URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Submission: On March 28 via automatic, source phishtank

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 46 HTTP transactions. The main IP is 103.6.204.204, located in Bogor, Indonesia and belongs to PUSATMEDIA-AS-ID PT Pusat Media Indonesia, ID. The main domain is paytren99.com.
This is the only time paytren99.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
1 103.6.204.204 58503 (PUSATMEDI...)
14 199.200.26.160 18434 (FNIS)
7 52.59.8.110 16509 (AMAZON-02)
19 104.111.216.26 20940 (AKAMAI-ASN1)
2 54.72.182.106 16509 (AMAZON-02)
2 66.235.148.133 15224 (OMNITURE)
1 52.45.142.132 14618 (AMAZON-AES)
46 7
Domain Requested by
19 www.aexp-static.com paytren99.com
nexus.ensighten.com
www.aexp-static.com
14 personalsavings.americanexpress.com paytren99.com
7 nexus.ensighten.com paytren99.com
nexus.ensighten.com
www.aexp-static.com
2 omn.americanexpress.com www.aexp-static.com
paytren99.com
2 dpm.demdex.net paytren99.com
www.aexp-static.com
1 l.betrad.com paytren99.com
1 paytren99.com
46 7
Subject Issuer Validity Valid
personalsavings.americanexpress.com
Verizon Public SureServer CA G14-SHA2
2015-07-02 -
2017-07-02
2 years crt.sh
nexus.ensighten.com
Symantec Class 3 Secure Server SHA256 SSL CA
2014-10-27 -
2018-01-13
3 years crt.sh
americanexpress.com
GeoTrust SSL CA - G3
2016-08-10 -
2017-08-07
a year crt.sh
l.betrad.com
Go Daddy Secure Certificate Authority - G2
2014-06-23 -
2017-06-24
3 years crt.sh

This page contains 1 frames:

Primary Page: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Frame ID: 8435.1
Requests: 46 HTTP requests in this frame

Screenshot


Page Statistics

46
Requests

76 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

5
Countries

311 kB
Transfer

1123 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 22
  • http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
  • http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Request 38
  • http://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
  • https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Request 39
  • http://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
  • https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.htm
paytren99.com/admin/arboweb/examples/css/Amex16/
65 KB
14 KB
Document
General
Full URL
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Server
103.6.204.204 Bogor, Indonesia, ASN58503 (PUSATMEDIA-AS-ID PT Pusat Media Indonesia, ID),
Reverse DNS
indo6.koneksiaman.net
Software
nginx /
Resource Hash
b2625f4c2f87677b29624a2ff643d7f4e9e702939875dabab26ebd29bbc01d28

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
paytren99.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Feb 2017 23:20:04 GMT
Server
nginx
ETag
W/"58af6e24-10390"
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 27 Apr 2017 15:06:35 GMT
styles-min.css
personalsavings.americanexpress.com/onlinebanking/resources/css/
31 KB
7 KB
Stylesheet
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
3895984745f8cd072430d6eb748e9cb4ccdef54a5a589df225a6cb34ccd81941
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:48:14 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
7034
Expires
Fri, 12 May 2017 17:06:14 GMT
jquery-ui-1.11.2.min.css
personalsavings.americanexpress.com/onlinebanking/resources/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/css/jquery-ui-1.11.2.min.css
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
b8169f1a09a5d65f61900eb3de25dacc0426c27f3f427b4cc7acf54ef2986959
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1966
Expires
Fri, 12 May 2017 17:06:14 GMT
divTable.css
personalsavings.americanexpress.com/onlinebanking/resources/css/
2 KB
726 B
Stylesheet
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/css/divTable.css
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
7dc98328821868b7de11154ab41f4fca3000e41b27b5d5c490e196aeed189f52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
726
Expires
Fri, 12 May 2017 17:06:14 GMT
utilities-min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
10 KB
3 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/utilities-min.js?v=2
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
522099404936f47e9792d74f5565544f7b254b00fb6799733df3b5499e73435f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:48:14 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
3385
Expires
Fri, 12 May 2017 17:06:14 GMT
jquery-min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
93 KB
33 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery-min.js?v=1
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
33616
Expires
Fri, 12 May 2017 17:06:14 GMT
jquery-ui-1.11.2.min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
167 KB
46 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery-ui-1.11.2.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
d6ea9bc37e96dcdc269c64aa2b331b57b1a456e77c0b9477a04ea8e2e2420bbc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
46786
Expires
Fri, 12 May 2017 17:06:14 GMT
jquery.tablesorter.min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
16 KB
5 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery.tablesorter.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
4036bac2129f25400aa9cce9660eb94e3f0acb805535f63a7f5f284d1ae45342
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
4846
Expires
Fri, 12 May 2017 17:06:14 GMT
respond.matchmedia.addListener.min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
5 KB
2 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/respond.matchmedia.addListener.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
e495af9b887f132aa45639f252e55aa74f46096ec7bc08b0323f8065b122dfdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2458
Expires
Fri, 12 May 2017 17:06:14 GMT
respond.min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
4 KB
2 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/respond.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2216
Expires
Fri, 12 May 2017 17:06:14 GMT
Cookie set profile.js
personalsavings.americanexpress.com/application/js/nao/
4 KB
1 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/application/js/nao/profile.js?v=2
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
d91d188865062d0d5ba994f3ec3c8bb00adaf961ebe1443599915b1963ffb71f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Thu, 09 Feb 2017 17:25:30 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Set-Cookie
JSESSIONID=47B3D5037F10BAD9328FD1405DB503C2; Path=/application/; Secure; HttpOnly
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1415
Bootstrap.js
nexus.ensighten.com/amex/amexhead/
66 KB
16 KB
Script
General
Full URL
https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a62c8a93e48926e06ddacb27bbc39b3f3cfe0bf794c80cd21e0a3a2c54b7d63

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2017 20:51:37 GMT
Server
nginx
ETag
W/"58d2e3d9-107f6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
inav_responsive.css
www.aexp-static.com/nav/ngn/css/
83 KB
11 KB
Stylesheet
General
Full URL
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
23ba90c7f0819be51cc9fe45d223b310544beeed435849c87e10c30bc276fd68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/css/inav_responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Mon, 27 Mar 2017 19:01:30 GMT
server
IBM_HTTP_Server
status
200
date
Tue, 28 Mar 2017 15:06:13 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
11227
clear.gif
www.aexp-static.com/nav/ngn/img/
43 B
61 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/clear.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/clear.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:00 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
logo_bluebox_1x.gif
www.aexp-static.com/nav/ngn/img/
4 KB
4 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/logo_bluebox_1x.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/logo_bluebox_1x.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:41 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
4424
clear_3.gif
www.aexp-static.com/nav/ngn/img/
43 B
61 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/clear_3.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/clear_3.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:25 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
clear_2.gif
www.aexp-static.com/nav/ngn/img/
43 B
61 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/clear_2.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/clear_2.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:03 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
clear_4.gif
www.aexp-static.com/nav/ngn/img/
43 B
61 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/clear_4.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/clear_4.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:25 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
jquery.maskedinput.min.js
personalsavings.americanexpress.com/onlinebanking/resources/js/
3 KB
2 KB
Script
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/resources/js/jquery.maskedinput.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:15 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:58 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1655
Expires
Fri, 12 May 2017 17:06:15 GMT
tooltip-on.gif
personalsavings.americanexpress.com/application/images/rwd/
2 KB
2 KB
Image
General
Full URL
https://personalsavings.americanexpress.com/application/images/rwd/tooltip-on.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
ce2b43cba012bef8fd271f2b72275dcf121316346592feb2587faf1b0d403674
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie
JSESSIONID=47B3D5037F10BAD9328FD1405DB503C2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:15 GMT
www-authenticate
Basic
Last-Modified
Thu, 09 Feb 2017 17:25:26 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
User-Agent
Content-Length
1670
Keep-Alive
timeout=15, max=99
Expires
Fri, 12 May 2017 17:06:15 GMT
visitorAPI-NonAAM.js
www.aexp-static.com/api/axpi/omniture/
16 KB
7 KB
Script
General
Full URL
https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/omniture/visitorAPI-NonAAM.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
6865
e.gif
nexus.ensighten.com/error/
0
0
Image
General
Full URL
http://nexus.ensighten.com/error/e.gif?msg=Dependency%20with%20id%20214006is%20missing&lnn=-1&fn=&cid=218&client=amex&publishPath=amexhead&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Cache-Control
no-cache no-store
Server
nginx
Connection
keep-alive
Expires
Tue, 28 Mar 2017 15:06:13 GMT
serverComponent.php
nexus.ensighten.com/amex/amexhead/
171 B
149 B
Script
General
Full URL
http://nexus.ensighten.com/amex/amexhead/serverComponent.php?r=3863390683.384567&ClientID=218&PageID=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2FAmex16%2Findex.htm
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/amexhead/Bootstrap.js
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
ba1be9fef33a9e79c6e3b41996cecf4b25fc198a7b43fcca20036ce91a964edc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache no-store
Connection
keep-alive
Content-Length
149
Expires
Tue, 28 Mar 2017 15:06:13 GMT
Cookie set rd
dpm.demdex.net/id/
Redirect Chain
  • http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
  • http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
4 KB
1 KB
Script
General
Full URL
http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Server
54.72.182.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-182-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d3ebc43f849ea71e189718c044c561303e322d629846b29e4d9ff2aad8fbebda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
dpm.demdex.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie
demdex=06643823826586357371012908428236941832
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

DCS
irl1-prod-dcs-d2ba7912.edge-irl1.demdex.com master-5.7.0.20170307.213704 4ms
Pragma
no-cache
Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie
demdex=06643823826586357371012908428236941832;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 15:06:14 GMT
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
transfer-encoding
chunked
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Expires
Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Mar 2017 15:06:14 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Set-Cookie
demdex=06643823826586357371012908428236941832;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 15:06:14 GMT
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 2009 00:00:00 GMT
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/
23 KB
23 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:29 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
23367
bottom_shadow.png
personalsavings.americanexpress.com/onlinebanking/images/custom/
176 B
176 B
Image
General
Full URL
https://personalsavings.americanexpress.com/onlinebanking/images/custom/bottom_shadow.png
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
9469c7f0a4744d9cf262b6ee2eedc021042cd0bd00fc27df1f9ad458c909a34b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19
Connection
keep-alive
Cache-Control
no-cache
Referer
https://personalsavings.americanexpress.com/onlinebanking/resources/css/styles-min.css?v=19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:15 GMT
www-authenticate
Basic
Last-Modified
Fri, 03 Mar 2017 21:47:52 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=3895200
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
User-Agent
Content-Length
176
Keep-Alive
timeout=15, max=98
Expires
Fri, 12 May 2017 17:06:15 GMT
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/
143 B
161 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/img_shdw_mainNav.png
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:24:34 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
143
Cookie set id
omn.americanexpress.com/
155 B
155 B
Script
General
Full URL
http://omn.americanexpress.com/id?d_visid_ver=1.5.2&callback=s_c_il%5B0%5D._setAnalyticsFields&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=06802780872539513131028540112539725440
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js
Protocol
HTTP/1.1
Server
66.235.148.133 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
12002cdfce5537202fd4bc316258914529ceb02c77747ed0cb777103444a8f60

