Gfj8IRJBy8PIRJRbP-ZEd-lU1dQ2PqboEYDulOaDw
date: Tue, 16 Apr 2024 16:46:21 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"d32e789b3183ed4536dc36e4cabf74ec"
x-goog-generation: 1687018979737136
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 93955
content-type: application/javascript
x-goog-hash: crc32c=JX6E+w==, md5=0y54mzGD7UU23Dbkyr907A==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

30 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
30 kB (29995 bytes)
Hash
8f52a626981f930e71e87f22a5f0080d
4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrxe3e6EGVoN-JhY9FEypXql4HM8TEp-NUDlPuP9WzGnr-EsCZybBO5TmI2KncDReqcC10
date: Tue, 16 Apr 2024 16:46:21 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"8f52a626981f930e71e87f22a5f0080d"
x-goog-generation: 1687018979574643
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 90535
content-type: application/javascript
x-goog-hash: crc32c=D9Dodw==, md5=j1KmJpgfkw5x6H8ipfAIDQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

999 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type

Size
999 kB (999172 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoNmlhc3Y1xvpduJpaNXPSoqKN7AwedjdBcDkKEfJ07wDYBBkfqZ9GyuBOymCDzeIIPEDTJt143vw
date: Tue, 16 Apr 2024 16:46:21 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"e14121e1120a46de140ce3d55dbec5b2"
x-goog-generation: 1687018979791126
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 999172
content-type: application/javascript
x-goog-hash: crc32c=zA1O8g==, md5=4UEh4RIKRt4UDOPVXb7Fsg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff

104.110.3.84

200 OK

77 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 76792, version 0.0
Size
77 kB (76792 bytes)
Hash
6824f89aed1f9cea50aeae0f94e590e4
b110bcca0524f8b001826673291c6201fbebd161
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 76792
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-12bf8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Tue, 16 Apr 2024 16:46:22 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

cdaas.aexp.com/cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png

0.0.0.0

0 B

URL GET
cdaas.aexp.com/cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png HTTP/1.1
Host: cdaas.aexp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js

104.110.3.84

200 OK

2.5 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
C source, ASCII text, with very long lines (2602), with no line terminators
Size
2.5 kB (2508 bytes)
Hash
53c2b3dab21a56855ec8dbd9c66410e4
e17057407cd9eb91e16710a01e2e022efdd218d5
063f17a29c2af44344e48aa58be5adca1423ec20f5a16c959579e61af520e5ac

HTTP Headers

GET /cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 21 Apr 2020 11:56:20 GMT
etag: W/"5e9edf64-9cc"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 964
date: Tue, 16 Apr 2024 16:46:20 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

pub-8a45a991f2304c5faa41697125b93c63.r2.dev/favicon.ico

0.0.0.0

0 B

URL GET
pub-8a45a991f2304c5faa41697125b93c63.r2.dev/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0
ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pub-8a45a991f2304c5faa41697125b93c63.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-8a45a991f2304c5faa41697125b93c63.r2.dev/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML