urlscan.io logo urlscan.io
SecurityTrails logo

dragondivas.ca Open in urlscan Pro
216.113.194.65  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://dragondivas.ca/photos/am/
Submission: On March 08 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 7 domains to perform 45 HTTP transactions. The main IP is 216.113.194.65, located in Vancouver, Canada and belongs to UNISERVE-ONLINE - Uniserve On Line, CA. The main domain is dragondivas.ca.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 3rd 2018. Valid for: 3 months.
This is the only time dragondivas.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
2 216.113.194.65 19662 (UNISERVE-...)
6 104.109.77.137 20940 (AKAMAI-ASN1)
6 35.157.8.66 16509 (AMAZON-02)
21 104.109.72.231 20940 (AKAMAI-ASN1)
2 104.109.73.124 20940 (AKAMAI-ASN1)
1 3 52.17.182.129 16509 (AMAZON-02)
2 185.34.188.178 15224 (OMNITURE)
1 148.173.97.38 6307 (AMERICAN-...)
1 148.173.101.84 6307 (AMERICAN-...)
1 52.85.173.196 16509 (AMAZON-02)
1 52.29.202.185 16509 (AMAZON-02)
45 11
2    216.113.194.65 (Vancouver, Canada)

ASN19662 (UNISERVE-ONLINE - Uniserve On Line, CA)
PTR: host4.uniservehosting.com
dragondivas.ca
6    104.109.77.137 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-77-137.deploy.static.akamaitechnologies.com
global.americanexpress.com
6    35.157.8.66 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
21    104.109.72.231 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-72-231.deploy.static.akamaitechnologies.com
www.aexp-static.com
icm.aexp-static.com
web.aexp-static.com
2    104.109.73.124 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-73-124.deploy.static.akamaitechnologies.com
service.maxymiser.net
3    52.17.182.129 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    185.34.188.178 (Netherlands)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: americanexpress.com.ssl.d2.sc.omtrdc.net
omns.americanexpress.com
1    148.173.97.38 (Fort Lauderdale, United States)

ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
www425.americanexpress.com
1    148.173.101.84 (Fort Lauderdale, United States)

ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: gct-VIP.americanexpress.com
gct.americanexpress.com
1    52.85.173.196 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-196.fra6.r.cloudfront.net
sec.levexis.com
1    52.29.202.185 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-202-185.eu-central-1.compute.amazonaws.com
ep.americanexpress.com
Domain Requested by
14 www.aexp-static.com dragondivas.ca
nexus.ensighten.com
icm.aexp-static.com
www.aexp-static.com
6 nexus.ensighten.com dragondivas.ca
www.aexp-static.com
nexus.ensighten.com
6 global.americanexpress.com dragondivas.ca
4 icm.aexp-static.com dragondivas.ca
icm.aexp-static.com
3 web.aexp-static.com www.aexp-static.com
web.aexp-static.com
3 dpm.demdex.net 1 redirects dragondivas.ca
www.aexp-static.com
2 omns.americanexpress.com www.aexp-static.com
2 service.maxymiser.net nexus.ensighten.com
service.maxymiser.net
2 dragondivas.ca dragondivas.ca
1 ep.americanexpress.com dragondivas.ca
1 sec.levexis.com nexus.ensighten.com
1 gct.americanexpress.com dragondivas.ca
1 www425.americanexpress.com www.aexp-static.com
45 13
Subject Issuer Validity Valid
dragondivas.ca
cPanel, Inc. Certification Authority		 2018-03-03 -
2018-06-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dragondivas.ca/photos/am/
Frame ID: (DAD027FBA7516505C47BD26A34BD00A)
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 50%
Detected patterns
  • env /^head$/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

45
Requests

4 %
HTTPS

0 %
IPv6

7
Domains

13
Subdomains

11
IPs

5
Countries

334 kB
Transfer

867 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dragondivas.ca/photos/am/ 		68 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.113.194.65 Vancouver, Canada, ASN19662 (UNISERVE-ONLINE - Uniserve On Line, CA),
Reverse DNS
host4.uniservehosting.com
Software
Apache /
Resource Hash
44252a396768b5375cbbf1f46752b97098d95c026f7dcf6afd174675f3b61571

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
dragondivas.ca
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ELILODefault.css
global.americanexpress.com/myca/logon/emea/docs/global/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.americanexpress.com/myca/logon/emea/docs/global/css/ELILODefault.css
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43af4b44e4d0a3d816202402362d9fc2b9cd8c0b4e0542c596c00127087249ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:03 GMT
Date
Thu, 08 Mar 2018 00:57:02 GMT
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4145
RWDcmaxLogon.css
global.americanexpress.com/myca/logon/emea/docs/global/css/ 		751 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.americanexpress.com/myca/logon/emea/docs/global/css/RWDcmaxLogon.css
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68e0a6ce3093791926563a2a14d78661e1e3a5cbd7d480f3dc52de3bff276ed4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:03 GMT
Date
Thu, 08 Mar 2018 00:57:02 GMT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
751
Bootstrap.js
nexus.ensighten.com/amex/intl_amexhead/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31a51135e8ebc0b07be2255844e338d3c1e22240141ff195dcde549cc6c936da

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Mar 2018 06:20:26 GMT
Server
nginx
ETag
W/"5a9f84aa-16847"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
inav_responsive_intl.css
www.aexp-static.com/nav/ngn/css/ 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/css/inav_responsive_intl.css
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
810c785ae7e79dfefe13ee15174709dad0b3c9792b817912301938aeef6473b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 16:01:29 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:02 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
14310
btnSpriteStyles.css
www.aexp-static.com/nav/ngn/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/css/btnSpriteStyles.css
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 19:01:06 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:02 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
3312
mmcore.js
service.maxymiser.net/cdn/americanexpressuk/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.maxymiser.net/cdn/americanexpressuk/js/mmcore.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Protocol
HTTP/1.1
Server
104.109.73.124 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-124.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c93e19037feb44dc3dda4686c1e6798c1eda0d7375068361ef6a39f388cb6c4

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2018 20:24:05 GMT
Server
Apache
ETag
"03854f8efdb9551ce527795660ee9720:1517343845"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10215
visitorAPI-intl.js
www.aexp-static.com/api/axpi/omniture/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/api/axpi/omniture/visitorAPI-intl.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
6865
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e4aaf616c795954c156c759dabe778daac6c53b2f8b783e039063ab6af701632

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

DCS
irl1-prod-dcs-891d8202.edge-irl1.demdex.com 5.25.2.20180307120847 3ms
Pragma
no-cache
Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
X-TID
JiICEVUnTgg=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
transfer-encoding
chunked
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Expires
Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Mar 2018 00:57:03 GMT
X-TID
fgol4w5BQLo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 2009 00:00:00 GMT
/
service.maxymiser.net/cg/v5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.maxymiser.net/cg/v5/?fv=dmn%3Damericanexpress.uk%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fdragondivas.ca%252Fphotos%252Fam%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.12&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jsver=5.15.2
Requested by
Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/americanexpressuk/js/mmcore.js
Protocol
HTTP/1.1
Server
104.109.73.124 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-124.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
949fa55b9c2ed81f93f4b7309e8842abc49b022d2e459041a064b5c1f70f3a17

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Last-Modified
03/08/2018 00:57:03
Server
nginx
X-Node
fravwcgeu03, fravllb04
Vary
Accept-Encoding
P3P
CP="DEV IND NOI OTC OUR PSA PSD"
Cache-Control
no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
653
Expires
Sun, 06 Jan 1980 01:00:00 GMT
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive_intl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:29 GMT
server
IBM_HTTP_Server
date
Thu, 08 Mar 2018 00:57:03 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
23367
clear.gif
www.aexp-static.com/nav/ngn/img/ 		43 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/nav/ngn/img/clear.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:00 GMT
server
IBM_HTTP_Server
date
Thu, 08 Mar 2018 00:57:03 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
logo_bluebox.gif
www.aexp-static.com/nav/ngn/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/nav/ngn/img/logo_bluebox.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Mon, 28 Aug 2017 13:27:20 GMT
server
IBM_HTTP_Server
date
Thu, 08 Mar 2018 00:57:03 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
4424
ELILOLarge.css
dragondivas.ca/myca/logon/emea/docs/global/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragondivas.ca/myca/logon/emea/docs/global/css/ELILOLarge.css
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.113.194.65 Vancouver, Canada, ASN19662 (UNISERVE-ONLINE - Uniserve On Line, CA),
Reverse DNS
host4.uniservehosting.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dragondivas.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://dragondivas.ca/photos/am/
Cookie
AMCV_5C36123F5245AF470A490D45%40AdobeOrg=T; mmcore.tst=0.489; mmapi.store.p.0=%7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22pd%22%3A%221552006623071%7C%5C%221768264654%7CAQAAAApVAgBn5%2ByB9A8AAREAAUINUcVWAQDQ0YmBj4TVSNDRiYGPhNVIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QB9A8BAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAAAAAAAAAFF%5C%22%22%2C%22srv%22%3A%221552006623072%7C%5C%22fravwcgeu03%5C%22%22%7D%7D; mmapi.store.s.0=%7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%7D%7D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
363
Content-Type
text/html; charset=iso-8859-1
id
omns.americanexpress.com/ 		155 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omns.americanexpress.com/id?d_visid_ver=1.5.2&callback=s_c_il%5B0%5D._setAnalyticsFields&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=83117761965500030924153130204252738329
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-intl.js
Protocol
HTTP/1.1
Server
185.34.188.178 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
americanexpress.com.ssl.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
cc96a88ec17da5ed8899d398b695298c9f599f5ba5cc9f79fee9fcacfa6fbb62

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Server
Omniture DC/2.0.0
xserver
www23
Vary
Origin
X-C
ms-6.0.6
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
155
gtkp_aa.js
global.americanexpress.com/myca/logon/emea/docs/javascript/gatekeeper/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.americanexpress.com/myca/logon/emea/docs/javascript/gatekeeper/gtkp_aa.js
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad76da66686b4cf8d9e7a577c377a3fbaadaf96f2c495545ca381770b382447d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:04 GMT
Date
Thu, 08 Mar 2018 00:57:03 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4107
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ 		143 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive_intl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:24:34 GMT
server
IBM_HTTP_Server
date
Thu, 08 Mar 2018 00:57:03 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
143
RWDLogon.js
global.americanexpress.com/myca/logon/emea/docs/global/js/ 		112 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.americanexpress.com/myca/logon/emea/docs/global/js/RWDLogon.js
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a08b991dfa19ba78445b35bf92a865eadb08f832ab3e1913d55c39dae902bde8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:03 GMT
Date
Thu, 08 Mar 2018 00:57:03 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49685
img_orangearrow.gif
global.americanexpress.com/myca/logon/emea/shared/images/logon/en_GB/EPLogon/ 		181 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.americanexpress.com/myca/logon/emea/shared/images/logon/en_GB/EPLogon/img_orangearrow.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c3561cb6494af21aeb93bee7364f2914e578a6fb8208bd3c8812a071c2ca4bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:04 GMT
Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Type
image/gif
Cache-Control
private, must-revalidate, max-age=162146
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
181
pes4all.js
icm.aexp-static.com/Internet/PZN/services/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icm.aexp-static.com/Internet/PZN/services/pes4all.js
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce76ea4802c7483d54ba3ad9917b1c4bd401fd1c19198133b8e2fd8449a6b4c4

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2017 18:22:26 GMT
status
200
etag
"4babbc1-9913-55b5d9f48fc80"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8732
commonFunctionsResponsive_Intl.js
www.aexp-static.com/nav/ngn/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive_Intl.js
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
194b6119fc281b37083150ed737be6da2828f7624ce2b0a5d57151095ec53279
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Sun, 04 Mar 2018 13:01:47 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
15895
elilo-sprite.gif
global.americanexpress.com/myca/logon/emea/docs/global/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.americanexpress.com/myca/logon/emea/docs/global/images/elilo-sprite.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
104.109.77.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5d0dc0c73a19e24902f36ce3bf6ee6b1a8bfbdf3d61e77d91eb4024a1c2dddf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://global.americanexpress.com/myca/logon/emea/docs/global/css/ELILODefault.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Oct 2016 19:34:03 GMT
Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Type
image/gif
Cache-Control
private, must-revalidate, max-age=285213
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1385
euc_thirdparty_identify.js
www.aexp-static.com/nav/ngn/js/ 		2 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/js/euc_thirdparty_identify.js
Requested by
Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/Internet/PZN/services/pes4all.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
a249022af99b2b62452a7a853a158cf3b9a7fb1d57524dad3cce4873ceafd4d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Sun, 04 Mar 2018 04:01:57 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
769
MYCALOGON.html
icm.aexp-static.com/Internet/PZN/en_UK/Default/ 		779 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icm.aexp-static.com/Internet/PZN/en_UK/Default/MYCALOGON.html
Requested by
Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/Internet/PZN/services/pes4all.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6417c477f567e655eb9797d084803f2e80bd2b8d978aa853877a5a2028cb0381

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 20:34:21 GMT
status
200
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
content-length
381
iNav_ngi_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive_intl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:29 GMT
server
IBM_HTTP_Server
date
Thu, 08 Mar 2018 00:57:03 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
934
predSearchIntl.js
web.aexp-static.com/uk/content/js/ 		1 KB
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.aexp-static.com/uk/content/js/predSearchIntl.js
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive_Intl.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd38d747f63c634e15042af454d0da0e0ecaa4620a3800304044616807043f72

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
content-encoding
gzip
last-modified
Tue, 20 May 2014 04:37:55 GMT
etag
"4c0e7e4-449-4f9cd71850ec0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
accept-ranges
bytes
content-length
510
predSearchIntl.css
web.aexp-static.com/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.aexp-static.com/css/predSearchIntl.css
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive_Intl.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e8d2179880ca3d1d95fb66b2970cce9c77c704729765899a0d4f7d0f1e7c31f

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
content-encoding
gzip
last-modified
Thu, 20 Nov 2014 06:21:43 GMT
etag
"4d8cd5a-24af-508445789cbc0"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1760
Bootstrap.js
nexus.ensighten.com/amexeu/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive_Intl.js
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f48c5219489ab057e095abd20bb8b2d68eb0e2ea94ca89547db7ff2d078c1041

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Mar 2018 07:40:19 GMT
Server
nginx
ETag
W/"5a9e45e3-6f44"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
defaultticketink.jpg
icm.aexp-static.com/Internet/PZN/UK/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icm.aexp-static.com/Internet/PZN/UK/defaultticketink.jpg
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55205b33498928f1d49f8c085ae2d66116700b244135f297a47dff5b36ac13d3

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
last-modified
Fri, 06 Feb 2015 07:41:29 GMT
etag
"4e062e9-4432-50e668c6d9c40"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
17458
img_orangearrow.gif
icm.aexp-static.com/Internet/PZN/en_CA/Images/ 		181 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icm.aexp-static.com/Internet/PZN/en_CA/Images/img_orangearrow.gif
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c3561cb6494af21aeb93bee7364f2914e578a6fb8208bd3c8812a071c2ca4bb

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
last-modified
Tue, 31 Jul 2012 10:59:04 GMT
etag
"4e5dc62-b5-4c61e11098e00"
status
200
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
181
id
dpm.demdex.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=83117761965500030924153130204252738329&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012D50452F85310114-60000102E000B333&d_cb=s_c_il%5B0%5D._setAudienceManagerFields
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-intl.js
Protocol
HTTP/1.1
Server
52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f235311ac8553aa9b2718ae64bddc957f35d0615a0fb5d276ea153d9a3cac74e

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

DCS
irl1-prod-dcs-08da5bf0a.edge-irl1.demdex.com 5.25.2.20180307120847 5ms
Pragma
no-cache
Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
X-TID
gNn9S8eUSLI=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
transfer-encoding
chunked
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Expires
Thu, 01 Jan 2009 00:00:00 GMT
serverComponent.php
nexus.ensighten.com/amex/intl_amexhead/ 		343 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amex/intl_amexhead/serverComponent.php?r=7.0902985526893225&ClientID=218&PageID=https%3A%2F%2Fdragondivas.ca%2Fphotos%2Fam%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
784093ec2aae5d1ff597f6c5c1b9a8ac18fe3408619a0619b8136718013128ff

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 08 Mar 2018 00:57:02 GMT
euc_cookie.js
www.aexp-static.com/nav/ngn/js/ 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/js/euc_cookie.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
788a1949d75c7f72e4bb7112727169304146d5e0adee0bce587a06bafd592a55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 10:01:55 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
9339
gct.js
www.aexp-static.com/api/axpi/GCT/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/api/axpi/GCT/gct.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
9bcaf026f622245a0f598fba25e20a1e50d120536c8c216be9c17be6cc31b639
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Tue, 27 Feb 2018 09:28:38 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
3166
serverComponent.php
nexus.ensighten.com/amexeu/ 		331 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amexeu/serverComponent.php?clientID=219&PageID=https%3A%2F%2Fdragondivas.ca%2Fphotos%2Fam%2F%3FensMarket%3Dgb_en%26ens_env%3D3%26e_pageId%3D285%26deviceType%3Dlarge
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
db3f7ba048f883b7fdb478238bc22b72673e17449f8631f8631f66ee8e87585d

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 08 Mar 2018 00:57:02 GMT
euc_cookie.css
www.aexp-static.com/nav/ngn/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/nav/ngn/css/euc_cookie.css
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/euc_cookie.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
7bb028a4355de8c20a6d8bb1e17db4c1fbdcb888fd94b061bb9e0eb2b6eb787a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 19:01:07 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
1366
JsonServlet
www425.americanexpress.com/cookieweb/ 		44 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www425.americanexpress.com/cookieweb/JsonServlet?cm=GB_en&jb=sc&e=3&ts=1520470623356&url=https://dragondivas.ca/photos/am/
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/euc_cookie.js
Protocol
HTTP/1.1
Server
148.173.97.38 Fort Lauderdale, United States, ASN6307 (AMERICAN-EXPRESS - American Express Company, US),
Reverse DNS
Software
/
Resource Hash
7266422500cb40caa594945b3382fe22971b0a206b6eb23f4b00b32755be40d4

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=15, max=100
Transfer-Encoding
chunked
Content-Language
en-US
5f021c9958b7a7edc05dbf5319f6b37a.js
nexus.ensighten.com/amex/intl_amexhead/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amex/intl_amexhead/code/5f021c9958b7a7edc05dbf5319f6b37a.js?conditionId0=421808
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f579e856464d62e4acffa1d66a76cbb63e79e86ccf8e19ec49f561a59e68b573

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2017 23:36:06 GMT
Server
nginx
ETag
W/"5988f966-c79"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
predectiveSearch.js
web.aexp-static.com/js/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.aexp-static.com/js/predectiveSearch.js?vr=1.0
Requested by
Host: web.aexp-static.com
URL: https://web.aexp-static.com/uk/content/js/predSearchIntl.js
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d04be2b47a2cbba425f232c1b4868ec42af99f437f47d5189c7726ab0f61a7a8

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 08 Mar 2018 00:57:03 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2016 22:51:16 GMT
etag
"4df6539-75d9-53325b1f54100"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
accept-ranges
bytes
content-length
5339
CreateCookie.do
gct.americanexpress.com/gct/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gct.americanexpress.com/gct/CreateCookie.do
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
148.173.101.84 Fort Lauderdale, United States, ASN6307 (AMERICAN-EXPRESS - American Express Company, US),
Reverse DNS
gct-VIP.americanexpress.com
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:04 GMT
Content-Length
43
Content-Security-Policy-Report-Only
default-src 'none' ; img-src 'self' ; style-src 'self' ; script-src 'self' ; connect-src 'self' ; report-uri /gct/cspViolationListener
Content-Type
image/gif
campaign-tracking-2.1.min.js
sec.levexis.com/external/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sec.levexis.com/external/campaign-tracking-2.1.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
Protocol
SPDY
Server
52.85.173.196 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-173-196.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a28e95ac5bd8a7bea9160133b965b4ad487947089c754bff3cf2f9acc5c315a1

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 19 Jul 2017 16:13:01 GMT
content-encoding
gzip
last-modified
Wed, 26 Apr 2017 22:00:12 GMT
server
AmazonS3
age
329551
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
NpAti5xT16yKprfJW6QX57VcYxp60nTLo10x9q1cnW7g4kLYkhZu4w==
via
1.1 973544984500f17f202d338274a94acc.cloudfront.net (CloudFront)
c2aece862b4b9c680936ea72284adec2.js
nexus.ensighten.com/amexeu/prod/code/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/amexeu/prod/code/c2aece862b4b9c680936ea72284adec2.js?conditionId0=194025
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Protocol
HTTP/1.1
Server
35.157.8.66 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-8-66.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be77843061cd5a947774a901e305d787e429a11d0d65535ce4fff903d1ae36dd