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
omn.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Server
Omniture DC/2.0.0
xserver
www74
Vary
Origin
X-C
ms-5.1.0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Set-Cookie
s_vi=[CS]v1|2C6D3DF30531039A-600001094002304B[CE]; Expires=Thu, 28 Mar 2019 15:06:14 GMT; Domain=americanexpress.com; Path=/
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
155
iNav_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/
5 KB
5 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_sprite_footer.gif?ver=0916_02
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/img/iNav_sprite_footer.gif?ver=0916_02
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:31 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
5012
commonFunctionsResponsive.js
www.aexp-static.com/nav/ngn/js/
58 KB
15 KB
Script
General
Full URL
https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
ad7a1acb9f8b763ff3c32f14a8ab80887dc109b81cf9cccef21cb02406bbb5fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/nav/ngn/js/commonFunctionsResponsive.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Sat, 25 Mar 2017 22:01:46 GMT
server
IBM_HTTP_Server
status
200
date
Tue, 28 Mar 2017 15:06:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
14909
Bootstrap.js
nexus.ensighten.com/amex/
51 KB
15 KB
Script
General
Full URL
http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2080c719c57f43fbc1567f6d090c85ef1c1af55d1c895569cd091c25f5cbdce9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2017 13:04:55 GMT
Server
nginx
ETag
W/"58da5f77-cc8b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
transfer-encoding
chunked
Connection
keep-alive
pes_basic.js
www.aexp-static.com/api/axpi/pzn/js/
9 KB
3 KB
Script
General
Full URL
https://www.aexp-static.com/api/axpi/pzn/js/pes_basic.js
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/nav/ngn/js/commonFunctionsResponsive.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
ae62f3451e7ab5a88ce0e2d7b3ebae46b1601ab452aa5f730b2c092aee5a8e88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/pzn/js/pes_basic.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
3098
p.gif
l.betrad.com/pub/
0
0
Image
General
Full URL
https://l.betrad.com/pub/p.gif?pid=1328&ocid=1332&ii=1&mb=0&r=0.7519199683244016
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.142.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-142-132.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/pub/p.gif?pid=1328&ocid=1332&ii=1&mb=0&r=0.7519199683244016
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
l.betrad.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

status
204
date
Tue, 28 Mar 2017 15:06:14 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
serverComponent.php
nexus.ensighten.com/amex/
478 B
298 B
Script
General
Full URL
http://nexus.ensighten.com/amex/serverComponent.php?clientID=218&PageID=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2FAmex16%2Findex.htm%3FensMarket%3DUS%26ens_env%3D3%26deviceType%3Dlarge
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
5c99d843edcc962def758cd82591cf8a73ad49f554c2928b60b55261eb102c26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache no-store
Connection
keep-alive
Content-Length
298
Expires
Tue, 28 Mar 2017 15:06:13 GMT
Cookie set id
dpm.demdex.net/
4 KB
1 KB
Script
General
Full URL
http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=06802780872539513131028540112539725440&d_blob=NRX38WO0n5BH8Th-nqAG_A&d_cid_ic=AVID%012C6D3DF30531039A-600001094002304B&d_cb=s_c_il%5B0%5D._setAudienceManagerFields
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/api/axpi/omniture/visitorAPI-NonAAM.js
Protocol
HTTP/1.1
Server
54.72.182.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-182-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66d9fa0ef23aa170b1e075306b9d6cf6546615b6da0683b699424179c392dd4e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
dpm.demdex.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie
demdex=06643823826586357371012908428236941832
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

DCS
irl1-prod-dcs-fae0076c.edge-irl1.demdex.com master-5.7.0.20170307.213704 5ms
Pragma
no-cache
Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie
demdex=06643823826586357371012908428236941832;Path=/;Domain=.demdex.net;Expires=Sun, 24-Sep-2017 15:06:14 GMT
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
1214
Expires
Thu, 01 Jan 2009 00:00:00 GMT
e24ecbbd3403d12d1a751560191260bd.js
nexus.ensighten.com/amex/prod/code/
69 KB
10 KB
Script
General
Full URL
http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9095a39105312ec67d7a49da829908ac90870bc487b19cd8e47ea062bc34e1d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Mar 2017 05:14:42 GMT
Server
nginx
ETag
W/"58c77c42-11420"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
transfer-encoding
chunked
Connection
keep-alive
4bf1d44a92bca8ee5eb4b76c3be12c24.js
nexus.ensighten.com/amex/prod/code/
25 KB
3 KB
Script
General
Full URL
http://nexus.ensighten.com/amex/prod/code/4bf1d44a92bca8ee5eb4b76c3be12c24.js?conditionId0=181208
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=us
Protocol
HTTP/1.1
Server
52.59.8.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-8-110.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
98b82cf8847082222809114376d825cfc5b819cdc7eb3e7f2c5e0be306a12196

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2016 06:57:38 GMT
Server
nginx
ETag
W/"582d54e2-6599"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
3270
aaLauncher.css
www.aexp-static.com/api/axpi/ioa/launcher/
142 KB
20 KB
Stylesheet
General
Full URL
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
1ed68a2985a2a3311bf1f07960f46d5825eb79282112a8f1d40a5046c67618f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
timing-allow-origin
*
content-length
20421
aaLauncher.js
www.aexp-static.com/api/axpi/ioa/launcher/
41 KB
9 KB
Script
General
Full URL
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.js?vr=78.0
Requested by
Host: nexus.ensighten.com
URL: http://nexus.ensighten.com/amex/prod/code/e24ecbbd3403d12d1a751560191260bd.js?conditionId0=209423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
40cad31d0f93a3bc9d0a55e0962e75b9ad679e0c184f7ec280447870ccc7e4d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/ioa/launcher/aaLauncher.js?vr=78.0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
timing-allow-origin
*
content-length
9351
s_code_global_context.js
www.aexp-static.com/api/axpi/omniture/
Redirect Chain
  • http://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
  • https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
84 KB
29 KB
Script
General
Full URL
https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
de6862b73a858760513cd401f8149a682ebe108acd4340294d247ce1ad5ba2e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/omniture/s_code_global_context.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
29271

Redirect headers

Location
https://www.aexp-static.com/api/axpi/omniture/s_code_global_context.js
Non-Authoritative-Reason
HSTS
pzncs.min.js
www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/
Redirect Chain
  • http://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
  • https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
9 KB
3 KB
Script
General
Full URL
https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
6d77af00ba6f28f990b84014477ff8f2bc109489a64d9a4c98f742030efa4458
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.aexp-static.com
referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
:scheme
https
:method
GET
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
vary
Accept-Encoding
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
3044

Redirect headers

Location
https://www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/pzncs.min.js
Non-Authoritative-Reason
HSTS
spr-online-assist2-gif-smcompressed.png
www.aexp-static.com/api/axpi/ioa/img/
16 KB
16 KB
Image
General
Full URL
https://www.aexp-static.com/api/axpi/ioa/img/spr-online-assist2-gif-smcompressed.png?vr=2.0
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
2721848dfc787df4b37a9365d0a9c77e9966c7e7465e0b178a887f2928eb2dff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

:path
/api/axpi/ioa/img/spr-online-assist2-gif-smcompressed.png?vr=2.0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Wed, 13 Aug 2014 09:00:47 GMT
server
IBM_HTTP_Server
date
Tue, 28 Mar 2017 15:06:14 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
15986
img-search-big-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/
252 B
270 B
Image
General
Full URL
https://www.aexp-static.com/api/axpi/ioa/img/img-search-big-rptr.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
1bd4bae68103ace527841f2750c5ea853e6d678c7c17582523f613bad9ae75b5

Request headers

:path
/api/axpi/ioa/img/img-search-big-rptr.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date
Tue, 28 Mar 2017 15:06:14 GMT
last-modified
Fri, 12 Oct 2012 04:14:09 GMT
server
IBM_HTTP_Server
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
252
img-search-sm-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/
204 B
222 B
Image
General
Full URL
https://www.aexp-static.com/api/axpi/ioa/img/img-search-sm-rptr.gif
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.26 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-216-26.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
62a0ceaaa490ceceeff12c2d7a98fc2c44559638807f6fdab4a72f4c21f28632

