www.gopaycards.com Open in urlscan Pro
170.135.184.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.mcdonaldspaycard.us/
Effective URL:
https://www.gopaycards.com/index.html
Submission: On February 28 via manual (February 28th 2020, 6:19:26 pm UTC) from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 38 HTTP transactions. The main IP is 170.135.184.113, located in United States and belongs to US-BANCORP, US. The main domain is www.gopaycards.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on February 27th 2020. Valid for: a year.

This is the only time www.gopaycards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	170.135.223.254 170.135.223.254	3147 (US-BANCORP) (US-BANCORP)
2 27	170.135.184.113 170.135.184.113	3147 (US-BANCORP) (US-BANCORP)
4	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1 4	63.33.112.209 63.33.112.209	16509 (AMAZON-02) (AMAZON-02)
2	15.188.105.205 15.188.105.205	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE)
1	52.18.60.121 52.18.60.121	16509 (AMAZON-02) (AMAZON-02)
38	7

1 170.135.223.254 (United States) 1 redirects

ASN3147 (US-BANCORP, US)
PTR: merchantcommanderonline.com

www.mcdonaldspaycard.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 170.135.184.113 (United States) 2 redirects

ASN3147 (US-BANCORP, US)
PTR: demo1.access.usbank.com

www.gopaycards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.33.112.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

smetrics.sdcvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.3 (United States)

ASN15224 (OMNITURE, US)

usbank.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.60.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-60-121.eu-west-1.compute.amazonaws.com

usbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	gopaycards.com 2 redirects www.gopaycards.com	569 KB
5	demdex.net 1 redirects dpm.demdex.net usbank.demdex.net	4 KB
4	ensighten.com nexus.ensighten.com	101 KB
2	sdcvisit.com smetrics.sdcvisit.com	3 KB
1	omtrdc.net usbank.tt.omtrdc.net	3 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	mcdonaldspaycard.us 1 redirects www.mcdonaldspaycard.us	115 B
38	7

	Domain	Requested by
27	www.gopaycards.com	2 redirects www.gopaycards.com
4	dpm.demdex.net	1 redirects www.gopaycards.com
4	nexus.ensighten.com	www.gopaycards.com nexus.ensighten.com
2	smetrics.sdcvisit.com	nexus.ensighten.com www.gopaycards.com
1	usbank.demdex.net	www.gopaycards.com
1	usbank.tt.omtrdc.net	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	www.mcdonaldspaycard.us	1 redirects
38	8

This site contains no links.

Subject Issuer	Validity	Valid
www.usbankgomobile.com Entrust Certification Authority - L1M	`2020-02-27` - `2021-08-20`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2019-10-03` - `2020-10-02`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
smetrics.sdcvisit.com Entrust Certification Authority - L1K	`2018-08-03` - `2020-08-03`	2 years	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.gopaycards.com/index.html
Frame ID: 84AE0EAA0DFBF097CF6EB6DA7421C454
Requests: 37 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 755D66CE2C5FEE97E882186340AB1A90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.mcdonaldspaycard.us/ HTTP 301
http://www.gopaycards.com/ HTTP 301
https://www.gopaycards.com/ HTTP 301
https://www.gopaycards.com/index.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/etc.clientlibs\//i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/etc.clientlibs\//i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

679 kB
Transfer

1353 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.mcdonaldspaycard.us/ HTTP 301
http://www.gopaycards.com/ HTTP 301
https://www.gopaycards.com/ HTTP 301
https://www.gopaycards.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618

Request Chain 22

https://cm.everesttech.net/cm/dd?d_uuid=57798291505360595354580443993754486560 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XllZngAAAetqZC3-

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
www.gopaycards.com/
Redirect Chain

https://www.mcdonaldspaycard.us/
http://www.gopaycards.com/
https://www.gopaycards.com/
https://www.gopaycards.com/index.html

10 KB
10 KB

568ms
568ms

Document
text/html

170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

38838c1eb9f7f4afe15dd76ee59fc1f0c1c213638e3e7df1704df5d29561088b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.gopaycards.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ext-obc-content2-aem=!k0pMc7K+L/QSmTqTd5FSETEad2prxirDCJajy/Ro1J8mGwpq9IwM7Noht6OmpW6mbw++oNkhi9hWDl0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: max-age=2592000
Content-Type: text/html
Last-Modified: Fri, 28 Feb 2020 18:18:44 GMT
ETag: W/"2299e88263eed51:0"
Server: Microsoft-IIS/8.5
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Content-Type
Date: Fri, 28 Feb 2020 18:18:43 GMT
Content-Length: 10195

Redirect headers

Cache-Control: max-age=2592000
Content-Type: text/html; charset=UTF-8
Location: https://www.gopaycards.com/index.html
Server: Microsoft-IIS/8.5
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Content-Type
Date: Fri, 28 Feb 2020 18:18:43 GMT
Content-Length: 160
Set-Cookie: ext-obc-content2-aem=!k0pMc7K+L/QSmTqTd5FSETEad2prxirDCJajy/Ro1J8mGwpq9IwM7Noht6OmpW6mbw++oNkhi9hWDl0=; path=/; Httponly; Secure

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/usbank/rwdprod/ 203 KB
66 KB 134ms
55ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js
Requested by: Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 37a4fe7404dad5ef61841de19eb74175c6134b89d9a607bd389b4582975f5899

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:19:09 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 19:03:22 GMT
server: nginx
etag: W/"5e556f7a-32db9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET
H/1.1 200
OK cq-shared.min.css
www.gopaycards.com/apps/brightcove/clientlibs/ 157 B
634 B 123ms
121ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/apps/brightcove/clientlibs/cq-shared.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

91a90275316cd69ffc78b71ca65770e0b591650d1de891c736c4a3109276a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Sat, 03 Aug 2019 23:12:08 GMT
Server: Microsoft-IIS/8.5
ETag: "947072df504ad51:0"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:43 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 157
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.min.css
www.gopaycards.com/etc.clientlibs/foundation/clientlibs/ 9 KB
2 KB 247ms
122ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/foundation/clientlibs/main.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

5de7ed40dec4289e49836c4def825318df1956de0d0befe695e77f50fc638292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 1848
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:51 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "80876a88ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK jquery.min.js Show response
www.gopaycards.com/etc.clientlibs/clientlibs/granite/ 111 KB
38 KB 479ms
232ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 38331
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:53 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "80b49b98ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK utils.min.js Show response
www.gopaycards.com/etc.clientlibs/clientlibs/granite/ 10 KB
4 KB 497ms
123ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

976546f013eed5afb39d59b5a236ec888095335d4bd3932ef0069ae1841ee423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 3748
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:53 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "80b49b98ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK granite.min.js Show response
www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery/ 4 KB
2 KB 506ms
126ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 1707
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Feb 2020 15:27:38 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "051bb9b4beed51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK jquery.min.js Show response
www.gopaycards.com/etc.clientlibs/foundation/clientlibs/ 16 B
505 B 505ms
124ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/foundation/clientlibs/jquery.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 01:06:53 GMT
Server: Microsoft-IIS/8.5
ETag: "b3f72fa8ae7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 16
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK shared.min.js Show response
www.gopaycards.com/etc.clientlibs/foundation/clientlibs/ 24 KB
7 KB 526ms
125ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/foundation/clientlibs/shared.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

4086c8cd4c3361452c1c1da9af3034fc90f4a375c4f6195f31d6dcf1c7b56f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 6920
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:54 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "04b34a8ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK main.min.js Show response
www.gopaycards.com/etc.clientlibs/foundation/clientlibs/ 8 KB
4 KB 900ms
427ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/foundation/clientlibs/main.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

9edcd1d71d604f6d3f20d909aa1c0a3df44160abbc4dc9de8eed71aa14fae22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 3099
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:54 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "04b34a8ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET gopaycards.css
www.gopaycards.com/etc/designs/ 0
0

GET
H/1.1 200
OK clientlibs-layout.min.css
www.gopaycards.com/etc.clientlibs/usbfoundation/clientlibs/usbfoundation/ 101 KB
6 KB 377ms
139ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/usbfoundation/clientlibs/usbfoundation/clientlibs-layout.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

b6b377bfd05df4c2833c55e2668873126ab09dd59987bc114679ba950b986cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 5314
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 01:06:51 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "80876a88ae7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK clientlib-all.min.css
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/ 161 KB
28 KB 395ms
156ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

da2596933df3804f82156d5d1b22914f4d9400ad1f995679e900c70baa684070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 27961
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 04:24:48 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "0e8a8afa5e7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK clientlib-all.min.js Show response
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/ 214 KB
74 KB 621ms
133ms Script
application/javascript 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.js

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

8cf7ffb1f8774506dcda1f093ec44febccf293c147625268cbd53eb714c7a448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 74934
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 04:24:47 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
ETag: "805110afa5e7d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK clientlibs.min.css
www.gopaycards.com/etc.clientlibs/usbfoundation/components/content/image/ 77 B
553 B 371ms
132ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/usbfoundation/components/content/image/clientlibs.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

