www.bustamantedesign.com Open in urlscan Pro
71.6.165.217 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zip.net/bptHz4
Effective URL:
http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Submission: On March 28 via automatic, source phishtank (March 28th 2017, 6:57:17 pm UTC)

Summary HTTP 49 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 49 HTTP transactions. The main IP is 71.6.165.217, located in San Diego, United States and belongs to CARINET - CariNet, Inc., US. The main domain is www.bustamantedesign.com.

This is the only time www.bustamantedesign.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2	71.6.165.217 71.6.165.217	10439 (CARINET) (CARINET - CariNet)
1	103.6.204.204 103.6.204.204	58503 (PUSATMEDI...) (PUSATMEDIA-AS-ID PT Pusat Media Indonesia)
14	199.200.26.160 199.200.26.160	18434 (FNIS) (FNIS - Fidelity National Information Services)
1	52.45.218.74 52.45.218.74	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
19	104.111.216.26 104.111.216.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.194.102.209 34.194.102.209	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	52.48.142.133 52.48.142.133	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.199.234.246 34.199.234.246	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	66.235.148.132 66.235.148.132	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
49	10

2 71.6.165.217 (San Diego, United States)

ASN10439 (CARINET - CariNet, Inc., US)
PTR: host.fatuch.com

www.bustamantedesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.6.204.204 (Bogor, Indonesia)

ASN58503 (PUSATMEDIA-AS-ID PT Pusat Media Indonesia, ID)
PTR: indo6.koneksiaman.net

paytren99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 199.200.26.160 (Chicago, United States)

ASN18434 (FNIS - Fidelity National Information Services, Inc., US)

personalsavings.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.218.74 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-218-74.compute-1.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.111.216.26 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-216-26.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.194.102.209 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-102-209.compute-1.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.142.133 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-142-133.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.234.246 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-234-246.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.235.148.132 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d2.sc.omtrdc.net

omn.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	aexp-static.com www.aexp-static.com	145 KB
16	americanexpress.com personalsavings.americanexpress.com omn.americanexpress.com	106 KB
7	ensighten.com nexus.ensighten.com	44 KB
2	demdex.net dpm.demdex.net	2 KB
2	bustamantedesign.com www.bustamantedesign.com	344 B
1	betrad.com l.betrad.com
1	paytren99.com paytren99.com Failed	14 KB
49	7

	Domain	Requested by
19	www.aexp-static.com	paytren99.com nexus.ensighten.com www.aexp-static.com
14	personalsavings.americanexpress.com	paytren99.com
7	nexus.ensighten.com	paytren99.com www.bustamantedesign.com nexus.ensighten.com www.aexp-static.com
2	omn.americanexpress.com	www.aexp-static.com www.bustamantedesign.com
2	dpm.demdex.net	paytren99.com www.aexp-static.com
2	www.bustamantedesign.com
1	l.betrad.com	www.bustamantedesign.com
1	paytren99.com
49	8

This site contains links to these domains. Also see Links.

Domain
www.americanexpress.com
online.americanexpress.com
www209.americanexpress.com
www347.americanexpress.com
personalsavings.americanexpress.com
rewards.americanexpress.com
www295.americanexpress.com
www.bluebird.com
www262.americanexpress.com
business.americanexpress.com
travel.americanexpress.com
travelspecialists.americanexpress.com
travelinsiders.americanexpress.com
www.amexglobalbusinesstravel.com
www.amextravelresources.com
www.amexevents.com
ad.doubleclick.net
network.americanexpress.com
info.evidon.com
search.americanexpress.com

Subject Issuer	Validity	Valid
personalsavings.americanexpress.com Verizon Public SureServer CA G14-SHA2	`2015-07-02` - `2017-07-02`	2 years	crt.sh
nexus.ensighten.com Symantec Class 3 Secure Server SHA256 SSL CA	`2014-10-27` - `2018-01-13`	3 years	crt.sh
americanexpress.com GeoTrust SSL CA - G3	`2016-08-10` - `2017-08-07`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2014-06-23` - `2017-06-24`	3 years	crt.sh

This page contains 2 frames:

Frame: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Frame ID: 4202.1
Requests: 3 HTTP requests in this frame

Frame: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Frame ID: 4212.1
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

49
Requests

71 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

10
IPs

4
Countries

312 kB
Transfer

1124 kB
Size

3
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: https://www.americanexpress.com/?fs=y&inav=iNMblLogo

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/?inav=NavLogo

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/acctmgmt/us/myaccountsummary.do?request_type=authreg_acctAccountSummary&sorted_index=0&inav=menu_myacct_acctsum
Title: Account Home

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/estmt/us/list.do?request_type=authreg_Statement&BPIndex=0&sorted_index=0&Face=en_US&inav=menu_myacct_viewstmt
Title: Statements & Activity

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/accountprofile/us/view.do?request_type=authreg_home&source=inav&sorted_index=0&inav=menu_myacct_profile_preference
Title: Profile

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/credit-cards/benefits/view-all/?inav=menu_myacct_cardbenefits
Title: Card Benefits

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/acctmgmt/us/myaccountsummary.do?request_type=authreg_acctAccountSummary&sorted_index=0&inav=menu_myacct_smallbusiness
Title: OPEN Small Business

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/services/en_US/pages/home?inav=menu_myacct_merchantsolutions
Title: Merchant Home

Search URL Search Domain Scan URL

URL: https://www347.americanexpress.com/ATWORK/en_US/atwork.do?pageAction=initialize&inav=menu_myacct_atwork
Title: American Express @ Work

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/index.html?inav=menu_myacct_personalsavings
Title: Savings Accounts and CDs

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/us/rewards/mracctmgmt/acctsumm?request_type=authreg_mr&Face=en_US&inav=menu_myacct_mrpointsum
Title: Membership Rewards® Point Summary