Request headers

:path
/api/axpi/ioa/img/img-search-sm-rptr.gif
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.aexp-static.com
referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
:scheme
https
:method
GET
Referer
https://www.aexp-static.com/api/axpi/ioa/launcher/aaLauncher.css?vr=11.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date
Tue, 28 Mar 2017 15:06:14 GMT
last-modified
Fri, 12 Oct 2012 04:14:09 GMT
server
IBM_HTTP_Server
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
204
s91593867266411
omn.americanexpress.com/b/ss/amexpressprod/1/JS-1.8.0/
43 B
43 B
Image
General
Full URL
http://omn.americanexpress.com/b/ss/amexpressprod/1/JS-1.8.0/s91593867266411?AQB=1&ndh=1&pf=1&t=28%2F2%2F2017%2015%3A6%3A14%202%200&mid=06802780872539513131028540112539725440&aid=2C6D3DF30531039A-600001094002304B&aamlh=6&ce=UTF-8&ns=1americanexpress&pageName=paytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2Famex16%2Findex.htm&g=http%3A%2F%2Fpaytren99.com%2Fadmin%2Farboweb%2Fexamples%2Fcss%2Famex16%2Findex.htm&c.&omn.&visitorCheck=VisitorAPI%20Present&itagexists=no&gvs=1&etwidth=1583&etheight=1132&etratio=0.7150979153506001&etorientation=landscape&.omn&.c&cc=USD&server=paytren99.com&aamb=NRX38WO0n5BH8Th-nqAG_A&c3=en&c4=US&v22=D%3Dgctrac&v27=US&c48=D%3Dgctrac&c49=ENS%20-%20Acq%20r19.0.0%20-%20AM%3A1.8.0%20-%20VISID%3A1.5.2%20-%20DIL%3ANA&v65=D%3Domnmycademo&c67=D%3Dmrcards&v67=D%3Dmrcards&c75=fb&v75=06802780872539513131028540112539725440&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1598&bh=1132&AQE=1
Requested by
Host: paytren99.com
URL: http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Protocol
HTTP/1.1
Server
66.235.148.133 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
omn.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie
s_vi=[CS]v1|2C6D3DF30531039A-600001094002304B[CE]
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:14 GMT
X-C
ms-5.1.0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Connection
Keep-Alive
Content-Length
43
Pragma
no-cache
Last-Modified
Wed, 29 Mar 2017 15:06:14 GMT
Server
Omniture DC/2.0.0
xserver
www243
ETag
"58DA7BE6-6E6A-0E983A3A"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Mon, 27 Mar 2017 15:06:14 GMT
favicon.ico
personalsavings.americanexpress.com/application/img/page/
894 B
721 B
Other
General
Full URL
https://personalsavings.americanexpress.com/application/img/page/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.200.26.160 Chicago, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS
Software
Unknown /
Resource Hash
520e6de8485ee5539e3cf2ef8f03638c32ca4ff4ced65228c1a6d37d4a42e456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
personalsavings.americanexpress.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
Cookie
JSESSIONID=47B3D5037F10BAD9328FD1405DB503C2; s_vi=[CS]v1|2C6D3DF30531039A-600001094002304B[CE]
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paytren99.com/admin/arboweb/examples/css/Amex16/index.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Tue, 28 Mar 2017 15:06:15 GMT
Content-Encoding
gzip
www-authenticate
Basic
Last-Modified
Thu, 09 Feb 2017 17:25:30 GMT
Server
Unknown
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
721

