Report - pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php

Report Overview

Submitted URL
pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php
IP
150.231.54.11
ASN
#3999 PENN-STATE
Submitted
2024-04-24 02:02:54
Access
public
Website Title
Log In to My Account | American Express US
Final URL
pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/fdab1fac-7976-4b5c-8367-fc8a2f104fc3
Tags
american_express financial phishing
urlquery detections
Phishing - American Express

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24	2024-04-22	389 B	31 kB	152.199.19.160
ct.contentsquare.net	20990	2017-02-16	2020-03-05	2024-03-22	472 B	14 kB	54.230.111.30
cdaas.aexp.com	185816	unknown	No data	No data	443 B	0 B	0.0.0.0
pennstatehershey.org	unknown	unknown	No data	No data	571 B	1.1 kB	150.231.54.11
www.aexp-static.com	12486	2010-10-07	2012-05-24	2024-04-23	11 kB	597 kB	104.110.3.84
dev-mxsldhhd29929.pantheonsite.io	unknown	unknown	No data	No data	901 B	1.3 MB	23.185.0.3
pub-ed4efc55192b4752848d76099d49dbb1.r2.dev	unknown	unknown	No data	No data	999 B	900 B	104.18.2.35
icm.aexp-static.com	14960	2010-10-07	2014-03-19	2024-04-01	838 B	31 kB	104.110.3.84
cdaas.americanexpress.com	36912	1995-06-04	2017-10-27	2024-04-03	1.7 kB	55 kB	139.71.113.91
static.wixstatic.com	5648	2013-04-10	2013-06-07	2024-04-23	434 B	47 kB	108.157.214.40
lpchat.americanexpress.com	32480	1995-06-04	2020-04-02	2024-01-25	2.3 kB	1.2 MB	34.120.154.120
www.pennstatehershey.org	unknown	2007-11-29	2014-03-11	2024-03-14	702 B	1.2 kB	150.231.54.11
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-22	404 B	5.5 kB	104.17.24.14
www.americanexpress.com	13613	1995-06-04	2013-04-24	2024-04-22	395 B	1.9 kB	104.110.22.253
wajmed.com	unknown	2020-11-26	2020-11-27	2024-02-13	494 B	494 B	160.119.252.105

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	wajmed.com/sandbox/wp-includes/redir.php	American Express

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560	94 kB	2023-03-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js	63 kB	2023-03-26	2024-04-24
Pretty URL www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:13:21 Last Seen2024-04-24 07:45:12 Times Seen228 Hash 772c9c6eaeedba2508e606a78b991205 39832a714d5a9cfffbc522a14a7122d811da8002 d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250 Loading...

	ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-05
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-05 21:55:13 Times Seen108806 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/fdab1fac-7976-4b5c-8367-fc8a2f104fc3	2.8 kB	2024-04-23	2024-04-24
Pretty URL pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/fdab1fac-7976-4b5c-8367-fc8a2f104fc3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 15:08:42 Last Seen2024-04-24 07:45:12 Times Seen3 Hash 64d31e743db016e73860804a6a981882 fdb3310b30cd3d86cd39bb361096dae903fd64b8 1a595ac211d005cdd2090e90dda892da5f7fe73601213feed1f2fd355d76bf93 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560	999 kB	2023-04-07	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 16:58:13 Last Seen2024-04-24 07:45:12 Times Seen228 Hash e14121e1120a46de140ce3d55dbec5b2 a4b28624a67b22ad8d152140fb946c81a6914000 ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b Loading...

	www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js	82 kB	2023-05-24	2024-04-24
Pretty URL www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 12:15:43 Last Seen2024-04-24 07:45:12 Times Seen207 Hash 44eb8c26271dc0fdc48a99d625418d63 72b766568a27b14fcd7358a3434ec1cd2db8fcf5 9ad6508c3b1ec50fb822906413eef4ce884138325c780efa68eb945a255b43de Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560	40 kB	2023-03-08	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560	90 kB	2023-03-08	2024-04-24
Pretty URL lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560 IP 34.120.154.120 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2024-04-24 07:45:12 Times Seen437 Hash 8f52a626981f930e71e87f22a5f0080d 4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c 57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js	20 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-05 20:40:24 Times Seen3661 Hash 053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44 Loading...

	pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/fdab1fac-7976-4b5c-8367-fc8a2f104fc3	305 B	2023-10-15	2024-04-24
Pretty URL pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/fdab1fac-7976-4b5c-8367-fc8a2f104fc3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-15 14:04:36 Last Seen2024-04-24 07:45:12 Times Seen76 Hash 7a3bf5d3d8d5b25a782e99dc5a648347 bb5592735776bb1fc63f9388d91c73fb0b1d8126 a04f0873f5c6c36a2d80925e1ad6dd921ff09a4a08e33a62e54f21d95f9942a9 Loading...

	www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js	2.5 kB	2023-03-26	2024-04-24
Pretty URL www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:13:21 Last Seen2024-04-24 07:45:12 Times Seen152 Hash 38b6bfbc51c97cbed3a9c199cf2214a8 674f8e3bcbd3820c604e7d53e08b3393ce2d16e8 1c3af0f5ae3a08efeae217399270988bf0e5251b5a44be77ab97fcba28602af9 Loading...

	ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js	61 kB	2023-04-20	2024-04-24
Pretty URL ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 00:27:25 Last Seen2024-04-24 07:45:12 Times Seen156 Hash aa3cbdb491e81732a5d832f42af9c472 cfdfb96d9de6100037b91473ac60959314f6b648 9f532955099a9275d70302ecd0ba9fd9a311d3e8f746f5a607353152a599fa08 Loading...

	icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70	154 kB	2023-03-07	2024-04-24
Pretty URL icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70 IP 104.110.3.84 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:25:41 Last Seen2024-04-24 07:45:12 Times Seen268 Hash 67f4fe4e3f7cf282addfc6d5b86d5780 f146ae0a6ebedd0614e0f999caa0a749058ab0bb 48df559b7f72977b57934382932681001ee1ea38375fb8bf6c51adecd9c587e1 Loading...

	cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js	3.2 kB	2023-05-29	2024-04-24
Pretty URL cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js IP 139.71.113.91 ASN #6307 AMERICAN-EXPRESS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 00:17:50 Last Seen2024-04-24 07:45:12 Times Seen161 Hash f6efadd784e4a924115dc32a16f59f81 86c46b36f734a37f5754d1786e2e418e87505251 71e7da9aa463a8be3a95848a9ff158473d323fcac8109889e1391ee9ab7f3288 Loading...

HTTP Transactions (46)

URL IP Response Size

pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php

150.231.54.11

301 Moved Permanently

341 B

URL User Request GET HTTP/1.1
pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php
IP
150.231.54.11:443
ASN
#3999 PENN-STATE

Certificate
IssuerInternet2
Subjectpennstatehershey.org
Fingerprint18:65:25:51:F6:75:68:BA:37:BE:F5:E7:E5:C4:87:93:BA:AA:F0:2A
ValidityMon, 25 Mar 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
341 B (341 bytes)
Hash
d9704fffb8afd8079bc9182cb3c2b841
93ce1e60c43065b191c59a4b16120e66a608bb51
2d8b1bdbf35f3dc3a09223dd8103a84ae764d227d6da05a755ed6bcf98e68ad9

HTTP Headers

GET /c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php HTTP/1.1
Host: pennstatehershey.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 24 Apr 2024 02:02:26 GMT
Server: Oracle-HTTP-Server
Location: https://www.pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_JOjd124cbnwl1dlbisbudkdot0aakes=ffffffffaf15137545525d5f4f58455e445a4a42378b;path=/;secure;httponly
citrix_ns_id=AAA7MmgoZjt9-uIAAAAAADvL3VcDJhMzdcaHO4Ez1DzF5hzt_ggRFoOO_z378IbXOw==XmkoZg==8jyQh2zTji7WFP3pqKU0CMTT9os=; Domain=.pennstatehershey.org; Path=/; HttpOnly
X-Cache-Control-Orig: 
Cache-Control: max-age=0, must-revalidate, private
X-Expires-Orig: None
Transfer-Encoding: chunked

www.pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php

150.231.54.11

302 302

0 B

URL User Request GET HTTP/1.1
www.pennstatehershey.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php
IP
150.231.54.11:443
ASN
#3999 PENN-STATE