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/mobl/us/redeem/Landing.do?inav=menu_myacct_mrpointsum_mob
Title: Membership Rewards® Point Summary

Search URL Search Domain Scan URL

URL: https://www295.americanexpress.com/premium/credit-report-monitoring/home.do?SC=TJN&BC=0001&PC=0001&inav=menu_myacct_creditsecure
Title: Credit Secure

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/?solid=iNavMyAccountbb&inav=menu_myacct_bluebird&intlink=us-amex-prepaid-bluebird-inav_menu_myacct&inav=menu_myacct_bluebird
Title: Bluebird Alternative to Banking

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/foreign-exchange/transfer-money/business/?src=Online&extlink=US-fxip-Payments&digi=onl_lin_nav&inav=menu_myacct_interpay
Title: International Payments for Businesses

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/credit-cards/?entryEEP=true&inav=menu_cards_pc_chargecreditcard
Title: Learn about Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/credit-cards/tools?entryEEP=true&inav=menu_cards_pc_choosecard#!for-your-lifestyle
Title: Choose a Card With Our Help

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/credit-cards/compare/?entryEEP=true&inav=menu_cards_pc_viewallcards
Title: View all Personal Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www262.americanexpress.com/mobile/credit-card/?entryEEP=true&inav=menu_cards_chargecreditcard_mob
Title: Learn about Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www262.americanexpress.com/mobile/credit-card/quiz/?entryEEP=true&inav=menu_cards_choosecard_mob
Title: Choose a Card With Our Help

Search URL Search Domain Scan URL

URL: https://www262.americanexpress.com/mobile/credit-card/compare/?entryEEP=true&inav=menu_cards_viewallcards_mob
Title: View all Personal Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/credit-cards/?inav=menu_cards_sbc_chargecreditcard
Title: Small Business Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/credit-cards/top-credit-cards/?inav=menu_cards_sbc_comparecards
Title: Compare Cards by Benefits

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/credit-cards/see-all-business-credit-cards/?inav=menu_cards_sbc_viewallcards
Title: View All Small Business Cards

Search URL Search Domain Scan URL

URL: https://business.americanexpress.com/us?inav=menu_cards_cs_cardprograms
Title: Corporate Cards

Search URL Search Domain Scan URL

URL: https://business.americanexpress.com/us/compare-our-cards?inav=menu_cards_cs_comparecorpcards
Title: Compare Corporate Cards

Search URL Search Domain Scan URL

URL: https://business.americanexpress.com/us/business-solution-finder?inav=menu_cards_cs_viewallcards
Title: Find a Custom Corporate Solution

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/prepaid/reloadable-cards.html?vgnextchannel=95ddb81e8482a110VgnVCM100000defaad94RCRD&appInstanceName=default&name=reloadablehome&type=intbenefitdetail&inav=menu_cards_reloadablecards
Title: Reloadable Prepaid Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/gift-cards/?inav=menu_cards_giftcards
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/gift-cards/?inav=menu_cards_giftcards_mob
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/prepaid/view-all-cards.html?inav=menu_cards_view_all_cards
Title: View All Prepaid & Gift Cards

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com/home?inav=menu_travel_book
Title: Book A Trip

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com/hotel?inav=menu_travel_book_hotels
Title: Book Hotels

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com/flight?inav=menu_travel_book_flights
Title: Book Flights, Cars, Cruises, Vacations

Search URL Search Domain Scan URL

URL: https://travel.americanexpress.com/travel/finehotelsandresorts?inav=menu_travel_fhr
Title: Fine Hotels & Resorts

Search URL Search Domain Scan URL

URL: http://travelspecialists.americanexpress.com/?inav=menu_travel_findspecialist2_gem
Title: Benefits of a Travel Specialist

Search URL Search Domain Scan URL

URL: http://travelinsiders.americanexpress.com/?inav=menu_travel_finddestination
Title: Find a Destination Expert

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/astrology/index.html?inav=menu_travel_orderForeignCurrency
Title: Order Foreign Currency

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/?inav=menu_business_corptravel
Title: Corporate Travel Solutions

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/foreign-exchange/?src=Online&extlink=US-fxip-Payments&digi=onl_lin_nav&inav=menu_business_fxserv
Title: Foreign Exchange Services

Search URL Search Domain Scan URL

URL: https://www295.americanexpress.com/premium/credit-card-travel-insurance/home.do?inav=menu_travel_protection
Title: Travel Insurance

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/prepaid/travelers-cheques.html?inav=menu_travel_cheques
Title: Travelers Cheques

Search URL Search Domain Scan URL

URL: http://www.amextravelresources.com/?us_nu=dd&inav=menu_travel_findoffice
Title: Find a Travel Service Office

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/card-benefits/global-assist-hotline.html?vgnextchannel=3c830da9846dd010VgnVCM10000084b3ad94RCRD&name=globalassist_allccsg_shareddetails&type=intBenefitDetail&inav=menu_travel_globalassist
Title: Global Assist Hotline

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/us/catalog/mrhome.do?inav=menu_rewards_mrhome
Title: Membership Rewards® Home

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/mobl/us/redeem/Landing.do?inav=menu_rewards_mrhome_mob
Title: Membership Rewards® Home

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/us/catalog/mrhome.do?inav=menu_rewards_usepoints
Title: Use Points

Search URL Search Domain Scan URL

URL: https://rewards.americanexpress.com/myca/loyalty/us/rewards/mracctmgmt/acctsumm?request_type=authreg_mr&Face=en_US&inav=menu_rewards_pointsummary
Title: Point Summary

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/credit-cards/benefits/view-all/?inav=ExploreYourCardsRewardsProgram
Title: Explore Your Cards Rewards Program

Search URL Search Domain Scan URL

URL: https://www295.americanexpress.com/entertainmentaccess/home.do?inav=menu_rewards_entertainment
Title: Entertainment and Events