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.paytren99.com/ Name: s_pers
Value: %20s_visit%3D1%7C1490715374541%3B%20gpv_v41%3Dpaytren99.com%252Fadmin%252Farboweb%252Fexamples%252Fcss%252Famex16%252Findex.htm%7C1490715374546%3B%20s_uvid%3D1490713574554903%7C1648393574553%3B%20s_vnum%3D1%7C1648393574554%3B%20s_invisit%3Dtrue%7C1490715374554%3B
paytren99.com/ Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg
Value: 793872103%7CMCMID%7C06802780872539513131028540112539725440%7CMCAAMLH-1491318374%7C6%7CMCAAMB-1491318374%7CNRX38WO0n5BH8Th-nqAG_A%7CMCAID%7C2C6D3DF30531039A-600001094002304B
.paytren99.com/ Name: s_sess
Value: %20tp%3D1264%3B%20s_cc%3Dtrue%3B%20s_ppv%3Dpaytren99.com%252Fadmin%252Farboweb%252Fexamples%252Fcss%252Famex16%252Findex.htm%252C90%252C90%252C1132%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
l.betrad.com
nexus.ensighten.com
omn.americanexpress.com
paytren99.com
personalsavings.americanexpress.com
www.aexp-static.com
103.6.204.204
104.111.216.26
199.200.26.160
52.45.142.132
52.59.8.110
54.72.182.106
66.235.148.133
0a62c8a93e48926e06ddacb27bbc39b3f3cfe0bf794c80cd21e0a3a2c54b7d63
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
12002cdfce5537202fd4bc316258914529ceb02c77747ed0cb777103444a8f60
1bd4bae68103ace527841f2750c5ea853e6d678c7c17582523f613bad9ae75b5
1ed68a2985a2a3311bf1f07960f46d5825eb79282112a8f1d40a5046c67618f8
2080c719c57f43fbc1567f6d090c85ef1c1af55d1c895569cd091c25f5cbdce9
23ba90c7f0819be51cc9fe45d223b310544beeed435849c87e10c30bc276fd68
2721848dfc787df4b37a9365d0a9c77e9966c7e7465e0b178a887f2928eb2dff
3895984745f8cd072430d6eb748e9cb4ccdef54a5a589df225a6cb34ccd81941
4036bac2129f25400aa9cce9660eb94e3f0acb805535f63a7f5f284d1ae45342
40cad31d0f93a3bc9d0a55e0962e75b9ad679e0c184f7ec280447870ccc7e4d5
4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d
520e6de8485ee5539e3cf2ef8f03638c32ca4ff4ced65228c1a6d37d4a42e456
522099404936f47e9792d74f5565544f7b254b00fb6799733df3b5499e73435f
5c99d843edcc962def758cd82591cf8a73ad49f554c2928b60b55261eb102c26
62a0ceaaa490ceceeff12c2d7a98fc2c44559638807f6fdab4a72f4c21f28632
66d9fa0ef23aa170b1e075306b9d6cf6546615b6da0683b699424179c392dd4e
6d77af00ba6f28f990b84014477ff8f2bc109489a64d9a4c98f742030efa4458
7dc98328821868b7de11154ab41f4fca3000e41b27b5d5c490e196aeed189f52
82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba
9095a39105312ec67d7a49da829908ac90870bc487b19cd8e47ea062bc34e1d5
9469c7f0a4744d9cf262b6ee2eedc021042cd0bd00fc27df1f9ad458c909a34b
98b82cf8847082222809114376d825cfc5b819cdc7eb3e7f2c5e0be306a12196
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad7a1acb9f8b763ff3c32f14a8ab80887dc109b81cf9cccef21cb02406bbb5fa
ae62f3451e7ab5a88ce0e2d7b3ebae46b1601ab452aa5f730b2c092aee5a8e88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2625f4c2f87677b29624a2ff643d7f4e9e702939875dabab26ebd29bbc01d28
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
b8169f1a09a5d65f61900eb3de25dacc0426c27f3f427b4cc7acf54ef2986959
ba1be9fef33a9e79c6e3b41996cecf4b25fc198a7b43fcca20036ce91a964edc
c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
ce2b43cba012bef8fd271f2b72275dcf121316346592feb2587faf1b0d403674
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d3ebc43f849ea71e189718c044c561303e322d629846b29e4d9ff2aad8fbebda
d6ea9bc37e96dcdc269c64aa2b331b57b1a456e77c0b9477a04ea8e2e2420bbc
d91d188865062d0d5ba994f3ec3c8bb00adaf961ebe1443599915b1963ffb71f
de6862b73a858760513cd401f8149a682ebe108acd4340294d247ce1ad5ba2e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495af9b887f132aa45639f252e55aa74f46096ec7bc08b0323f8065b122dfdc