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 May 2017 04:09:20 GMT
Server
nginx
ETag
W/"592e41f0-485d"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
/
ep.americanexpress.com/pc/amex/ 		42 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.americanexpress.com/pc/amex/?clRef=https%3A%2F%2Fdragondivas.ca%2Fphotos%2Fam%2F&adType=c&caId=5
Requested by
Host: dragondivas.ca
URL: https://dragondivas.ca/photos/am/
Protocol
HTTP/1.1
Server
52.29.202.185 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-202-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Mar 2018 00:57:03 GMT
X-AES-Version
1.0
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
x-offsite-uuid
f09c5763-45e6-4f0c-b2d0-f64a2b56721b
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s_code_myca_context.js
www.aexp-static.com/api/axpi/omniture/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/api/axpi/omniture/s_code_myca_context.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amexeu/Bootstrap.js?ens_mk=gb_en
Protocol
SPDY
Server
104.109.72.231 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-231.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
eaa6d8079c18e64f1a56ade85bd6c5082dd3bf72fc3e790ac7cd54f23b6cf145
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
server
IBM_HTTP_Server
status
200
date
Thu, 08 Mar 2018 00:57:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
24549
s47207047393660
omns.americanexpress.com/b/ss/amexpressserprod/1/JS-2.1.0/ 		43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omns.americanexpress.com/b/ss/amexpressserprod/1/JS-2.1.0/s47207047393660?AQB=1&ndh=1&pf=1&t=8%2F2%2F2018%200%3A57%3A4%204%200&mid=83117761965500030924153130204252738329&aid=2D50452F85310114-60000102E000B333&aamlh=6&ce=UTF-8&ns=1americanexpress&pageName=dragondivas.ca%2Fphotos%2Fam%2F&g=https%3A%2F%2Fdragondivas.ca%2Fphotos%2Fam%2F&c.&omn.&visitorCheck=VisitorAPI%20Present&itagexists=yes&etwidth=1600&etheight=1200&etratio=0.75&etorientation=landscape&.omn&.c&cc=USD&server=dragondivas.ca&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c3=en&c4=UK&v22=D%3Dgctrac&v27=UK&c48=D%3Dgctrac&c49=ENS-Ser%20r20.0.0-AM%3A2.1.0-VISID%3A1.5.2-DIL%3ANA-Mbox%3ANA-CSVisID%3ANA&v65=D%3Domnmycademo&c75=fb&v75=83117761965500030924153130204252738329&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1
Protocol
HTTP/1.1
Server
185.34.188.178 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
americanexpress.com.ssl.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://dragondivas.ca/photos/am/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 08 Mar 2018 00:57:04 GMT
X-C
ms-6.0.6
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 09 Mar 2018 00:57:04 GMT
Server
Omniture DC/2.0.0
xserver
www57
ETag
"5AA08A60-280F-2A2B3235"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Wed, 07 Mar 2018 00:57:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| browser object| isIpadIpod undefined| mt object| $itag string| itag_siteerror object| ensBootstraps object| INTLamexhead function| _log function| doSCLoad function| Visitor object| s_c_il number| s_c_in object| visitor object| mmsystem object| mmcore object| mmRequestCallbacks object| NAV string| j object| iNavConfig string| s_TopNav string| pageState object| RSA object| liloNameSpace object| AMEXMYCALOGON object| doc undefined| itag_intlinkimp function| $mycaLogon function| rwdLogonInit undefined| $ function| jQuery function| getId boolean| initialized object| defaultOfferdata object| rtdOfferdata boolean| isMYCASOA