Certificate
IssuerInternet2
Subject*.pennstatehershey.org
FingerprintE5:F5:DE:5C:D8:EF:EF:00:A2:17:A7:CC:35:68:6E:2C:87:B0:E4:EB
ValidityMon, 25 Mar 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://wajmed.com/sandbox/wp-includes/redir.php HTTP/1.1
Host: www.pennstatehershey.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: citrix_ns_id=AAA7MmgoZjt9-uIAAAAAADvL3VcDJhMzdcaHO4Ez1DzF5hzt_ggRFoOO_z378IbXOw==XmkoZg==8jyQh2zTji7WFP3pqKU0CMTT9os=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 302
Date: Wed, 24 Apr 2024 02:02:27 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Liferay-Portal: Liferay Digital Experience Platform
Location: https://wajmed.com/sandbox/wp-includes/redir.php
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=BC9DE0EC49E765685BE829B121F5BC37; Path=/; Secure; HttpOnly
COOKIE_SUPPORT=true; Max-Age=31536000; Expires=Thu, 24 Apr 2025 02:02:27 GMT; Path=/; Secure; HttpOnly
GUEST_LANGUAGE_ID=en_US; Max-Age=31536000; Expires=Thu, 24 Apr 2025 02:02:27 GMT; Path=/; Secure; HttpOnly
ROUTEID_liferay-internet-https=.lrpp01; path=/
NSC_JOjd124cbnwl1dlbisbudkdot0aakes=ffffffffaf15137545525d5f4f58455e445a4a42378b;path=/;secure;httponly
citrix_ns_id=AAA7MmgoZjt9-uIAAAAAADvL3VcDJhMzdcaHO4Ez1DzF5hzt_ggRFoOO_z378IbXOw==X2koZg==LyDFgNGixu9aeMmCiUcwskqiLIY=; Domain=.pennstatehershey.org; Path=/; HttpOnly
Vary: Cookie
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked

wajmed.com/sandbox/wp-includes/redir.php

160.119.252.105

302 Found

0 B

URL User Request GET HTTP/2
wajmed.com/sandbox/wp-includes/redir.php
IP
160.119.252.105:443
ASN
#328364 Host-Africa-AS

Certificate
IssuercPanel, Inc.
Subjectwajmed.com
Fingerprint86:81:6D:5B:FE:EC:71:93:D1:DB:5F:5E:FE:5E:79:99:48:7F:19:A9
ValidityTue, 13 Feb 2024 00:00:00 GMT - Mon, 13 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	American Express

HTTP Headers

GET /sandbox/wp-includes/redir.php HTTP/1.1
Host: wajmed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-powered-by: PHP/7.4.33
location: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 24 Apr 2024 02:02:28 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html

104.18.2.35

200 OK

593 B

URL User Request GET HTTP/1.1
pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
IP
104.18.2.35:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0
ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
593 B (593 bytes)
Hash
a26a7e958a5cb5c1ce19e52adef6a31b
80039ec44d80a9cdbf418a361ac0fda7c7be3d0f
60433c9cfc638637cdf692798971c77547a5a3d784dbb15b887f1828a34a914e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express

HTTP Headers

GET /index.html HTTP/1.1
Host: pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:02:28 GMT
Content-Type: text/html
Content-Length: 593
Connection: keep-alive
Accept-Ranges: bytes
ETag: "a26a7e958a5cb5c1ce19e52adef6a31b"
Last-Modified: Wed, 24 Apr 2024 01:15:16 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879282e67dee56a8-OSL

www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js

104.110.3.84

200 OK

559 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
559 B (559 bytes)
Hash
b2a8d44287800e168bbbb358f5d3263f
1332610f0f71b1a6f2310ef4c23877df839d32a3
d6cea3ef5423ab7bae0f90b5b9ff7b3d575b351e17dc4873174c5d40d1f55bd9

HTTP Headers

GET /cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:10:30 GMT
etag: W/"64230366-421"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 559
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js

104.110.3.84

200 OK

27 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.2/script-supplier.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (50952), with NEL line terminators
Size
27 kB (26660 bytes)
Hash
44eb8c26271dc0fdc48a99d625418d63
72b766568a27b14fcd7358a3434ec1cd2db8fcf5
9ad6508c3b1ec50fb822906413eef4ce884138325c780efa68eb945a255b43de

HTTP Headers

GET /cdaas/one/axp-script-supplier/5.1.2/script-supplier.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 10:52:18 GMT
etag: W/"62f0eae2-13f4b"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 26660
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js

104.110.3.84

200 OK

11 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33873)
Size
11 kB (10965 bytes)
Hash
5f1dd4c7239209f835dd644b6e36a9c3
b16b7ef7736750128d4720261cabf03aa1e3343f
e179365f08ac25d54800342e439ee5b2427f5f5f6b2b67915c7a2e23b682927d

HTTP Headers

GET /cdaas/one/one-identity-session/1.17.1/timeout.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 17:27:58 GMT
etag: W/"61fd621e-8708"
timing-allow-origin: *
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 10965
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg

104.110.3.84

200 OK

587 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
587 B (587 bytes)
Hash
56addba553083eb384b100cbb7e8632f
f718526f1ef720e5d361536615595d5bfc3c9688
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/2.14.2/package/dist/img/flags/dls-flag-us.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 04 Sep 2020 17:15:25 GMT
etag: W/"5f52762d-15f8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 587
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

152.199.19.160

200 OK

30 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4
ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30394 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 2590949
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 24 Apr 2024 02:02:29 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg

104.110.3.84

200 OK

712 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
712 B (712 bytes)
Hash
ebbbafae5bdc09d7ded7cef405413ac5
7a635abed6420b798397c62270d2df8b084cd8a8
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 18 Oct 2019 19:50:49 GMT
etag: W/"5daa1799-693"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 712
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js

104.110.3.84

200 OK

42 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (42165), with LF, NEL line terminators
Size
42 kB (42087 bytes)
Hash
9800b8b1d3e95db022afaa61ab87ab3b
a0cf11b39cec89678b3b3e3039e8537a9384955f
98ec0a182491d0f23aaaedc0c771e65b88ad23038d22d27477e05b089f28db7c

HTTP Headers

GET /cdaas/one/user-consent-management/1.6.6/UCM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 20:40:52 GMT
etag: W/"63fe66d4-20c5a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 42087
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg

104.110.3.84

200 OK

989 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
989 B (989 bytes)
Hash
d97d46fe48d19d2c4f236b9a2cfee5f3
a164f3588bb4b601c472461a24a6eec265bcf8c8
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-962"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 989
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg

104.110.3.84

200 OK

743 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
743 B (743 bytes)
Hash
78af472d7f07aacd83d8e224c119950a
b04f7889c9277106b40ef90b7b19c1091884d876
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66e"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 743
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css

104.110.3.84

200 OK

51 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51294 bytes)
Hash
4bd9811ba7caedefaf1d5b4d348b5402
61de1ffedee8e64b1b383710f42eb9539aa0fe85
3488e209e7ecf29039fda4dfc5a98bfabb7a682c79bdb0d3e848dc5509fdc776

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/styles/dls.min.css HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 10 Oct 2019 22:16:00 GMT
etag: W/"5d9fada0-5655a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self';
content-encoding: gzip
content-length: 51294
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js

104.110.3.84

200 OK

21 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31997), with CRLF line terminators
Size
21 kB (20632 bytes)
Hash
772c9c6eaeedba2508e606a78b991205
39832a714d5a9cfffbc522a14a7122d811da8002
d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250

HTTP Headers

GET /cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:01:07 GMT
etag: W/"634d4403-f769"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 20632
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js

54.230.111.30

200 OK

13 kB

URL GET HTTP/2
ct.contentsquare.net/ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js
IP
54.230.111.30:443
ASN
#16509 AMAZON-02

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerAmazon
Subjectct-tag.clicktale.net
Fingerprint10:39:DF:70:AE:32:9B:84:B8:81:D6:1D:49:EF:00:D6:AD:D8:DD:B3
ValidityWed, 27 Mar 2024 00:00:00 GMT - Sat, 26 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2457)
Size
13 kB (13091 bytes)
Hash
aa3cbdb491e81732a5d832f42af9c472
cfdfb96d9de6100037b91473ac60959314f6b648
9f532955099a9275d70302ecd0ba9fd9a311d3e8f746f5a607353152a599fa08

HTTP Headers

GET /ss/3776/58f9bb16-be1c-40a4-a9f6-764647d60c8c/44/ptc.js HTTP/1.1
Host: ct.contentsquare.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13091
date: Tue, 23 Apr 2024 12:51:13 GMT
last-modified: Thu, 23 Mar 2023 23:58:56 GMT
etag: "358a149c6c09c7f0da1b6c9c624d51be"
x-amz-server-side-encryption: AES256
cache-control: max-age=900
content-encoding: br
x-amz-version-id: aV2hZqOzpx_37U8zafww4Uug6Rd1lPK8
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3tY0ISVG-jfnTszuKIt7Ghcn5M2vZtH_qDa12SLVbk-9vG2i0Vuh2Q==
age: 0
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

104.17.24.14

200 OK

4.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
4.5 kB (4517 bytes)
Hash
053305c2b293c27c02523cda42962c09
556b0af7346b9e21a8eea1be8b195b563169ecd5
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:02:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 620637
expires: Mon, 14 Apr 2025 02:02:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1A8bmxM%2FgKFHERW3rqUSQXB2t0YT6OEQoCe%2F2op1D%2BNiWMSKbKMLKqWCio%2F98EVwa9TNSIeGZ0VUesqUltiSHio1FCY7N76bKYa7k2SNakD80emMh19B6XrlsKWQlsnWsISyuUsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879282ef2939569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg

104.110.3.84

200 OK

742 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
742 B (742 bytes)
Hash
7c6c3493f958764fd6b2a550a98ab676
0d89801ff7089bcfddda2f22ab37da7155948ff7
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 17:37:19 GMT
etag: W/"5dbb1bcf-66b"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 742
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js