7a5aa641c8b7676c4befc0bb1f75f7e8a08351f01b347ba388e777abf9212b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 01:09:15 GMT
Server: Microsoft-IIS/8.5
ETag: "b13f8c5e8ae7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 77
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clientlibs.min.css
www.gopaycards.com/etc.clientlibs/usbfoundation/components/content/externalImage/ 77 B
553 B 375ms
132ms Stylesheet
text/css 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/etc.clientlibs/usbfoundation/components/content/externalImage/clientlibs.min.css

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

7a5aa641c8b7676c4befc0bb1f75f7e8a08351f01b347ba388e777abf9212b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 01:09:15 GMT
Server: Microsoft-IIS/8.5
ETag: "702b985e8ae7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 77
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1477444416698.png
www.gopaycards.com/_jcr_content/headerIpar/header/logoleft.img.png/ 5 KB
5 KB 124ms
124ms Image
image/png 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/_jcr_content/headerIpar/header/logoleft.img.png/1477444416698.png

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

addbe5d98be09d6a008a38c1c64bdd9eb0955f5c78d71239fab0bebd7c713525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Oct 2019 02:11:16 GMT
Server: Microsoft-IIS/8.5
ETag: "30c7d7525985d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 4674
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mastercard-slide.jpg
www.gopaycards.com/dam/images/ 93 KB
94 KB 132ms
132ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/dam/images/mastercard-slide.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

45633b17fa154266a7ed8fda680982af01c735108229f235923e42c584d1d69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Oct 2019 02:11:16 GMT
Server: Microsoft-IIS/8.5
ETag: "30c7d7525985d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 95334
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK visa-slide.jpg
www.gopaycards.com/dam/images/ 91 KB
92 KB 130ms
130ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/dam/images/visa-slide.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

fe82245d0ee3f50d00329395b34550ca73ff016313693cb3ecb91e268b465c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Oct 2019 02:11:16 GMT
Server: Microsoft-IIS/8.5
ETag: "61b3e3525985d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 93550
X-XSS-Protection: 1; mode=block

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618
https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618

0
-1 B

138ms
35ms

XHR

63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618
X-TID: T7kMump6S6Q=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gopaycards.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.gopaycards.com
X-TID: T7kMump6S6Q=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/usbank/rwdprod/ 386 B
528 B 47ms
47ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/usbank/rwdprod/serverComponent.php?r=3517.559419419094&ClientID=472&PageID=https%3A%2F%2Fwww.gopaycards.com%2Findex.html
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2517c8a816bf7a2ea0c4838d5c4d934b6d14fafc4de7b8e4852db7d8ce96adcd

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Fri, 28 Feb 2020 18:19:10 GMT
cache-control: no-cache, no-store
expires: Fri, 28 Feb 2020 18:19:09 GMT
server: nginx
content-length: 386
content-type: text/javascript

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 3 KB
2 KB 38ms
37ms XHR
application/json 63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1582913949618

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5b523eccce999c807c24ec271fbda023cdfa75f8605ada493e1a2ce152e176f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gopaycards.com/index.html
Origin: https://www.gopaycards.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcscanary-prod-irl1-v083-01ddb47d7.edge-irl1.demdex.com 5.65.0.20200212140016 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 2d60rce7S/M=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gopaycards.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1019
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 id Show response
smetrics.sdcvisit.com/ 48 B
485 B 114ms
31ms XHR
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sdcvisit.com/id?d_visid_ver=4.0.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=57903957989623429994610714303542591992&ts=1582913949819

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c6f668d68c50dcda49ad29b456a3f2de34d4e15a5cd5ec795ce5f8182b443d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
Origin: https://www.gopaycards.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 28 Feb 2020 18:19:09 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5bb688c676-4b7f7
vary: Origin
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.gopaycards.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XllZngAAAetqZC3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=57798291505360595354580443993754486560
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XllZngAAAetqZC3-