boolean| isMYCAESTMT object| persProductCode object| logoffRE object| thankyouRE object| accActivityRE object| placementList object| KeynoteRE number| soaCount object| persOfferProduct object| persCmFiveAry object| persCrdOfrIndAry object| soaRE string| pesHookPages string| pesHookPageId string| pesHookMarkets string| pesDelMarkets string| pesMarketsWithBB string| pesMarketsMigrated string| pesCookieCheck string| pesMarketsRedesigned boolean| usrConsent number| pesEnv string| commonSoln string| lang_MktCd function| getEnvironment string| persSrcUrl string| persRtdUrl string| persProto string| pesCmaxUrl string| env object| head object| script object| PZN_PES function| json_parse function| pesRenderRTDOffers function| pesRenderDefaultOffers function| populateDiv function| getValue string| docUrl string| persLanguage string| persCountry string| serviceType string| clientType string| requestType string| persPageId string| defaultURL object| pesJsonResponse object| pesErrorResponse string| pesDefaultResponse object| element function| initOmnDefault function| initiateNav function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl function| $iN object| s_TopNavTmp object| _enslog object| EUCThirdParty function| cookieStatus function| readCookie function| isValuePresentInArray function| getCurrentEnv number| eli object| Bootstrapper function| initGCT object| qsArray string| k object| o object| EUCOverlay string| euEnvCheckVar object| SWITCHON_MARKETS string| euc_domain object| BROWSER_SETTINGS_PLUS_MARKET object| OPTIN_MARKETS object| _E1_CONTEXT_ARRAY object| _E2_CONTEXT_ARRAY object| _E3_CONTEXT_ARRAY object| POLICY_ARRAY object| PRIVACY_ARRAY string| euc_cssUrl string| euc_browser object| link string| euc_locale function| inScopeURL function| euContextCheck function| isMarketInList function| euEnvCheck function| getParentDomain function| createCookiePrivacy function| amexCookieValCallback function| dropTpSyncCookie string| currDomain object| body object| boxesDiv function| showConsentOverlay function| initCookieProcess function| softPolicyLinkClickHandler function| policyLinkClickHandler function| strictprivacyLinkClickHandler function| acceptClickHandler function| declineClickHandler function| continueClickHandler function| getMarketLink function| isConsentRecorded function| trim function| bringBkFocus function| recordConsent function| dropAmexCookie function| checkAmexCookie function| trackConsent string| psj0 function| iNavLangRelatedText string| mktUpperCase function| loadScriptAsync boolean| predictiveloadflag object| icats_obj number| lastpredictiveindex undefined| searchimg number| enterStatus number| enterStatus1 string| srchlastValue number| srchtimer object| mylangObj boolean| srchomnClick string| pSrchVersion function| getJSONpredictive object| NAV_PreSearch function| itm_EUTags object| startTime number| TimeOutID function| CampaignTrackingRules function| iTagRuleCheckTimer string| s_devprod object| s_rmvars string| s_rmact number| s_rmi number| omn_temp function| s_rmobj function| omn_rmvidstart function| omn_rmvidcomplete function| omn_rmsocialaction function| omn_rmshare function| omn_rmsiteerror function| omn_rmphonedial function| omn_rmassistaction function| omn_rmsearch function| omn_rmsearchclick function| s_doPlugins function| s_cleanQS function| c_rspers function| c_r function| c_w function| AppMeasurement function| s_gi function| s_pgicq object| omn object| s number| s_objectID number| s_giq string| uc string| pv string| s_tnt object| s_i_amexpressserprod

