buynow.elavon.net Open in urlscan Pro
198.203.192.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://buynow.elavon.net/assisted-signup?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalB...
Effective URL:
https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUal...
Submission Tags: falconsandbox
Submission: On December 03 via api (December 3rd 2021, 4:26:11 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 198.203.192.238, located in United States and belongs to ELAVON, US. The main domain is buynow.elavon.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 17th 2021. Valid for: a year.

This is the only time buynow.elavon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	198.203.192.238 198.203.192.238	11609 (ELAVON) (ELAVON)
3	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
15	3

11 198.203.192.238 (United States) 1 redirects

ASN11609 (ELAVON, US)
PTR: mail1.merchantconnect.com

buynow.elavon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	elavon.net 1 redirects buynow.elavon.net	2 MB
3	mixpanel.com api.mixpanel.com	559 B
15	2

	Domain	Requested by
11	buynow.elavon.net	1 redirects buynow.elavon.net
3	api.mixpanel.com	buynow.elavon.net
15	2

This site contains no links.

Subject Issuer	Validity	Valid
buynow.elavon.net Entrust Certification Authority - L1K	`2021-08-17` - `2022-08-17`	a year	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
Frame ID: 2B8160FF2CD8E5ADBA79AE95B4A6037A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Set Password

Page URL History Show full URLs

https://buynow.elavon.net/assisted-signup?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=... HTTP 302
http://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn... HTTP 307
https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn... Page URL

Page Statistics

15
Requests

87 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2441 kB
Transfer

2437 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://buynow.elavon.net/assisted-signup?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register HTTP 302
http://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register HTTP 307
https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://buynow.elavon.net/aws/env/whoami HTTP 0
http://buynow.elavon.net/assisted-signup?ctx=autherr

Request Chain 5

https://buynow.elavon.net/aws/env/touch HTTP 0
http://buynow.elavon.net/assisted-signup?ctx=autherr

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
buynow.elavon.net/assisted-signup/
Redirect Chain

https://buynow.elavon.net/assisted-signup?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3...
http://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3...
https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn...

4 KB
5 KB

355ms
120ms

Document
text/html

198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

270e82bf50ddf5b275a02e97fe1705bd089c1c2111f0ae08a52c4c671b9a3472

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 03 Dec 2021 16:26:02 GMT
Server: server
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
ETag: W/"4444-1638484312000"
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4444
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Connection: close

Redirect headers

Location: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK customerFlow.1d2c7f64.chunk.css
buynow.elavon.net/assisted-signup/static/css/ 3 KB
4 KB 355ms
120ms Stylesheet
text/css 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/static/css/customerFlow.1d2c7f64.chunk.css

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

439d787b32400cdea651b0e5167ee11d2b6da5e2c099fa4de0fa825d7504fb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"3391-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: text/css
Connection: close
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 3391
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1.081e903f.chunk.js Show response
buynow.elavon.net/assisted-signup/static/js/ 1 MB
1 MB 356ms
121ms Script
text/javascript 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

3ce78e54988608e86a782ded4a9e6d80ec695d36498d95748954c0197bd7f775

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"1197820-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: text/javascript
Connection: close
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 1197820
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK customerFlow.4ee44f3d.chunk.js Show response
buynow.elavon.net/assisted-signup/static/js/ 794 KB
795 KB 357ms
122ms Script
text/javascript 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/static/js/customerFlow.4ee44f3d.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

eaa32921ce056f410ecbcda75f50d17cb4770fc9c0caab95ead3568a63b24a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"813340-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: text/javascript
Connection: close
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 813340
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK props Show response
buynow.elavon.net/scwebapi/ 408 B
756 B 362ms
124ms XHR
application/json 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/scwebapi/props

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

b212c435707d555341d918dd8c3e20d958b2305ca5a38330dc6838a75d87cfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&ID=VaUalBTXkqo1wwjpDFQZlaVWH0vA%2FkN55Ry%2B8ky1vkFYQbQAYT7HK7qI%2Fjg51M7YjWVwwZ2Tqn3RQ44f1CeswQ%3D%3D&dst=register
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
X-Content-Type-Options: nosniff
Server: server
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Strict-Transport-Security: max-age=63072000; preload
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET

assisted-signup
buynow.elavon.net/
Redirect Chain

https://buynow.elavon.net/aws/env/whoami
http://buynow.elavon.net/assisted-signup?ctx=autherr

0
0

GET

assisted-signup
buynow.elavon.net/
Redirect Chain

https://buynow.elavon.net/aws/env/touch
http://buynow.elavon.net/assisted-signup?ctx=autherr