104.110.3.84

200 OK

964 B

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
C source, ASCII text, with very long lines (739), with CRLF line terminators
Size
964 B (964 bytes)
Hash
38b6bfbc51c97cbed3a9c199cf2214a8
674f8e3bcbd3820c604e7d53e08b3393ce2d16e8
1c3af0f5ae3a08efeae217399270988bf0e5251b5a44be77ab97fcba28602af9

HTTP Headers

GET /cdaas/api/axpi/gct/1.0.0/VIDServiceDomestic.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 21 Apr 2020 11:56:20 GMT
etag: W/"5e9edf64-9cc"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 964
date: Wed, 24 Apr 2024 02:02:29 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

icm.aexp-static.com/content/dam/chat/prod/lechat/css/chatFrame.css?70

104.110.3.84

200 OK

3.3 kB

URL GET HTTP/2
icm.aexp-static.com/content/dam/chat/prod/lechat/css/chatFrame.css?70
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3257 bytes)
Hash
82650bd01c3776e0a465060e6d6dc506
a600a101a6b11a7cf38c9a0eb60af53f4352e297
43cd810f097c80c86e207e3115cb4bffbda760f9001e7a8e2329afab8985919d

HTTP Headers

GET /content/dam/chat/prod/lechat/css/chatFrame.css?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "46ec-59725f3079b96-gzip"
last-modified: Sat, 13 Apr 2024 11:24:01 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 3257
cache-control: public, must-revalidate, max-age=14342
date: Wed, 24 Apr 2024 02:02:29 GMT
X-Firefox-Spdy: h2

icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70

104.110.3.84

200 OK

27 kB

URL GET HTTP/2
icm.aexp-static.com/content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (926), with CRLF line terminators
Size
27 kB (26810 bytes)
Hash
67f4fe4e3f7cf282addfc6d5b86d5780
f146ae0a6ebedd0614e0f999caa0a749058ab0bb
48df559b7f72977b57934382932681001ee1ea38375fb8bf6c51adecd9c587e1

HTTP Headers

GET /content/dam/chat/prod/lechat/js/chatButtonBootStrap.js?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "25ba7-5c8e3f2ab0243-gzip"
last-modified: Tue, 23 Apr 2024 05:06:53 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 26810
cache-control: public, must-revalidate, max-age=14353
date: Wed, 24 Apr 2024 02:02:29 GMT
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js

139.71.113.91

200 OK

1.1 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/js/common/js/rwd.js
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1086 bytes)
Hash
f6efadd784e4a924115dc32a16f59f81
86c46b36f734a37f5754d1786e2e418e87505251
71e7da9aa463a8be3a95848a9ff158473d323fcac8109889e1391ee9ab7f3288

HTTP Headers

GET /myca/oce/latest/content/js/common/js/rwd.js HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:02:30 GMT
Content-Type: application/javascript
Last-Modified: Mon, 15 Apr 2024 21:38:16 GMT
Connection: keep-alive
ETag: W/"661d9e48-caa"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Content-Encoding: gzip
Transfer-Encoding: chunked

cdaas.americanexpress.com/myca/oce/latest/content/css/oce-min.css

139.71.113.91

200 OK

53 kB

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/css/oce-min.css
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
53 kB (52739 bytes)
Hash
c8a96f8bbff4bcaf320bd6b053ef727c
9d178afc85a4a0b02c70db494e6546c263958e44
50e7b1a6748965cdf1ef90c53928314c31002b8d81891c5f713b532ba53f8543

HTTP Headers

GET /myca/oce/latest/content/css/oce-min.css HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 02:02:30 GMT
Content-Type: text/css
Last-Modified: Mon, 15 Apr 2024 21:38:16 GMT
Connection: keep-alive
ETag: W/"661d9e48-446e4"
Timing-Allow-Origin: *
Vary: Origin
Cache-Control: max-age=31536000, must-revalidate
Content-Encoding: gzip
Transfer-Encoding: chunked

static.wixstatic.com/media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif

108.157.214.40

200 OK

46 kB

URL GET HTTP/2
static.wixstatic.com/media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif
IP
108.157.214.40:443
ASN
#16509 AMAZON-02

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerSectigo Limited
Subject*.wixstatic.com
FingerprintB2:F9:78:29:9F:1D:8B:05:44:BE:8D:28:55:FF:F7:E1:35:EE:21:C8
ValidityMon, 01 Jan 2024 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 231 x 231
Size
46 kB (46309 bytes)
Hash
cb93719526bfbcc31f4cd6a067904c0d
ccc200eb3eac8872f657643d1cfc5efabe77d08b
be09957b988dd42f4fe1655f4869cb79027e5e70a6c211db9a3caa0ac48806ff