42 B
915 B

35ms
35ms

Image
image/gif

63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XllZngAAAetqZC3-

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v062-0a95740bc.edge-irl1.demdex.com 5.65.0.20200212140016 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ihzgUq1YQBA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 28 Feb 2020 18:19:10 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XllZngAAAetqZC3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 json Show response
usbank.tt.omtrdc.net/m2/usbank/mbox/ 10 KB
3 KB 190ms
56ms XHR
application/json 66.117.29.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://usbank.tt.omtrdc.net/m2/usbank/mbox/json?mbox=usbank_global_header_test&mboxSession=be576271379f455c8f09f15d8a15e37c&mboxPC=&mboxPage=bd0cc621af9e4085bea95ec61249ed1e&mboxRid=16f9e681900c43a79c05f0c5c0e41ae6&mboxVersion=1.7.0&mboxCount=1&mboxTime=1582917549651&mboxHost=www.gopaycards.com&mboxURL=https%3A%2F%2Fwww.gopaycards.com%2Findex.html&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&profile.cust_prosp=prospect&mboxMCSDID=139C3AF1B3FF9BD3-5A3B101AB692562D&vst.trk=metrics.sdcvisit.com&vst.trks=smetrics.sdcvisit.com&mboxMCGVID=57903957989623429994610714303542591992&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.117.29.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: /
Resource Hash: 66ac8d4ca4021f792bdf21d5a1bd64ceb280048d67e3b45005bf2f85ad65d068

Request headers

Referer: https://www.gopaycards.com/index.html
Origin: https://www.gopaycards.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 18:19:09 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
status: 200
vary: Origin,Accept-Encoding
p3p: CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://www.gopaycards.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 16f9e681900c43a79c05f0c5c0e41ae6

GET
H/1.1 200
OK token.json Show response
www.gopaycards.com/libs/granite/csrf/ 0
482 B 122ms
121ms XHR
application/json 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gopaycards.com/libs/granite/csrf/token.json

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Aug 2019 02:41:04 GMT
Server: Microsoft-IIS/8.5
ETag: "64b4ce21253d51:0"
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 dbef4b3d57d43325bffd62b037ae8fee.js Show response
nexus.ensighten.com/usbank/rwdprod/code/ 94 KB
33 KB 41ms
41ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/usbank/rwdprod/code/dbef4b3d57d43325bffd62b037ae8fee.js?conditionId0=465773
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5fded85fc9299849eab848bd96d09e3d0195e814f483ff449ea472995c18bc6a

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:19:10 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 20:50:44 GMT
server: nginx
etag: W/"5dae1a24-179c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 ca5f88fd5c7d433d5fb0ee44c284823b.js Show response
nexus.ensighten.com/usbank/rwdprod/code/ 2 KB
1 KB 36ms
36ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/usbank/rwdprod/code/ca5f88fd5c7d433d5fb0ee44c284823b.js?conditionId0=423222
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/usbank/rwdprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: edc21e70090d18d7a21d4f89a86500c3905fca711a2e65050c762279c44eb078

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:19:10 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 22:49:40 GMT
server: nginx
etag: W/"5e34af04-8cd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET gopaycards.css
www.gopaycards.com/etc/designs/ 0
0

GET
H/1.1 200
OK bg-pattern.jpg
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 82 KB
83 KB 132ms
132ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/bg-pattern.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

0d1181bee194b585c570be6f298c030dd66702b90c274007b84fa1876d73b784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 04:24:56 GMT
Server: Microsoft-IIS/8.5
ETag: "26a3c5b4a5e7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 84062
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK req-proposal-btn-bg.jpg
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 451 B
930 B 127ms
126ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/req-proposal-btn-bg.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

2d42908fb0995adb3c9ca218d99e70bf268d33f915043a3d7aba273a2a42e3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 04:24:55 GMT
Server: Microsoft-IIS/8.5
ETag: "a9145fb4a5e7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 451
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK golden-rule.jpg
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 353 B
832 B 130ms
129ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/golden-rule.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

bfd4351c4d1fb2cb366bf8e99df1e72099c0e095fce4f71fd837898d68b51d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 04:24:55 GMT
Server: Microsoft-IIS/8.5
ETag: "4fb23db4a5e7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 353
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK red-bg.jpg
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 13 KB
14 KB 128ms
128ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/red-bg.jpg

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

90004c71f4cc3ec7eba1137ab1493b79d829fbb92e6d41e350456a988077f2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 04:24:55 GMT
Server: Microsoft-IIS/8.5
ETag: "e004cb4a5e7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 13457
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK yellow-quotes-home.png
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 1 KB
2 KB 129ms
128ms Image
image/png 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/yellow-quotes-home.png

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

05ebde36e30a82cff9064ab618f5a64a7c51ec093e3fa73d2e7e6d2db001dfea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 04:24:56 GMT
Server: Microsoft-IIS/8.5
ETag: "fdb07bb4a5e7d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1114
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mastercard-slide.jpg
www.gopaycards.com/dam/images/ 93 KB
94 KB 212ms
212ms Image
image/jpeg 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/dam/images/mastercard-slide.jpg?1582913950554

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

45633b17fa154266a7ed8fda680982af01c735108229f235923e42c584d1d69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Oct 2019 15:39:47 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 28 Feb 2020 18:18:44 GMT
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Headers: Content-Type
Content-Length: 95334
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loading.gif
www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/ 7 KB
7 KB 234ms
128ms Image
image/gif 170.135.184.113
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gopaycards.com/etc.clientlibs/gopaycards/clientlibs/clientlib-site/resources/image/loading.gif

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.113 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

demo1.access.usbank.com

Software

Microsoft-IIS/8.5 /

Resource Hash

3cab3b965d5f74954aa5cc538b3b045f9e3830bf49c196db37c5e11e0f1cf8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 12:50:57 GMT
Server: Microsoft-IIS/8.5
ETag: "cabaf68fb5e8d51:0"
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Date: Fri, 28 Feb 2020 18:18:44 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 7183
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set dest5.html
usbank.demdex.net/ Frame 755D 0
0 155ms
34ms Document
text/html 52.18.60.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.60.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-60-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: usbank.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.gopaycards.com/index.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=57798291505360595354580443993754486560
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.gopaycards.com/index.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 21 Feb 2020 14:08:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=57798291505360595354580443993754486560;Path=/;Domain=.demdex.net;Expires=Wed, 26-Aug-2020 18:19:10 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: aOOrRGxzTu0=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 s65461451729191 Show response
smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.12.0/ 3 KB
3 KB 57ms
56ms Script
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.12.0/s65461451729191?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F1%2F2020%2019%3A19%3A11%205%20-60&d.&nsid=0&jsonv=1&.d&sdid=139C3AF1B3FF9BD3-5A3B101AB692562D&mid=57903957989623429994610714303542591992&aamlh=6&ce=UTF-8&ns=usbank&pageName=gopaycards%3Ahome&g=https%3A%2F%2Fwww.gopaycards.com%2Findex.html&c.&vidAPICheck=VisitorAPI%20Present&et_dimensions=1600x1200&et_width=1600&et_orientation=landscape&.c&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=gopaycards&c3=D%3Dv3&v3=New&c4=12%3A15PM&c6=Friday&c7=2%2F28%2F2020&v9=prospect&c14=D%3Dg&c18=First%20Visit&c19=1&c29=https%3A%2F%2Fwww.gopaycards.com%2Findex.html&v35=gopaycards%3Ahome&v37=D%3DUser-Agent&c50=baseExternal%7CAM_2.12.0%7C04.04.2019%7CVid_4.0.0&c53=gopaycards%3Ahome&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=675616D751E567410A490D4C%40AdobeOrg&AQE=1

Requested by

Host: www.gopaycards.com
URL: https://www.gopaycards.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e17b64404e8d66922a5d0a1997c4c816a19a7386ee7372188652f326b5765d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gopaycards.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-aam-tid: IIuqi8+3Trg=
date: Fri, 28 Feb 2020 18:19:11 GMT
x-content-type-options: nosniff
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
status: 200
content-length: 2694
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v062-0abc7dab4.edge-irl1.demdex.com 5.65.0.20200212140016 6ms (+1ms)
pragma: no-cache
last-modified: Sat, 29 Feb 2020 18:19:11 GMT
server: jag
xserver: anedge-5bb688c676-j9pjq
etag: 3399281826048868352-4615177001325729901
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 27 Feb 2020 18:19:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gopaycards.com
URL: https://www.gopaycards.com/etc/designs/gopaycards.css

Domain: www.gopaycards.com
URL: https://www.gopaycards.com/etc/designs/gopaycards.css

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 12:01:05	Name: dextp Value: 60-1-1582913950724
.demdex.net/	1970-01-19 12:01:05	Name: demdex Value: 57798291505360595354580443993754486560
.gopaycards.com/	1970-01-20 01:14:32	Name: AMCV_675616D751E567410A490D4C%40AdobeOrg Value: 1278862251%7CMCIDTS%7C18321%7CMCMID%7C57903957989623429994610714303542591992%7CMCAAMLH-1583518749%7C6%7CMCAAMB-1583518749%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1582921149s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18328%7CvVersion%7C4.0.0
.gopaycards.com/	1970-01-19 07:41:55	Name: mboxEdgeCluster Value: 26
.gopaycards.com/	1970-01-20 01:15:58	Name: mbox Value: session#be576271379f455c8f09f15d8a15e37c#1582915811\|PC#be576271379f455c8f09f15d8a15e37c.26_0#1646158751
.gopaycards.com/	1969-12-31 23:59:59	Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg Value: 1
.gopaycards.com/	1969-12-31 23:59:59	Name: check Value: true
www.gopaycards.com/	1969-12-31 23:59:59	Name: ext-obc-content2-aem Value: !k0pMc7K+L/QSmTqTd5FSETEad2prxirDCJajy/Ro1J8mGwpq9IwM7Noht6OmpW6mbw++oNkhi9hWDl0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.gopaycards.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js(Line 41) Message: CSRF data not available;The data may be unavailable by design, such as during non-authenticated requests: SyntaxError: Unexpected end of JSON input
console-api	log	(Line 2) Message: micrositeprod microsite

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dpm.demdex.net
nexus.ensighten.com
smetrics.sdcvisit.com
usbank.demdex.net
usbank.tt.omtrdc.net
www.gopaycards.com
www.mcdonaldspaycard.us
www.gopaycards.com
15.188.105.205
170.135.184.113
170.135.223.254
18.195.42.228
52.18.60.121
63.33.112.209
66.117.28.86
66.117.29.3
05ebde36e30a82cff9064ab618f5a64a7c51ec093e3fa73d2e7e6d2db001dfea
0d1181bee194b585c570be6f298c030dd66702b90c274007b84fa1876d73b784
2517c8a816bf7a2ea0c4838d5c4d934b6d14fafc4de7b8e4852db7d8ce96adcd
2d42908fb0995adb3c9ca218d99e70bf268d33f915043a3d7aba273a2a42e3f0
37a4fe7404dad5ef61841de19eb74175c6134b89d9a607bd389b4582975f5899
38838c1eb9f7f4afe15dd76ee59fc1f0c1c213638e3e7df1704df5d29561088b
3cab3b965d5f74954aa5cc538b3b045f9e3830bf49c196db37c5e11e0f1cf8f8
4086c8cd4c3361452c1c1da9af3034fc90f4a375c4f6195f31d6dcf1c7b56f00
45633b17fa154266a7ed8fda680982af01c735108229f235923e42c584d1d69d
5b523eccce999c807c24ec271fbda023cdfa75f8605ada493e1a2ce152e176f6
5de7ed40dec4289e49836c4def825318df1956de0d0befe695e77f50fc638292
5fded85fc9299849eab848bd96d09e3d0195e814f483ff449ea472995c18bc6a
66ac8d4ca4021f792bdf21d5a1bd64ceb280048d67e3b45005bf2f85ad65d068
7a5aa641c8b7676c4befc0bb1f75f7e8a08351f01b347ba388e777abf9212b95
8cf7ffb1f8774506dcda1f093ec44febccf293c147625268cbd53eb714c7a448
90004c71f4cc3ec7eba1137ab1493b79d829fbb92e6d41e350456a988077f2f1
91a90275316cd69ffc78b71ca65770e0b591650d1de891c736c4a3109276a219
976546f013eed5afb39d59b5a236ec888095335d4bd3932ef0069ae1841ee423
9edcd1d71d604f6d3f20d909aa1c0a3df44160abbc4dc9de8eed71aa14fae22f
addbe5d98be09d6a008a38c1c64bdd9eb0955f5c78d71239fab0bebd7c713525
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
b6b377bfd05df4c2833c55e2668873126ab09dd59987bc114679ba950b986cc1
bfd4351c4d1fb2cb366bf8e99df1e72099c0e095fce4f71fd837898d68b51d83
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c6f668d68c50dcda49ad29b456a3f2de34d4e15a5cd5ec795ce5f8182b443d6b
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
da2596933df3804f82156d5d1b22914f4d9400ad1f995679e900c70baa684070
e17b64404e8d66922a5d0a1997c4c816a19a7386ee7372188652f326b5765d87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc21e70090d18d7a21d4f89a86500c3905fca711a2e65050c762279c44eb078
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe82245d0ee3f50d00329395b34550ca73ff016313693cb3ecb91e268b465c4d

www.gopaycards.com Open in urlscan Pro 170.135.184.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

95 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

7 IPs

4 Countries

679 kBTransfer

1353 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gopaycards.com Open in urlscan Pro
170.135.184.113 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

679 kB
Transfer

1353 kB
Size

8
Cookies

38 HTTP transactions
0 data transactions