0
0

GET
H/1.1 200
OK OpenSans-Bold.50145685.ttf
buynow.elavon.net/assisted-signup/static/media/ 219 KB
220 KB 324ms
122ms Font
application/font-sfnt 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/static/media/OpenSans-Bold.50145685.ttf

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/css/customerFlow.1d2c7f64.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buynow.elavon.net/assisted-signup/static/css/customerFlow.1d2c7f64.chunk.css
Origin: https://buynow.elavon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"224592-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: application/font-sfnt
Access-Control-Allow-Origin: https://buynow.elavon.net
Connection: close
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 224592
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK OpenSans-Regular.629a55a7.ttf
buynow.elavon.net/assisted-signup/static/media/ 212 KB
213 KB 322ms
122ms Font
application/font-sfnt 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/assisted-signup/static/media/OpenSans-Regular.629a55a7.ttf

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/css/customerFlow.1d2c7f64.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buynow.elavon.net/assisted-signup/static/css/customerFlow.1d2c7f64.chunk.css
Origin: https://buynow.elavon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"217360-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: application/font-sfnt
Access-Control-Allow-Origin: https://buynow.elavon.net
Connection: close
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 217360
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK getJurisdictionInfo Show response
buynow.elavon.net/sb/md/ 114 B
596 B 371ms
136ms XHR
application/json 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/sb/md/getJurisdictionInfo

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

d7dc4c297d20c51edf44b6e1332624a0896f16b4137124f2dfb4571988f80f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
Strict-Transport-Security: max-age=63072000; preload
X-Content-Type-Options: nosniff
Server: server
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: application/json
Access-Control-Allow-Origin: https://buynow.elavon.net
Access-Control-Allow-Credentials: true
Connection: close
Vary: Origin
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.f4ce8505.png
buynow.elavon.net/assisted-signup/static/media/ 32 KB
33 KB 666ms
120ms Image
image/png 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buynow.elavon.net/assisted-signup/static/media/logo.f4ce8505.png

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

f6bca39a9803602af62a177ab175660e58a75b38ad46884f90ad825deed4586e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:31:52 GMT
Server: server
ETag: W/"33197-1638484312000"
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Content-Type: image/png
Connection: close
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 33197
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
api.mixpanel.com/decide/ 65 B
140 B 367ms
321ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=5d96c0bf40271980c46286796a53dc38&ip=1&_=1638548766684
Requested by: Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.34.211.130.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 16:26:07 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://buynow.elavon.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
347 B 159ms
116ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2J1eW5vdy5lbGF2b24ubmV0L2Fzc2lzdGVkLXNpZ251cC8%2FYnI9QUdFTlRfQkFOSyZhYz1VU0EmdXNlckxhbmd1YWdlPWVuX1VTJnNqPVRSTVBIQ01NTlRCTksmcm49QUdFTlRfQkFOSyZkc3Q9cmVnaXN0ZXIiLCIkYnJvd3Nlcl92ZXJzaW9uIjogOTYsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yNi4wIiwidGltZSI6IDE2Mzg1NDg3NjYuNjg3LCJkaXN0aW5jdF9pZCI6ICIxN2Q4MTFkZmZkYTY4Yy0wYTM0MmY5NGJiZmUyNC05NzgxODNhLTFkNGMwMC0xN2Q4MTFkZmZkYmI2MCIsIiRkZXZpY2VfaWQiOiAiMTdkODExZGZmZGE2OGMtMGEzNDJmOTRiYmZlMjQtOTc4MTgzYS0xZDRjMDAtMTdkODExZGZmZGJiNjAiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL2J1eW5vdy5lbGF2b24ubmV0L2Fzc2lzdGVkLXNpZ251cC8%2FYnI9QUdFTlRfQkFOSyZhYz1VU0EmdXNlckxhbmd1YWdlPWVuX1VTJnNqPVRSTVBIQ01NTlRCTksmcm49QUdFTlRfQkFOSyZkc3Q9cmVnaXN0ZXIiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI1ZDk2YzBiZjQwMjcxOTgwYzQ2Mjg2Nzk2YTUzZGMzOCJ9fQ%3D%3D&ip=1&_=1638548766688

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Fri, 03 Dec 2021 16:26:06 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://buynow.elavon.net
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

POST
H/1.1 200
OK checkCustomerStatus Show response
buynow.elavon.net/aws/ 168 B
540 B 693ms
457ms XHR
application/json 198.203.192.238
ELAVON

General

Check archive.org

Show headers Download Go to

Full URL

https://buynow.elavon.net/aws/checkCustomerStatus

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.203.192.238 , United States, ASN11609 (ELAVON, US),