Search URL Search Domain Scan URL

URL: http://www.amexevents.com/?sourcePage=amexmobile&inav=menu_rewards_entertainment_mob
Title: Entertainment and Events

Search URL Search Domain Scan URL

URL: https://www262.americanexpress.com/business-card-application/mgm/200002-CCSG?inav=menu_rewards_referafriend
Title: Refer a Friend

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/?inav=menu_business_smallbusinesshome
Title: Small Business Home

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/credit-cards/see-all-business-credit-cards/?inav=business_opensmallbusiness_ajviewallcards
Title: Small Business Charge & Credit Cards

Search URL Search Domain Scan URL

URL: https://www262.americanexpress.com/business-card-application/supplementary/generic/apply/0-9-0?intlink=us-OPEN-navsupps&inav=menu_business_orderemployeecards
Title: Order Employee Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/small-business/openforum/explore/?inav=menu_business_openforum
Title: OPEN Forum

Search URL Search Domain Scan URL

URL: https://business.americanexpress.com/us?inav=menu_business_corpcardprogram
Title: Corporate Cards

Search URL Search Domain Scan URL

URL: https://business.americanexpress.com/us/supplier-payments?inav=menu_business_supplierpayments
Title: Supplier Payment Solutions

Search URL Search Domain Scan URL

URL: https://www.amexglobalbusinesstravel.com/meetings-and-events?inav=menu_business_meetingsevents
Title: Meetings and Events

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/foreign-exchange/transfer-money/business/?src=Online&extlink=US-fxip-Payments&digi=onl_lin_nav&inav=menu_business_corpfx
Title: International Payments for Businesses

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/services/en_US/pages/home?inav=menu_business_merchhome
Title: Merchant Home

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/services/en_US/payment?inav=menu_business_solutionfinder
Title: Find Payment Solutions

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/merchant/support-services.html?inav=menu_business_merchsupport
Title: Get Support

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/services/en_US/accept-credit-cards?inav=menu_business_merchgetaccount
Title: Get a Merchant Account

Search URL Search Domain Scan URL

URL: http://ad.doubleclick.net/clk;282650642;109401302;q;pc=[TPAS_ID]?https://merchantfinancing.americanexpress.com/merchantfinancing/index.htm?intlink=db-&inav=menu_business_merch_financing
Title: Get Financing for Your Business

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/en/globalnetwork/default/?ref=prop&inav=menu_business_Issuers_Acquirers
Title: Issuers and Acquirers

Search URL Search Domain Scan URL

URL: https://network.americanexpress.com/en/globalnetwork/default/?ref=prop&inav=menu_business_Providers_Developer
Title: Providers and Developers

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/change-country/?inav=iNavUtilChangeCountry
Title: (Change Country)

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/logon/us/action/LogonHandler?request_type=LogonHandler&Face=en_US&inav=iNavLnkLog
Title: Log In

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/mobl/us/static.do?page=un_help&content=Faq&inav=iNUtlFaq
Title: Site FAQ

Search URL Search Domain Scan URL

URL: https://online.americanexpress.com/myca/mobl/us/static.do?page=un_help&content=CntUs&inav=iNUtlContact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/change-country/?inav=iNUtlChCountry
Title: Change Country

Search URL Search Domain Scan URL

URL: https://personalsavings.americanexpress.com/deposit_terms
Title: <link media="all" type="text/css" href="https://www.aexp-static.com/nav/ngn/css/inav_responsive.css" rel="stylesheet" />

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/legal-disclosures/website-rules-and-regulations.html?inav=footer_Terms_of_Use
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/legal-disclosures/privacy-center.html?inav=footer_privacy_statement
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/1328?v=1&nt=1&nw=true&inav=footer_adChoices
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/cardmember-agreements/all-us.html?inav=footer_card_agreements
Title: Card Agreements

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/fraud-protection-center/home.html?inav=footer_fraud_protection_center
Title: Security Center

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/financial-education/?inav=footer_credit_basics
Title: Financial Education

Search URL Search Domain Scan URL

URL: https://search.americanexpress.com/app/answers/display/a_id/3050?intlink=US:Amex:NewSiteSearch:RecomLink1&intlink=smc_SCRAdispute&inav=footer_servicemember_benefits
Title: Servicemember Benefits

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 25

http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields

Request 41

http://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js

Request 42

http://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Logging.php Show response
www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/
Redirect Chain

http://zip.net/bptHz4
http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php

337 B
344 B

346ms
184ms

Document
text/html

71.6.165.217
CariNet

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Protocol: HTTP/1.1
Server: 71.6.165.217 San Diego, United States, ASN10439 (CARINET - CariNet, Inc., US),
Reverse DNS: host.fatuch.com
Software: Apache /
Resource Hash: 5fec5da5eb8c41b481e8dcf4ce1ff740715b1d8336ba0581f75b848a062e4483

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bustamantedesign.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:06 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Set-cookie: UOL_VIS=A|148.251.45.170|1490727426.374778|; domain=.uol.com.br; path=/; expires=Wed, 29-Mar-2017 06:00:00 GMT
Date: Tue, 28 Mar 2017 18:57:06 GMT
Server: Jetty-Tube(1.0.1)
Connection: close
Content-Length: 0
Content-Type: text/plain

GET index.htm
paytren99.com/admin/arboweb/examples/css/Amex16/ 0
0

GET
H/1.1 200
OK favicon.ico
www.bustamantedesign.com/ 0
0 337ms
182ms Other
image/vnd.microsoft.icon 71.6.165.217
CariNet

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bustamantedesign.com/favicon.ico
Protocol: HTTP/1.1
Server: 71.6.165.217 San Diego, United States, ASN10439 (CARINET - CariNet, Inc., US),
Reverse DNS: host.fatuch.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bustamantedesign.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:07 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: image/vnd.microsoft.icon