5 Cookies

Domain/Path Name / Value
dragondivas.ca/ Name: CheckStatus
Value: Y
dragondivas.ca/ Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg
Value: 793872103%7CMCMID%7C83117761965500030924153130204252738329%7CMCAAMLH-1521075423%7C6%7CMCAAMB-1521075423%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCAID%7C2D50452F85310114-60000102E000B333
.dragondivas.ca/ Name: mmapi.store.p.0
Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22pd%22%3A%221552006623071%7C%5C%221768264654%7CAQAAAApVAgBn5%2ByB9A8AAREAAUINUcVWAQDQ0YmBj4TVSNDRiYGPhNVIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QB9A8BAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAAAAAAAAAFF%5C%22%22%2C%22srv%22%3A%221552006623072%7C%5C%22fravwcgeu03%5C%22%22%7D%7D
.dragondivas.ca/ Name: mmapi.store.s.0
Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%7D%7D
.dragondivas.ca/ Name: mmcore.tst
Value: 0.489

1 Console Messages

Source Level URL
Text
console-api log URL: https://sec.levexis.com/external/campaign-tracking-2.1.min.js(Line 2)
Message:
debug mode disabled (add &debug=1 to url to enable)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
dragondivas.ca
ep.americanexpress.com
gct.americanexpress.com
global.americanexpress.com
icm.aexp-static.com
nexus.ensighten.com
omns.americanexpress.com
sec.levexis.com
service.maxymiser.net
web.aexp-static.com
www.aexp-static.com
www425.americanexpress.com
104.109.72.231
104.109.73.124
104.109.77.137
148.173.101.84
148.173.97.38
185.34.188.178
216.113.194.65
35.157.8.66
52.17.182.129
52.29.202.185
52.85.173.196
0c93e19037feb44dc3dda4686c1e6798c1eda0d7375068361ef6a39f388cb6c4
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
194b6119fc281b37083150ed737be6da2828f7624ce2b0a5d57151095ec53279
31a51135e8ebc0b07be2255844e338d3c1e22240141ff195dcde549cc6c936da
43af4b44e4d0a3d816202402362d9fc2b9cd8c0b4e0542c596c00127087249ca
44252a396768b5375cbbf1f46752b97098d95c026f7dcf6afd174675f3b61571
4e8d2179880ca3d1d95fb66b2970cce9c77c704729765899a0d4f7d0f1e7c31f
55205b33498928f1d49f8c085ae2d66116700b244135f297a47dff5b36ac13d3
6417c477f567e655eb9797d084803f2e80bd2b8d978aa853877a5a2028cb0381
68e0a6ce3093791926563a2a14d78661e1e3a5cbd7d480f3dc52de3bff276ed4
7266422500cb40caa594945b3382fe22971b0a206b6eb23f4b00b32755be40d4
784093ec2aae5d1ff597f6c5c1b9a8ac18fe3408619a0619b8136718013128ff
788a1949d75c7f72e4bb7112727169304146d5e0adee0bce587a06bafd592a55
7bb028a4355de8c20a6d8bb1e17db4c1fbdcb888fd94b061bb9e0eb2b6eb787a
7c3561cb6494af21aeb93bee7364f2914e578a6fb8208bd3c8812a071c2ca4bb
810c785ae7e79dfefe13ee15174709dad0b3c9792b817912301938aeef6473b3
949fa55b9c2ed81f93f4b7309e8842abc49b022d2e459041a064b5c1f70f3a17
9bcaf026f622245a0f598fba25e20a1e50d120536c8c216be9c17be6cc31b639
a08b991dfa19ba78445b35bf92a865eadb08f832ab3e1913d55c39dae902bde8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a249022af99b2b62452a7a853a158cf3b9a7fb1d57524dad3cce4873ceafd4d4
a28e95ac5bd8a7bea9160133b965b4ad487947089c754bff3cf2f9acc5c315a1
a5d0dc0c73a19e24902f36ce3bf6ee6b1a8bfbdf3d61e77d91eb4024a1c2dddf
ad76da66686b4cf8d9e7a577c377a3fbaadaf96f2c495545ca381770b382447d
af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
be77843061cd5a947774a901e305d787e429a11d0d65535ce4fff903d1ae36dd
cc96a88ec17da5ed8899d398b695298c9f599f5ba5cc9f79fee9fcacfa6fbb62
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
ce76ea4802c7483d54ba3ad9917b1c4bd401fd1c19198133b8e2fd8449a6b4c4
d04be2b47a2cbba425f232c1b4868ec42af99f437f47d5189c7726ab0f61a7a8
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
db3f7ba048f883b7fdb478238bc22b72673e17449f8631f8631f66ee8e87585d
e4aaf616c795954c156c759dabe778daac6c53b2f8b783e039063ab6af701632
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaa6d8079c18e64f1a56ade85bd6c5082dd3bf72fc3e790ac7cd54f23b6cf145
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f235311ac8553aa9b2718ae64bddc957f35d0615a0fb5d276ea153d9a3cac74e
f48c5219489ab057e095abd20bb8b2d68eb0e2ea94ca89547db7ff2d078c1041
f579e856464d62e4acffa1d66a76cbb63e79e86ccf8e19ec49f561a59e68b573
fd38d747f63c634e15042af454d0da0e0ecaa4620a3800304044616807043f72