Reverse DNS

mail1.merchantconnect.com

Software

server /

Resource Hash

cef55bf3a8d048810e27378d7a92f8fd388c358e82f94461b5e2297a0054a79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Dec 2021 16:26:06 GMT
X-Content-Type-Options: nosniff
Server: server
X-Frame-Options: ALLOW-FROM https://elavon-na.my.salesforce.com
Strict-Transport-Security: max-age=63072000; preload
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
72 B 130ms
129ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJTZXQgUGFzc3dvcmQgTGFuZGluZyIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vYnV5bm93LmVsYXZvbi5uZXQvYXNzaXN0ZWQtc2lnbnVwLz9icj1BR0VOVF9CQU5LJmFjPVVTQSZ1c2VyTGFuZ3VhZ2U9ZW5fVVMmc2o9VFJNUEhDTU1OVEJOSyZybj1BR0VOVF9CQU5LJmRzdD1yZWdpc3RlciIsIiRicm93c2VyX3ZlcnNpb24iOiA5NiwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjI2LjAiLCJ0aW1lIjogMTYzODU0ODc2Ny40MTksImRpc3RpbmN0X2lkIjogIjE3ZDgxMWRmZmRhNjhjLTBhMzQyZjk0YmJmZTI0LTk3ODE4M2EtMWQ0YzAwLTE3ZDgxMWRmZmRiYjYwIiwiJGRldmljZV9pZCI6ICIxN2Q4MTFkZmZkYTY4Yy0wYTM0MmY5NGJiZmUyNC05NzgxODNhLTFkNGMwMC0xN2Q4MTFkZmZkYmI2MCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJ0b2tlbiI6ICI1ZDk2YzBiZjQwMjcxOTgwYzQ2Mjg2Nzk2YTUzZGMzOCJ9fQ%3D%3D&ip=1&_=1638548767420

Requested by

Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/1.081e903f.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buynow.elavon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Fri, 03 Dec 2021 16:26:07 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://buynow.elavon.net
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
alt-svc: clear
content-length: 1

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: buynow.elavon.net
URL: http://buynow.elavon.net/assisted-signup?ctx=autherr

Domain: buynow.elavon.net
URL: http://buynow.elavon.net/assisted-signup?ctx=autherr

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			buynow.elavon.net/	1969-12-31 23:59:59	Name: userLanguage Value: en_US
			.elavon.net/	1970-01-20 07:54:44	Name: mp_5d96c0bf40271980c46286796a53dc38_mixpanel Value: %7B%22distinct_id%22%3A%20%2217d811dffda68c-0a342f94bbfe24-978183a-1d4c00-17d811dffdbb60%22%2C%22%24device_id%22%3A%20%2217d811dffda68c-0a342f94bbfe24-978183a-1d4c00-17d811dffdbb60%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register Message: Mixed Content: The page at 'https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://buynow.elavon.net/assisted-signup?ctx=autherr'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register Message: Mixed Content: The page at 'https://buynow.elavon.net/assisted-signup/?br=AGENT_BANK&ac=USA&userLanguage=en_US&sj=TRMPHCMMNTBNK&rn=AGENT_BANK&dst=register' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://buynow.elavon.net/assisted-signup?ctx=autherr'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elavon-na.my.salesforce.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
buynow.elavon.net
buynow.elavon.net
130.211.34.183
198.203.192.238
270e82bf50ddf5b275a02e97fe1705bd089c1c2111f0ae08a52c4c671b9a3472
3ce78e54988608e86a782ded4a9e6d80ec695d36498d95748954c0197bd7f775
439d787b32400cdea651b0e5167ee11d2b6da5e2c099fa4de0fa825d7504fb29
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
b212c435707d555341d918dd8c3e20d958b2305ca5a38330dc6838a75d87cfd7
cef55bf3a8d048810e27378d7a92f8fd388c358e82f94461b5e2297a0054a79a
d7dc4c297d20c51edf44b6e1332624a0896f16b4137124f2dfb4571988f80f23
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
eaa32921ce056f410ecbcda75f50d17cb4770fc9c0caab95ead3568a63b24a3a
f6bca39a9803602af62a177ab175660e58a75b38ad46884f90ad825deed4586e

buynow.elavon.net Open in urlscan Pro 198.203.192.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

2441 kBTransfer

2437 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

buynow.elavon.net Open in urlscan Pro
198.203.192.238 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2441 kB
Transfer

2437 kB
Size

2
Cookies

15 HTTP transactions
1 data transactions