GET
H/1.1 200
OK index.htm Show response
paytren99.com/admin/arboweb/examples/css/Amex16/ Frame 4212 65 KB
14 KB 421ms
212ms Document
text/html 103.6.204.204
PUSATMEDIA-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol: HTTP/1.1
Server: 103.6.204.204 Bogor, Indonesia, ASN58503 (PUSATMEDIA-AS-ID PT Pusat Media Indonesia, ID),
Reverse DNS: indo6.koneksiaman.net
Software: nginx /
Resource Hash: b2625f4c2f87677b29624a2ff643d7f4e9e702939875dabab26ebd29bbc01d28

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: paytren99.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2017 23:20:04 GMT
Server: nginx
ETag: W/"58af6e24-10390"
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 27 Apr 2017 18:57:29 GMT

GET
H/1.1 200
OK styles-min.css
personalsavings.americanexpress.com/onlinebanking/resources/css/ Frame 4212 31 KB
7 KB 635ms
142ms Stylesheet
text/css 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

3895984745f8cd072430d6eb748e9cb4ccdef54a5a589df225a6cb34ccd81941

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:48:14 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7034
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK jquery-ui-1.11.2.min.css
personalsavings.americanexpress.com/onlinebanking/resources/css/ Frame 4212 8 KB
2 KB 644ms
150ms Stylesheet
text/css 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/css/jquery-ui-1.11.2.min.css

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

b8169f1a09a5d65f61900eb3de25dacc0426c27f3f427b4cc7acf54ef2986959

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1966
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK divTable.css
personalsavings.americanexpress.com/onlinebanking/resources/css/ Frame 4212 2 KB
726 B 640ms
140ms Stylesheet
text/css 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/css/divTable.css

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

7dc98328821868b7de11154ab41f4fca3000e41b27b5d5c490e196aeed189f52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 726
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK utilities-min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 10 KB
3 KB 657ms
145ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/utilities-min.js?v=2

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

522099404936f47e9792d74f5565544f7b254b00fb6799733df3b5499e73435f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:48:14 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 3385
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK jquery-min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 93 KB
33 KB 666ms
155ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery-min.js?v=1

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 33616
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK jquery-ui-1.11.2.min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 167 KB
46 KB 671ms
154ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery-ui-1.11.2.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

d6ea9bc37e96dcdc269c64aa2b331b57b1a456e77c0b9477a04ea8e2e2420bbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 46786
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK jquery.tablesorter.min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 16 KB
5 KB 772ms
137ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery.tablesorter.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

4036bac2129f25400aa9cce9660eb94e3f0acb805535f63a7f5f284d1ae45342

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4846
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK respond.matchmedia.addListener.min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 5 KB
2 KB 776ms
140ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/respond.matchmedia.addListener.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

e495af9b887f132aa45639f252e55aa74f46096ec7bc08b0323f8065b122dfdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2458
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK respond.min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 4 KB
2 KB 791ms
147ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/respond.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2216
Expires: Fri, 12 May 2017 20:57:08 GMT

GET
H/1.1 200
OK Cookie set profile.js Show response
personalsavings.americanexpress.com/application/js/nao/ Frame 4212 4 KB
1 KB 820ms
164ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/application/js/nao/profile.js?v=2

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

d91d188865062d0d5ba994f3ec3c8bb00adaf961ebe1443599915b1963ffb71f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Thu, 09 Feb 2017 17:25:30 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Set-Cookie: JSESSIONID=AFCB5804B515DB23EE3B182B3FAA6860; Path=/application/; Secure; HttpOnly
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1415

GET
H/1.1 200
OK Bootstrap.js Show response
nexus.ensighten.com/amex/amexhead/ Frame 4212 66 KB
16 KB 495ms
196ms Script
application/javascript 52.45.218.74
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Requested by: Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.218.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-45-218-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0a62c8a93e48926e06ddacb27bbc39b3f3cfe0bf794c80cd21e0a3a2c54b7d63

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Mar 2017 20:51:37 GMT
Server: nginx
ETag: W/"58d2e3d9-107f6"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 inav_responsive.css
www.aexp-static.com/nav/ngn/css/ Frame 4212 83 KB
11 KB 23ms
7ms Stylesheet
text/css 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/nav/ngn/css/inav_responsive.css

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

23ba90c7f0819be51cc9fe45d223b310544beeed435849c87e10c30bc276fd68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/css/inav_responsive.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
last-modified: Mon, 27 Mar 2017 19:01:30 GMT
server: IBM_HTTP_Server
status: 200
date: Tue, 28 Mar 2017 18:57:07 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 11227

GET
H2 200 clear.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 43 B
61 B 10ms
9ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/clear.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/clear.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:23:00 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:07 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 logo_bluebox_1x.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 4 KB
4 KB 14ms
13ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/logo_bluebox_1x.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/logo_bluebox_1x.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:26:41 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:07 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4424

GET
H2 200 clear_3.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 43 B
61 B 16ms
15ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/clear_3.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/clear_3.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:23:25 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:07 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 clear_2.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 43 B
61 B 17ms
17ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/clear_2.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/clear_2.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:23:03 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:07 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 clear_4.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 43 B
61 B 18ms
18ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/clear_4.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/clear_4.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:23:25 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:07 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H/1.1 200
OK jquery.maskedinput.min.js Show response
personalsavings.americanexpress.com/onlinebanking/resources/js/ Frame 4212 3 KB
2 KB 145ms
145ms Script
application/javascript 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery.maskedinput.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:58 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1655
Expires: Fri, 12 May 2017 20:57:09 GMT

GET
H/1.1 200
OK tooltip-on.gif
personalsavings.americanexpress.com/application/images/rwd/ Frame 4212 2 KB
2 KB 159ms
158ms Image
image/gif 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://personalsavings.americanexpress.com/application/images/rwd/tooltip-on.gif

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

ce2b43cba012bef8fd271f2b72275dcf121316346592feb2587faf1b0d403674

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie: JSESSIONID=AFCB5804B515DB23EE3B182B3FAA6860
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
www-authenticate: Basic
Last-Modified: Thu, 09 Feb 2017 17:25:26 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 1670
Keep-Alive: timeout=15, max=99
Expires: Fri, 12 May 2017 20:57:09 GMT

GET
H2 200 visitorAPI-NonAAM.js Show response
www.aexp-static.com/api/axpi/omniture/ Frame 4212 16 KB
7 KB 21ms
20ms Script
application/x-javascript 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/amexhead/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/omniture/visitorAPI-NonAAM.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:08 GMT
status: 200
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 6865

GET
H/1.1 204
No Content e.gif
nexus.ensighten.com/error/ Frame 4212 0
0 195ms
97ms Image
text/plain 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nexus.ensighten.com/error/e.gif?msg=Dependency%20with%20id%20214006is%20missing&lnn=-1&fn=&cid=218&client=amex&publishPath=amexhead&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by: Host: www.bustamantedesign.com
URL: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Cache-Control: no-cache no-store
Server: nginx
Connection: keep-alive
Expires: Tue, 28 Mar 2017 18:57:07 GMT

GET
H/1.1 200
OK serverComponent.php Show response
nexus.ensighten.com/amex/amexhead/ Frame 4212 171 B
149 B 199ms
100ms Script
text/javascript 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/amex/amexhead/serverComponent.php?r=7876784327.683289&ClientID=218&PageID=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2FAmex16%2Findex.htm
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 0ea8c0606c3af7a0d713370a1c02f44fd2b7c9805bf7bccdec7647d6623de983

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache no-store
Connection: keep-alive
Content-Length: 149
Expires: Tue, 28 Mar 2017 18:57:07 GMT

GET
H/1.1

200
OK

Cookie set rd Show response
dpm.demdex.net/id/ Frame 4212
Redirect Chain

http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields

4 KB
1 KB

34ms
34ms

Script
application/javascript

52.48.142.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Requested by: Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol: HTTP/1.1
Server: 52.48.142.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-142-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1c9030fd17d57d110bd780af10a98e30820bd35df03142071eae37a5828370e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: dpm.demdex.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie: demdex=21667640954775983163049958059647246612
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

DCS: irl1-prod-dcs-efb97a2f.edge-irl1.demdex.com master-5.7.0.20170307.213704 3ms
Pragma: no-cache
Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie: demdex=21667640954775983163049958059647246612;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 18:57:08 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1222
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2017 18:57:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Set-Cookie: demdex=21667640954775983163049958059647246612;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 18:57:08 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H2 200 iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 23 KB
23 KB 7ms
7ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:26:29 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:08 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 23367

GET
H/1.1 200
OK bottom_shadow.png
personalsavings.americanexpress.com/onlinebanking/images/custom/ Frame 4212 176 B
176 B 148ms
147ms Image
image/png 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://personalsavings.americanexpress.com/onlinebanking/images/custom/bottom_shadow.png

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

9469c7f0a4744d9cf262b6ee2eedc021042cd0bd00fc27df1f9ad458c909a34b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19
Connection: keep-alive
Cache-Control: no-cache
Referer: https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
www-authenticate: Basic
Last-Modified: Fri, 03 Mar 2017 21:47:52 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=3895200
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 176
Keep-Alive: timeout=15, max=98
Expires: Fri, 12 May 2017 20:57:09 GMT

GET
H2 200 img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ Frame 4212 143 B
161 B 7ms
6ms Image
image/png 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/img_shdw_mainNav.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:24:34 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:08 GMT
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 143

GET
H2 200 commonFunctionsResponsive.js Show response
www.aexp-static.com/nav/ngn/js/ Frame 4212 58 KB
15 KB 7ms
7ms Script
application/x-javascript 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

ad7a1acb9f8b763ff3c32f14a8ab80887dc109b81cf9cccef21cb02406bbb5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/js/commonFunctionsResponsive.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
last-modified: Sat, 25 Mar 2017 22:01:46 GMT
server: IBM_HTTP_Server
status: 200
date: Tue, 28 Mar 2017 18:57:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 14909

GET
H2 200 iNav_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/ Frame 4212 5 KB
5 KB 9ms
8ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/nav/ngn/img/iNav_sprite_footer.gif?ver=0916_02

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /nav/ngn/img/iNav_sprite_footer.gif?ver=0916_02
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Thu, 02 Mar 2017 09:26:31 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:08 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 5012

GET
H/1.1 200
OK Bootstrap.js Show response
nexus.ensighten.com/amex/ Frame 4212 51 KB
15 KB 183ms
101ms Script
application/javascript 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2080c719c57f43fbc1567f6d090c85ef1c1af55d1c895569cd091c25f5cbdce9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Mar 2017 13:04:55 GMT
Server: nginx
ETag: W/"58da5f77-cc8b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 pes_basic.js Show response
www.aexp-static.com/api/axpi/pzn/js/ Frame 4212 9 KB
3 KB 52ms
51ms Script
application/x-javascript 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/pzn/js/pes_basic.js

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

ae62f3451e7ab5a88ce0e2d7b3ebae46b1601ab452aa5f730b2c092aee5a8e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/pzn/js/pes_basic.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:08 GMT
status: 200
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 3098

GET
H2 204 p.gif
l.betrad.com/pub/ Frame 4212 0
0 302ms
100ms Image
text/plain 34.199.234.246
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/pub/p.gif?pid=1328&ocid=1332&ii=1&mb=0&r=0.5006945949493982
Requested by: Host: www.bustamantedesign.com
URL: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.234.246 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-234-246.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /pub/p.gif?pid=1328&ocid=1332&ii=1&mb=0&r=0.5006945949493982
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: l.betrad.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

status: 204
date: Tue, 28 Mar 2017 18:57:08 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express

GET
H/1.1 200
OK Cookie set id Show response
omn.americanexpress.com/ Frame 4212 155 B
155 B 42ms
21ms Script
application/x-javascript 66.235.148.132
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://omn.americanexpress.com/id?d_visid_ver=1.5.2&callback=s_c_il%5B0%5D._setAnalyticsFields&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=21868993869244694763034064554141771164
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js
Protocol: HTTP/1.1
Server: 66.235.148.132 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.d2.sc.omtrdc.net
Software: Omniture DC/2.0.0 /
Resource Hash: b562db26951e89143eef531ea7cf22aa9d16631f830a434650ab789c1ad38ada

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: omn.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:08 GMT
Server: Omniture DC/2.0.0
xserver: www168
Vary: Origin
X-C: ms-5.1.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Set-Cookie: s_vi=[CS]v1|2C6D590205310167-400001150000314E[CE]; Expires=Thu, 28 Mar 2019 18:57:08 GMT; Domain=americanexpress.com; Path=/
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15
Content-Length: 155

GET
H/1.1 200
OK Cookie set id Show response
dpm.demdex.net/ Frame 4212 4 KB
1 KB 37ms
37ms Script
application/javascript 52.48.142.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=21868993869244694763034064554141771164&d_blob=NRX38WO0n5BH8Th-nqAG_A&d_cid_ic=AVID%012C6D590205310167-400001150000314E&d_cb=s_c_il%5B0%5D._setAudienceManagerFields
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js
Protocol: HTTP/1.1
Server: 52.48.142.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-142-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8b16507bb9d98e6aff678e63c21089d03e8a3f9262361d892e5fdbe0712b1668

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: dpm.demdex.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie: demdex=21667640954775983163049958059647246612
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

DCS: irl1-prod-dcs-b8bb7878.edge-irl1.demdex.com master-5.7.0.20170307.213704 6ms
Pragma: no-cache
Date: Tue, 28 Mar 2017 18:57:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie: demdex=21667640954775983163049958059647246612;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 18:57:08 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1217
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 200
OK serverComponent.php Show response
nexus.ensighten.com/amex/ Frame 4212 478 B
297 B 1202ms
1201ms Script
text/javascript 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/amex/serverComponent.php?clientID=218&PageID=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2FAmex16%2Findex.htm%3FensMarket%3DUS%26ens_env%3D3%26deviceType%3Dlarge
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: df2c7294766ad94e055ced4dab567dbdce7599f484d166369831567f9d534fbc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache no-store
Connection: keep-alive
Content-Length: 297
Expires: Tue, 28 Mar 2017 18:57:08 GMT

GET
H/1.1 200
OK e24ecbbd3403d12d1a751560191260bd.js Show response
nexus.ensighten.com/amex/prod/code/ Frame 4212 69 KB
10 KB 99ms
98ms Script
application/javascript 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9095a39105312ec67d7a49da829908ac90870bc487b19cd8e47ea062bc34e1d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Mar 2017 05:14:42 GMT
Server: nginx
ETag: W/"58c77c42-11420"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 4bf1d44a92bca8ee5eb4b76c3be12c24.js Show response
nexus.ensighten.com/amex/prod/code/ Frame 4212 25 KB
3 KB 100ms
100ms Script
application/javascript 34.194.102.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/amex/prod/code/4bf1d44a92bca8ee5eb4b76c3be12c24.js?conditionId0=181208
Requested by: Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol: HTTP/1.1
Server: 34.194.102.209 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-102-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 98b82cf8847082222809114376d825cfc5b819cdc7eb3e7f2c5e0be306a12196

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nexus.ensighten.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Nov 2016 06:57:38 GMT
Server: nginx
ETag: W/"582d54e2-6599"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 3270

GET
H2 200 aaLauncher.css
www.aexp-static.com/api/axpi/ioa/launcher/ Frame 4212 142 KB
20 KB 11ms
10ms Stylesheet
text/css 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0

Requested by

Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

1ed68a2985a2a3311bf1f07960f46d5825eb79282112a8f1d40a5046c67618f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:10 GMT
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
timing-allow-origin: *
content-length: 20421

GET
H2 200 aaLauncher.js Show response
www.aexp-static.com/api/axpi/ioa/launcher/ Frame 4212 41 KB
9 KB 16ms
16ms Script
application/x-javascript 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.js?vr=78.0

Requested by

Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

40cad31d0f93a3bc9d0a55e0962e75b9ad679e0c184f7ec280447870ccc7e4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/ioa/launcher/aaLauncher.js?vr=78.0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:10 GMT
status: 200
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9351

GET
H2

200

s_code_global_context.js Show response
www.aexp-static.com/api/axpi/omniture/ Frame 4212
Redirect Chain

http://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js

84 KB
29 KB

17ms
17ms

Script
application/x-javascript

104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

de6862b73a858760513cd401f8149a682ebe108acd4340294d247ce1ad5ba2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/omniture/s_code_global_context.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:10 GMT
status: 200
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 29271

Redirect headers

Location: https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Non-Authoritative-Reason: HSTS

GET
H2

200

pzncs.min.js Show response
www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/ Frame 4212
Redirect Chain

http://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js

9 KB
3 KB

14ms
14ms

Script
application/x-javascript

104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js

Requested by

Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

6d77af00ba6f28f990b84014477ff8f2bc109489a64d9a4c98f742030efa4458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.aexp-static.com
referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme: https
:method: GET
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:10 GMT
status: 200
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 3044

Redirect headers

Location: https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
Non-Authoritative-Reason: HSTS

GET
H2 200 spr-online-assist2-gif-smcompressed.png
www.aexp-static.com/api/axpi/ioa/img/ Frame 4212 16 KB
16 KB 10ms
10ms Image
image/png 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aexp-static.com/api/axpi/ioa/img/spr-online-assist2-gif-smcompressed.png?vr=2.0

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-111-216-26.deploy.static.akamaitechnologies.com

Software

IBM_HTTP_Server /

Resource Hash

2721848dfc787df4b37a9365d0a9c77e9966c7e7465e0b178a887f2928eb2dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;

Request headers

:path: /api/axpi/ioa/img/spr-online-assist2-gif-smcompressed.png?vr=2.0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
last-modified: Wed, 13 Aug 2014 09:00:47 GMT
server: IBM_HTTP_Server
date: Tue, 28 Mar 2017 18:57:10 GMT
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 15986

GET
H2 200 img-search-big-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/ Frame 4212 252 B
270 B 14ms
13ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/api/axpi/ioa/img/img-search-big-rptr.gif
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-216-26.deploy.static.akamaitechnologies.com
Software: IBM_HTTP_Server /
Resource Hash: 1bd4bae68103ace527841f2750c5ea853e6d678c7c17582523f613bad9ae75b5

Request headers

:path: /api/axpi/ioa/img/img-search-big-rptr.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date: Tue, 28 Mar 2017 18:57:10 GMT
last-modified: Fri, 12 Oct 2012 04:14:09 GMT
server: IBM_HTTP_Server
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 252

GET
H2 200 img-search-sm-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/ Frame 4212 204 B
222 B 16ms
16ms Image
image/gif 104.111.216.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/api/axpi/ioa/img/img-search-sm-rptr.gif
Requested by: Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-216-26.deploy.static.akamaitechnologies.com
Software: IBM_HTTP_Server /
Resource Hash: 62a0ceaaa490ceceeff12c2d7a98fc2c44559638807f6fdab4a72f4c21f28632

Request headers

:path: /api/axpi/ioa/img/img-search-sm-rptr.gif
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.aexp-static.com
referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme: https
:method: GET
Referer: https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date: Tue, 28 Mar 2017 18:57:10 GMT
last-modified: Fri, 12 Oct 2012 04:14:09 GMT
server: IBM_HTTP_Server
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 204

GET
H/1.1 200
OK s06571615337358
omn.americanexpress.com/b/ss/amexpressprod/1/JS-1.8.0/ Frame 4212 43 B
43 B 24ms
24ms Image
image/gif 66.235.148.132
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://omn.americanexpress.com/b/ss/amexpressprod/1/JS-1.8.0/s06571615337358?AQB=1&ndh=1&pf=1&t=28%2F2%2F2017%2018%3A57%3A10%202%200&mid=21868993869244694763034064554141771164&aid=2C6D590205310167-400001150000314E&aamlh=6&ce=UTF-8&ns=1americanexpress&pageName=paytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2Famex16%2Findex.htm&g=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2Famex16%2Findex.htm&r=http%3A%2F%2Fwww.bustamantedesign.com%2Ftcc%2Farquivos%2Fmobile%2Flibs%2Fxajax%2Fxajax_js%2FLogging.php&c.&omn.&visitorCheck=VisitorAPI%20Present&itagexists=no&gvs=1&etwidth=1583&etheight=1132&etratio=0.7150979153506001&etorientation=landscape&.omn&.c&cc=USD&server=paytren99.com&v0=r%7CUS%3Abustamantedesign.com&events=event45&aamb=NRX38WO0n5BH8Th-nqAG_A&c3=en&c4=US&v6=r%7CUS%3Abustamantedesign.com&v21=r%7CUS%3Abustamantedesign.com&v22=D%3Dgctrac&v27=US&c48=D%3Dgctrac&c49=ENS%20-%20Acq%20r19.0.0%20-%20AM%3A1.8.0%20-%20VISID%3A1.5.2%20-%20DIL%3ANA&v65=D%3Domnmycademo&c67=D%3Dmrcards&v67=D%3Dmrcards&v70=n%2Fa&v71=paytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2Famex16%2Findex.htm&v72=n%2Fa&c75=fb&v75=21868993869244694763034064554141771164&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1598&bh=1132&AQE=1
Requested by: Host: www.bustamantedesign.com
URL: http://www.bustamantedesign.com/tcc/arquivos/mobile/libs/xajax/xajax_js/Logging.php
Protocol: HTTP/1.1
Server: 66.235.148.132 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.d2.sc.omtrdc.net
Software: Omniture DC/2.0.0 /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: omn.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie: s_vi=[CS]v1|2C6D590205310167-400001150000314E[CE]
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:10 GMT
X-C: ms-5.1.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Connection: Keep-Alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Wed, 29 Mar 2017 18:57:10 GMT
Server: Omniture DC/2.0.0
xserver: www215
ETag: "58DAB206-4639-39D6253C"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Mon, 27 Mar 2017 18:57:10 GMT

GET
H/1.1 200
OK favicon.ico
personalsavings.americanexpress.com/application/img/page/ Frame 4212 894 B
721 B 146ms
145ms Other
image/x-icon 199.200.26.160
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://personalsavings.americanexpress.com/application/img/page/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

Software

Unknown /

Resource Hash

520e6de8485ee5539e3cf2ef8f03638c32ca4ff4ced65228c1a6d37d4a42e456

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: personalsavings.americanexpress.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie: JSESSIONID=AFCB5804B515DB23EE3B182B3FAA6860; s_vi=[CS]v1|2C6D590205310167-400001150000314E[CE]
Connection: keep-alive
Cache-Control: no-cache
Referer: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Tue, 28 Mar 2017 18:57:11 GMT
Content-Encoding: gzip
www-authenticate: Basic
Last-Modified: Thu, 09 Feb 2017 17:25:30 GMT
Server: Unknown
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 721

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paytren99.com/	2022-03-28 18:57:10	Name: s_pers Value: %20s_visit%3D1%7C1490729230080%3B%20gpv_v41%3Dpaytren99.com%252Fadmin%252Farboweb%252Fexamples%252Fcss%252Famex16%252Findex.htm%7C1490729230087%3B%20s_campStack%3D%255B%255B%2527r%25257CUS%25253Abustamantedesign.com%2527%252C%25271490727430091%2527%255D%255D%7C1648493830091%3B%20s_uvid%3D1490727430098123%7C1648407430097%3B%20s_vnum%3D1%7C1648407430098%3B%20s_invisit%3Dtrue%7C1490729230098%3B
paytren99.com/	2019-03-28 18:57:08	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 793872103%7CMCMID%7C21868993869244694763034064554141771164%7CMCAAMLH-1491332228%7C6%7CMCAAMB-1491332228%7CNRX38WO0n5BH8Th-nqAG_A%7CMCAID%7C2C6D590205310167-400001150000314E
.paytren99.com/	1970-01-01 00:00:00	Name: s_sess Value: %20tp%3D1264%3B%20s_dedupeCM%3Dr%257CUS%253Abustamantedesign.comr%257CUS%253Abustamantedesign.combustamantedesign.comn%252Fan%252Fa%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B%20s_ppv%3Dpaytren99.com%252Fadmin%252Farboweb%252Fexamples%252Fcss%252Famex16%252Findex.htm%252C90%252C90%252C1132%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
l.betrad.com
nexus.ensighten.com
omn.americanexpress.com
paytren99.com
personalsavings.americanexpress.com
www.aexp-static.com
www.bustamantedesign.com
paytren99.com
103.6.204.204
104.111.216.26
199.200.26.160
34.194.102.209
34.199.234.246
52.45.218.74
52.48.142.133
66.235.148.132
71.6.165.217
0a62c8a93e48926e06ddacb27bbc39b3f3cfe0bf794c80cd21e0a3a2c54b7d63
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
0ea8c0606c3af7a0d713370a1c02f44fd2b7c9805bf7bccdec7647d6623de983
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1bd4bae68103ace527841f2750c5ea853e6d678c7c17582523f613bad9ae75b5
1c9030fd17d57d110bd780af10a98e30820bd35df03142071eae37a5828370e7
1ed68a2985a2a3311bf1f07960f46d5825eb79282112a8f1d40a5046c67618f8
2080c719c57f43fbc1567f6d090c85ef1c1af55d1c895569cd091c25f5cbdce9
23ba90c7f0819be51cc9fe45d223b310544beeed435849c87e10c30bc276fd68
2721848dfc787df4b37a9365d0a9c77e9966c7e7465e0b178a887f2928eb2dff
3895984745f8cd072430d6eb748e9cb4ccdef54a5a589df225a6cb34ccd81941
4036bac2129f25400aa9cce9660eb94e3f0acb805535f63a7f5f284d1ae45342
40cad31d0f93a3bc9d0a55e0962e75b9ad679e0c184f7ec280447870ccc7e4d5
4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d
520e6de8485ee5539e3cf2ef8f03638c32ca4ff4ced65228c1a6d37d4a42e456
522099404936f47e9792d74f5565544f7b254b00fb6799733df3b5499e73435f
5fec5da5eb8c41b481e8dcf4ce1ff740715b1d8336ba0581f75b848a062e4483
62a0ceaaa490ceceeff12c2d7a98fc2c44559638807f6fdab4a72f4c21f28632
6d77af00ba6f28f990b84014477ff8f2bc109489a64d9a4c98f742030efa4458
7dc98328821868b7de11154ab41f4fca3000e41b27b5d5c490e196aeed189f52
82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba
8b16507bb9d98e6aff678e63c21089d03e8a3f9262361d892e5fdbe0712b1668
9095a39105312ec67d7a49da829908ac90870bc487b19cd8e47ea062bc34e1d5
9469c7f0a4744d9cf262b6ee2eedc021042cd0bd00fc27df1f9ad458c909a34b
98b82cf8847082222809114376d825cfc5b819cdc7eb3e7f2c5e0be306a12196
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad7a1acb9f8b763ff3c32f14a8ab80887dc109b81cf9cccef21cb02406bbb5fa
ae62f3451e7ab5a88ce0e2d7b3ebae46b1601ab452aa5f730b2c092aee5a8e88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2625f4c2f87677b29624a2ff643d7f4e9e702939875dabab26ebd29bbc01d28
b562db26951e89143eef531ea7cf22aa9d16631f830a434650ab789c1ad38ada
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
b8169f1a09a5d65f61900eb3de25dacc0426c27f3f427b4cc7acf54ef2986959
c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
ce2b43cba012bef8fd271f2b72275dcf121316346592feb2587faf1b0d403674
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d6ea9bc37e96dcdc269c64aa2b331b57b1a456e77c0b9477a04ea8e2e2420bbc
d91d188865062d0d5ba994f3ec3c8bb00adaf961ebe1443599915b1963ffb71f
de6862b73a858760513cd401f8149a682ebe108acd4340294d247ce1ad5ba2e9
df2c7294766ad94e055ced4dab567dbdce7599f484d166369831567f9d534fbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495af9b887f132aa45639f252e55aa74f46096ec7bc08b0323f8065b122dfdc

www.bustamantedesign.com Open in urlscan Pro 71.6.165.217 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

49 Requests

71 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

10 IPs

4 Countries

312 kBTransfer

1124 kBSize

3 Cookies

80 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bustamantedesign.com Open in urlscan Pro
71.6.165.217 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

71 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

10
IPs

4
Countries

312 kB
Transfer

1124 kB
Size

3
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!