HTTP Headers

GET /media/369c26_b396f2977e5a40839e2fc77a6f9aac2b~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 46309
server: openresty/1.21.4.1
date: Mon, 08 Apr 2024 12:14:06 GMT
expires: Mon, 08 Apr 2024 13:14:06 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Sat, 13 Aug 2022 13:49:12 GMT
etag: "cb93719526bfbcc31f4cd6a067904c0d"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-6fb99f9c5-nj6wj
via: 1.1 google, 1.1 ff7194a111d1912088727cbee9f13db0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ARN56-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uIZqgVXYRh_opPHk1ohxUN5zXFiXyB5jGFGmOuWrfnwfkw6LsJTtXg==
age: 1345704
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js

104.110.3.84

200 OK

42 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/user-consent-management/1.6.6/UCM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (42165), with LF, NEL line terminators
Size
42 kB (42087 bytes)
Hash
9800b8b1d3e95db022afaa61ab87ab3b
a0cf11b39cec89678b3b3e3039e8537a9384955f
98ec0a182491d0f23aaaedc0c771e65b88ad23038d22d27477e05b089f28db7c

HTTP Headers

GET /cdaas/one/user-consent-management/1.6.6/UCM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 20:40:52 GMT
etag: W/"63fe66d4-20c5a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 42087
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js

104.110.3.84

200 OK

559 B

URL GET HTTP/2
www.aexp-static.com/cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
559 B (559 bytes)
Hash
b2a8d44287800e168bbbb358f5d3263f
1332610f0f71b1a6f2310ef4c23877df839d32a3
d6cea3ef5423ab7bae0f90b5b9ff7b3d575b351e17dc4873174c5d40d1f55bd9

HTTP Headers

GET /cdaas/one/shared-scripts-contentsquare/1.0.8/csq.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:10:30 GMT
etag: W/"64230366-421"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 559
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js

104.110.3.84

200 OK

11 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/one-identity-session/1.17.1/timeout.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33873)
Size
11 kB (10965 bytes)
Hash
5f1dd4c7239209f835dd644b6e36a9c3
b16b7ef7736750128d4720261cabf03aa1e3343f
e179365f08ac25d54800342e439ee5b2427f5f5f6b2b67915c7a2e23b682927d

HTTP Headers

GET /cdaas/one/one-identity-session/1.17.1/timeout.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 17:27:58 GMT
etag: W/"61fd621e-8708"
timing-allow-origin: *
access-control-allow-origin: https://global.americanexpress.com
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 10965
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

cdaas.americanexpress.com/myca/oce/latest/content/images/common/cid-double.png

139.71.113.91

404 Not Found

146 B

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/images/common/cid-double.png
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /myca/oce/latest/content/images/common/cid-double.png HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 02:02:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

cdaas.americanexpress.com/myca/oce/latest/content/images/common/cm15-double-card.png

139.71.113.91

404 Not Found

146 B

URL GET HTTP/1.1
cdaas.americanexpress.com/myca/oce/latest/content/images/common/cm15-double-card.png
IP
139.71.113.91:443
ASN
#6307 AMERICAN-EXPRESS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectcdaas.americanexpress.com
Fingerprint85:14:2D:76:FA:1D:AD:6F:B8:10:2B:70:65:AB:0B:16:81:50:E9:BF
ValidityWed, 11 Oct 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /myca/oce/latest/content/images/common/cm15-double-card.png HTTP/1.1
Host: cdaas.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 02:02:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff

104.110.3.84

200 OK

37 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 37153, version 1.0
Size
37 kB (37153 bytes)
Hash
c0e3b5653c803f69c05862736a765e4a
4ae2328614d48c62388c8409cbd1d9e7b5d4dfda
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

HTTP Headers

GET /cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 37153
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-9121"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff

104.110.3.84

200 OK

40 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 40332, version 1.0
Size
40 kB (40332 bytes)
Hash
6d616bd3a5427bc276ed155995b12294
71f3cd6fb8f03d6a56962802058d8a0830122d4c
80239f6b5f0ac5edc4a589c5bba51392f015dddf3c2d7ba9ce922058d63d8ec2

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/iconfont/dls-icons.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 40332
last-modified: Thu, 10 Oct 2019 22:15:49 GMT
etag: "5d9fad95-9d8c"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff

104.110.3.84

200 OK

73 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 72956, version 0.0
Size
73 kB (72956 bytes)
Hash
ba8101d8a4e5a90bd9d07a05afd8466d
f616f6471fc3c3badb3cb8b693d4329deb2e2d3b
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Medium.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 72956
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-11cfc"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff

104.110.3.84

200 OK

77 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 76792, version 0.0
Size
77 kB (76792 bytes)
Hash
6824f89aed1f9cea50aeae0f94e590e4
b110bcca0524f8b001826673291c6201fbebd161
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Regular.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 76792
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-12bf8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff

104.110.3.84

200 OK

74 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 73604, version 0.0
Size
74 kB (73604 bytes)
Hash
7294a33a9bec0eae9f3adddbcfe009c9
6e2cf6a463aab5c238468b67831a30dbdf430bda
e9f9fab2d479b79aca1d3d3bf0a9fc36131752869363180bef040905a008cc1b

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.11.2/package/dist/fonts/Roboto-Light.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://www.aexp-static.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 73604
last-modified: Thu, 10 Oct 2019 22:15:47 GMT
etag: "5d9fad93-11f84"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0

104.110.3.84

200 OK

57 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 56824, version 1.0
Size
57 kB (56824 bytes)
Hash
0c8ca2c3b2337e728ee9e14246a5d58f
69f859084816f38c2e5531a2b46c4059b71d9f9b
3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052

HTTP Headers

GET /cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0 HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 56824
last-modified: Mon, 01 Aug 2022 18:53:07 GMT
etag: "62e82113-ddf8"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js

104.110.3.84

200 OK

21 kB

URL GET HTTP/2
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js
IP
104.110.3.84:443
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectm.americanexpress.com
Fingerprint3D:49:C1:10:15:C4:62:62:B3:CD:E6:43:D8:FF:DE:DD:A4:9F:03:26
ValidityWed, 06 Mar 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31997), with CRLF line terminators
Size
21 kB (20632 bytes)
Hash
772c9c6eaeedba2508e606a78b991205
39832a714d5a9cfffbc522a14a7122d811da8002
d464cfeb6a0b8a7f2caf889cf11a9c1b1d77662d6b45a0ef1698bc16d5fe1250

HTTP Headers

GET /cdaas/api/axpi/omniture/visitorapi/5.0.1/visitorAPI-NonAAM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:01:07 GMT
etag: W/"634d4403-f769"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 20632
date: Wed, 24 Apr 2024 02:02:30 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.americanexpress.com/favicon.ico

104.110.22.253

1.4 kB

URL GET
www.americanexpress.com/favicon.ico
IP
104.110.22.253:0
ASN
#16625 AKAMAI-AS

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1381 bytes)
Hash
974ccc6c4c6e1c7f04606973beb3ba20
0f96f86d488a4b5805744fa067c3cfd57c928406
265d3f591d92fadfe95f4660c382ee64a23538a7353b9880434205a102833de0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=15552000;
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1381
x-cnection: close
content-type: image/x-icon
date: Wed, 24 Apr 2024 02:02:31 GMT
set-cookie: agent-id=f40e5fdf-221a-468a-9c2e-7c182e8d0b84; expires=Thu, 24-Apr-2025 02:02:31 GMT; path=/; domain=.americanexpress.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

7.9 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7983), with no line terminators
Size
7.9 kB (7866 bytes)
Hash
cfdc0f6d6d3ed7161374908f71552a3f
75cc9ef0f56266c34279610ab72199d30792650c
adc1a3973cf95e6dcb09f066ded367af85875542eaca31981b8c1f888d36f320

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpWgNZfZULuwslI0lmqjqYrha0k10WK-bFSd_bTlTSX4nehLZfC4--sonISMRu7r4ly8gq2Meeo0A
date: Wed, 24 Apr 2024 02:02:29 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
x-goog-generation: 1687018979285447
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7866
content-type: application/javascript
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dev-mxsldhhd29929.pantheonsite.io/eee/jquery.js

23.185.0.3

200 OK

291 kB

URL GET HTTP/2
dev-mxsldhhd29929.pantheonsite.io/eee/jquery.js
IP
23.185.0.3:443
ASN
#54113 FASTLY

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subjectpantheonsite.io
FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59
ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
291 kB (290960 bytes)
Hash
24fa855a7678b1938f16235881e3e80b
67b6c9946134456d67c07765d230130d8679f8c6
f2a84bc4f4cb8ae04162f42f1f3ebed1e05725d9b5bf666b885356c7698a071f

HTTP Headers

GET /eee/jquery.js HTTP/1.1
Host: dev-mxsldhhd29929.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"66285cb3-47090"
expires: Wed, 24 Apr 2024 02:02:28 GMT
last-modified: Wed, 24 Apr 2024 01:13:23 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3-b-598b87cd46-9fjsb
x-styx-req-id: b44afc27-01de-11ef-bfa6-ee7e8e6ed997
cache-control: no-cache, must-revalidate
date: Wed, 24 Apr 2024 02:02:29 GMT
x-served-by: cache-chi-kigq8000131-CHI, cache-hel1410025-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713924149.031243,VS0,VE131
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

94 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32002)
Size
94 kB (93955 bytes)
Hash
d32e789b3183ed4536dc36e4cabf74ec
6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpsHoRGypUkPVCL8bEX9LoV0WY3K5Wp6Ng9g-OsPc_qEpwia-MrH0SGjNUvF7jWFwu99kdewmznjQ
date: Wed, 24 Apr 2024 02:02:29 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"d32e789b3183ed4536dc36e4cabf74ec"
x-goog-generation: 1687018979737136
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 93955
content-type: application/javascript
x-goog-hash: crc32c=JX6E+w==, md5=0y54mzGD7UU23Dbkyr907A==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dev-mxsldhhd29929.pantheonsite.io/eee/basic.js

23.185.0.3

200 OK

964 kB

URL GET HTTP/2
dev-mxsldhhd29929.pantheonsite.io/eee/basic.js
IP
23.185.0.3:443
ASN
#54113 FASTLY

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subjectpantheonsite.io
FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59
ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65277), with CRLF line terminators
Size
964 kB (964211 bytes)
Hash
12d49ebcb82d93f53139ca853324d3ac
45a7d28024385fa0de947f5bc910528a3853fbf1
f6490ab8ccbfa2735482e1a8ef17830b1378a04aaf3f9aa57940d103d0bf7206

HTTP Headers

GET /eee/basic.js HTTP/1.1
Host: dev-mxsldhhd29929.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"66285cb3-eb673"
expires: Wed, 24 Apr 2024 02:02:28 GMT
last-modified: Wed, 24 Apr 2024 01:13:23 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3-a-846f85c954-rsmqk
x-styx-req-id: b44b8b7b-01de-11ef-9bcc-7618ff229b49
cache-control: no-cache, must-revalidate
date: Wed, 24 Apr 2024 02:02:29 GMT
x-served-by: cache-chi-klot8100052-CHI, cache-hel1410025-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713924149.036425,VS0,VE132
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

40 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32006)
Size
40 kB (40455 bytes)
Hash
0dfc7fa7d2051d776d5937b7a3a7c4dd
e0548931c28581b7f1975bf8c2d8b03b94591b87
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqzTmk9tlURU5VLNscpXL42vPGWLk85jfMIieFaCUTZHcDE9ecffJR-Bag1HFyz8NJbnVKihBs12g
date: Wed, 24 Apr 2024 02:02:29 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
x-goog-generation: 1687018979345736
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 40455
content-type: application/javascript
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

999 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type

Size
999 kB (999172 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPreDB87NoqVN3op817F1cQHtzdMNu-MxmzcZLUS1ukbIcDbazaaTt_7ERLfPY1LC8nOX8MRJDDmTg
date: Wed, 24 Apr 2024 02:02:29 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"e14121e1120a46de140ce3d55dbec5b2"
x-goog-generation: 1687018979791126
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 999172
content-type: application/javascript
x-goog-hash: crc32c=zA1O8g==, md5=4UEh4RIKRt4UDOPVXb7Fsg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560

34.120.154.120

200 OK

90 kB

URL GET HTTP/2
lpchat.americanexpress.com/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560
IP
34.120.154.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerDigiCert Inc
Subjectlpchat.americanexpress.com
FingerprintD4:B0:C1:84:8F:23:81:DD:20:EF:F7:0A:D4:B0:53:7B:C7:CA:4A:BE
ValiditySat, 27 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
90 kB (90535 bytes)
Hash
8f52a626981f930e71e87f22a5f0080d
4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

HTTP Headers

GET /le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560 HTTP/1.1
Host: lpchat.americanexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoqO5rHcA1loWrub1qBPp25I0CJQcTw_jryCqKIKc8ZkAlZ0nI_JNZaA6BfT3nGL0Fxd1mu3zOAmg
date: Wed, 24 Apr 2024 02:02:29 GMT
last-modified: Sat, 17 Jun 2023 16:22:59 GMT
etag: W/"8f52a626981f930e71e87f22a5f0080d"
x-goog-generation: 1687018979574643
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 90535
content-type: application/javascript
x-goog-hash: crc32c=D9Dodw==, md5=j1KmJpgfkw5x6H8ipfAIDQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
server: UploadServer
vary: Accept-Encoding
content-encoding: br
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/favicon.ico

0.0.0.0

0 B

URL GET
pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Certificate
IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0
ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pub-ed4efc55192b4752848d76099d49dbb1.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

cdaas.aexp.com/cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png

0.0.0.0

0 B

URL GET
cdaas.aexp.com/cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://pub-ed4efc55192b4752848d76099d49dbb1.r2.dev/index.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdaas/axp-app/modules/axp-identity-root/1.43.0/images/icon-192.png HTTP/1.1
Host: cdaas.aexp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML