urlscan.io logo urlscan.io
SecurityTrails logo

buynow.elavon.net Open in urlscan Pro
2a02:26f0:280:19d::2a77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buynow.elavon.net/
Effective URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Submission: On February 03 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2a02:26f0:280:19d::2a77, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is buynow.elavon.net.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 8th 2023. Valid for: a year.
This is the only time buynow.elavon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:280... 20940 (AKAMAI-ASN1)
7 24 2a02:26f0:280... 20940 (AKAMAI-ASN1)
2 23.197.6.137 16625 (AKAMAI-AS)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 18.165.201.79 16509 (AMAZON-02)
1 54.186.11.55 ()
25 5
1    2a02:26f0:280:181::2a77 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
buynow.elavon.net
24    2a02:26f0:280:19d::2a77 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
buynow.elavon.net
2    23.197.6.137 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-6-137.deploy.static.akamaitechnologies.com
onlinebanking.usbank.com
2    2a02:26f0:480:5b0::39f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
content.usbank.com
3    18.165.201.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-79.lhr50.r.cloudfront.net
cdn.appdynamics.com
1    54.186.11.55 (None, )

ASN- ()
pdx-col.eum-appdynamics.com
Apex Domain
Subdomains		 Transfer
25 elavon.net
buynow.elavon.net
2 MB
4 usbank.com
onlinebanking.usbank.com — Cisco Umbrella Rank: 30966
content.usbank.com — Cisco Umbrella Rank: 30692
598 KB
3 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4434
65 KB
1 eum-appdynamics.com
pdx-col.eum-appdynamics.com
779 B
25 4
Domain Requested by
25 buynow.elavon.net 8 redirects buynow.elavon.net
onlinebanking.usbank.com
3 cdn.appdynamics.com onlinebanking.usbank.com
cdn.appdynamics.com
2 content.usbank.com
2 onlinebanking.usbank.com buynow.elavon.net
cdn.appdynamics.com
1 pdx-col.eum-appdynamics.com cdn.appdynamics.com
25 5

This site contains links to these domains. Also see Links.

Domain
www.elavon.com
Subject Issuer Validity Valid
convergepay.com
Entrust Certification Authority - L1M		 2023-06-08 -
2024-06-07		 a year crt.sh
www.usbank.com
Entrust Certification Authority - L1M		 2023-09-29 -
2024-10-29		 a year crt.sh
usb.usbank.com
Entrust Certification Authority - L1M		 2023-04-05 -
2024-04-04		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Frame ID: 34086404266F3A509D447747F1BEA594
Requests: 24 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.a57fe9a4dfa0e1d6b2dc001466e4e21d.html
Frame ID: 13E4CCB98E27E100A6352C12A068A3AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://buynow.elavon.net/ HTTP 301
    https://buynow.elavon.net/ HTTP 302
    https://buynow.elavon.net/aws HTTP 302
    https://buynow.elavon.net/assisted-signup?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy HTTP 302
    https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

25
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

3004 kB
Transfer

5093 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buynow.elavon.net/ HTTP 301
    https://buynow.elavon.net/ HTTP 302
    https://buynow.elavon.net/aws HTTP 302
    https://buynow.elavon.net/assisted-signup?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy HTTP 302
    https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://buynow.elavon.net/aws/env/whoami HTTP 302
  • https://buynow.elavon.net/assisted-signup?ctx=autherr HTTP 302
  • https://buynow.elavon.net/assisted-signup/?ctx=autherr
Request Chain 6
  • https://buynow.elavon.net/aws/env/touch HTTP 302
  • https://buynow.elavon.net/assisted-signup?ctx=autherr HTTP 302
  • https://buynow.elavon.net/assisted-signup/?ctx=autherr

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buynow.elavon.net/assisted-signup/
Redirect Chain
  • http://buynow.elavon.net/
  • https://buynow.elavon.net/
  • https://buynow.elavon.net/aws
  • https://buynow.elavon.net/assisted-signup?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
  • https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
6650d4d9909fe1f64bd74ce35effa25d43318325469c36811b29d1dff1451991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2063
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Feb 2024 18:40:41 GMT
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Akamai-Transformed
9 4434 0 pmb=mTOE,1
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 03 Feb 2024 18:40:40 GMT
Location
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
customerFlow.dabde5a8.chunk.css
buynow.elavon.net/assisted-signup/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/static/css/customerFlow.dabde5a8.chunk.css
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
00eadd458a32cb76ac4fe36f8d2e46806b115e4921f57de36ade7f54076b6546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 03 Feb 2024 18:40:41 GMT
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
584
X-XSS-Protection
1; mode=block
2.9acafcd8.chunk.js
buynow.elavon.net/assisted-signup/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8167eb0437bef2fe4ea926dd73dca2ce9e84c049e70407984a107b790baef84b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1171524
X-XSS-Protection
1; mode=block
customerFlow.fb399cce.chunk.js
buynow.elavon.net/assisted-signup/static/js/ 		837 KB
838 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/static/js/customerFlow.fb399cce.chunk.js
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7630ff019a468550abdc722649b0a9ba36844611d35f481811e995459bc7ccd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
857582
X-XSS-Protection
1; mode=block
MSnQ
buynow.elavon.net/5c241n/xSnd/r82/ljr/3k4dl7oXUC4/3L3hDwr2VS/c3wSdn5v/KHwhMmQ/ 		224 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/5c241n/xSnd/r82/ljr/3k4dl7oXUC4/3L3hDwr2VS/c3wSdn5v/KHwhMmQ/MSnQ
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 18:40:41 GMT
Content-Encoding
br
Last-Modified
Wed, 02 Aug 2023 16:13:26 GMT
ETag
"d15999c060cd843cceffa40902030823965674cd54ab7971bcc3b2327250044a"
Stored-Attribute-Sha-Checksum
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
83654
props
buynow.elavon.net/scwebapi/ 		424 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/scwebapi/props
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
36a2370a89ce52429c5dc7909b6b8738847efd68f8f9767348f75fb855b3ac23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US&ctoken=LjaRqEIy
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:42 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Content-Length
424
X-XSS-Protection
1; mode=block
/
buynow.elavon.net/assisted-signup/
Redirect Chain
  • https://buynow.elavon.net/aws/env/whoami
  • https://buynow.elavon.net/assisted-signup?ctx=autherr
  • https://buynow.elavon.net/assisted-signup/?ctx=autherr
4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/?ctx=autherr
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
Protocol
HTTP/1.1
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
6650d4d9909fe1f64bd74ce35effa25d43318325469c36811b29d1dff1451991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 03 Feb 2024 18:40:43 GMT
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2063
X-XSS-Protection
1; mode=block
X-Akamai-Transformed
9 4434 0 pmb=mTOE,1

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:42 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Location
https://buynow.elavon.net/assisted-signup/?ctx=autherr
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
/
buynow.elavon.net/assisted-signup/
Redirect Chain
  • https://buynow.elavon.net/aws/env/touch
  • https://buynow.elavon.net/assisted-signup?ctx=autherr
  • https://buynow.elavon.net/assisted-signup/?ctx=autherr
4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/?ctx=autherr
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
Protocol
HTTP/1.1
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
6650d4d9909fe1f64bd74ce35effa25d43318325469c36811b29d1dff1451991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 03 Feb 2024 18:40:42 GMT
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2063
X-XSS-Protection
1; mode=block
X-Akamai-Transformed
9 4434 0 pmb=mTOE,1

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:42 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Location
https://buynow.elavon.net/assisted-signup/?ctx=autherr
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
getJurisdictionInfo
buynow.elavon.net/sb/md/ 		114 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/sb/md/getJurisdictionInfo
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d7dc4c297d20c51edf44b6e1332624a0896f16b4137124f2dfb4571988f80f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:42 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/json
Connection
keep-alive
Content-Length
114
X-XSS-Protection
1; mode=block
logo.f4ce8505.png
buynow.elavon.net/assisted-signup/static/media/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buynow.elavon.net/assisted-signup/static/media/logo.f4ce8505.png
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f6bca39a9803602af62a177ab175660e58a75b38ad46884f90ad825deed4586e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:47:34 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33197
X-XSS-Protection
1; mode=block
OpenSans-Regular.629a55a7.ttf
buynow.elavon.net/assisted-signup/static/media/ 		212 KB
213 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/static/media/OpenSans-Regular.629a55a7.ttf
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/css/customerFlow.dabde5a8.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buynow.elavon.net/assisted-signup/static/css/customerFlow.dabde5a8.chunk.css
Origin
https://buynow.elavon.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jan 2024 21:26:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217360
X-XSS-Protection
1; mode=block
MSnQ
buynow.elavon.net/5c241n/xSnd/r82/ljr/3k4dl7oXUC4/3L3hDwr2VS/c3wSdn5v/KHwhMmQ/ 		18 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/5c241n/xSnd/r82/ljr/3k4dl7oXUC4/3L3hDwr2VS/c3wSdn5v/KHwhMmQ/MSnQ
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/5c241n/xSnd/r82/ljr/3k4dl7oXUC4/3L3hDwr2VS/c3wSdn5v/KHwhMmQ/MSnQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 03 Feb 2024 18:40:42 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://buynow.elavon.net
Access-Control-Allow-Credentials
true
x_req_id
72ce7906-c6f2-404d-bdec-6a693b249b58
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
getScarecrowProperty
buynow.elavon.net/scwebapi/ 		87 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/scwebapi/getScarecrowProperty
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
13d989357a5273b8a62a77c5d08d435c6bb8f432ff9a47cf7ef4f38a65392e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:43 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Content-Length
87
X-XSS-Protection
1; mode=block
mfa-config-settings
buynow.elavon.net/aws/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/aws/mfa-config-settings
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
add27740a1c6e196bcdd22399ed2693e66ee5a2a90361648ebac0af42b622b7f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Sat, 03 Feb 2024 18:40:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Content-Length
2218
X-XSS-Protection
1; mode=block
getScarecrowProperty
buynow.elavon.net/scwebapi/ 		87 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/scwebapi/getScarecrowProperty
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
13d989357a5273b8a62a77c5d08d435c6bb8f432ff9a47cf7ef4f38a65392e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Sat, 03 Feb 2024 18:40:43 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Content-Length
87
X-XSS-Protection
1; mode=block
manifest.json
buynow.elavon.net/assisted-signup/auth/login/wmf/latest/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/assisted-signup/auth/login/wmf/latest/manifest.json
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
none / Express
Resource Hash
8a6fab9e4ccd0c5fce3c67b983d3760a222c0e0164b0491c38db11db3b2d638d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Date
Sat, 03 Feb 2024 18:40:43 GMT
Last-Modified
Sat, 20 Jan 2024 03:41:55 GMT
Server
none
x-powered-by
Express
ETag
W/"7af-18d24f5f3b8"
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
x-envoy-upstream-service-time
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1967
main-5190f2602e54070f7dd2.js
onlinebanking.usbank.com/auth/login/wmf/latest/ 		2 MB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/wmf/latest/main-5190f2602e54070f7dd2.js
Requested by
Host: buynow.elavon.net
URL: https://buynow.elavon.net/assisted-signup/static/js/2.9acafcd8.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.197.6.137 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-6-137.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cc6c4b2493646eb455be40522e20af598fa820b24aa214fceaea90dc6e42f958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 18:40:44 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 03:17:54 GMT
server
AkamaiNetStorage
etag
"49ca6cfcf348aa5ce216d5368f096c3a:1705979874.19364"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
expires
Sat, 03 Feb 2024 19:40:44 GMT
HelveticaNeueLTW04-55Roman.woff2
content.usbank.com/content/dam/onlinebanking/common/static/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.usbank.com/content/dam/onlinebanking/common/static/fonts/HelveticaNeueLTW04-55Roman.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:480:5b0::39f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f0d0bf9731f51367f0cafa9b577e7cc77c1532e7c66b27bd51f7c8bb670d05d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://buynow.elavon.net/
Origin
https://buynow.elavon.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 18:40:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Jun 2023 09:34:29 GMT
server
Apache
etag
"a58c-5ff192c79d340"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=84600
content-disposition
attachment; filename="HelveticaNeueLTW04-55Roman.woff2"
accept-ranges
bytes
content-length
42380
x-xss-protection
1
HelveticaNeueLTW06-75Bold.woff2
content.usbank.com/content/dam/onlinebanking/common/static/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.usbank.com/content/dam/onlinebanking/common/static/fonts/HelveticaNeueLTW06-75Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:480:5b0::39f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
18c62620ec5edc900168b99105c1de69cf183bbe46f776add1bb3d0f81c05e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://buynow.elavon.net/
Origin
https://buynow.elavon.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 18:40:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Jun 2023 09:34:29 GMT
server
Apache
etag
"a41c-5ff192c79d340"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=84600
content-disposition
attachment; filename="HelveticaNeueLTW06-75Bold.woff2"
accept-ranges
bytes
content-length
42012
x-xss-protection
1
adrum-latest.js
cdn.appdynamics.com/adrum/ 		118 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: onlinebanking.usbank.com
URL: https://onlinebanking.usbank.com/auth/login/wmf/latest/main-5190f2602e54070f7dd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-79.lhr50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
9130b21609b6374265d7ba982746d6ff332ee107ec831b7c92760df02f4af248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:18:25 GMT
content-encoding
gzip
via
1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P3
age
447738
x-cache
Hit from cloudfront
last-modified
Tue, 21 Nov 2023 16:11:08 GMT
server
nginx/1.16.1
etag
W/"655cd69c-1d6a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_G85W62I3UkoELrE7f2BpB_QF21zqo5Us1LrJsdA63FQFA3pEJSTZw==
config
buynow.elavon.net/authentication/customer-auth/app-config/v1/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buynow.elavon.net/authentication/customer-auth/app-config/v1/config
Requested by
Host: onlinebanking.usbank.com
URL: https://onlinebanking.usbank.com/auth/login/wmf/latest/main-5190f2602e54070f7dd2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19d::2a77 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a2a01a460cb8558bd70046730f81e8d35afd602b08780f37d1a5a8ba004c13de
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Correlation-ID
172f4421-08d3-4483-88c9-df143a9c5d6d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
AK
CdwGHNWbM8D8GH5QNNIJGhYj22SVfS0h
Accept
application/json, text/plain, */*
Referer
https://buynow.elavon.net/assisted-signup/?ac=USA&userLanguage=en-US
App-ID
EBoardingNA
Tenant-ID
ELAVON
Channel-ID
web
Interaction-ID
6df973f6-c728-4d8d-9808-e92545598a11
App-Version
1

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self';
Correlation-ID
172f4421-08d3-4483-88c9-df143a9c5d6d
Date
Sat, 03 Feb 2024 18:40:45 GMT
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/json
Cache-Control
no-store
x-envoy-upstream-service-time
54
Connection
keep-alive
Content-Length
2145
adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
cdn.appdynamics.com/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-79.lhr50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
edde5f9519d05ce9c276faa8df865f8ab1eb0e9696bd6c1b0bbd5d174fd8dc1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 02:35:15 GMT
content-encoding
gzip
via
1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P3
age
2217929
x-cache
Hit from cloudfront
last-modified
Tue, 21 Nov 2023 16:11:07 GMT
server
nginx/1.16.1
etag
W/"655cd69b-d667"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
NFiD0UjTM958v91ThEHvCdDKBRKlw0dKnNF2dzUIBZL_hsZuQmucyg==
adrum-xd.a57fe9a4dfa0e1d6b2dc001466e4e21d.html
cdn.appdynamics.com/ Frame 13E4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-xd.a57fe9a4dfa0e1d6b2dc001466e4e21d.html
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-79.lhr50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
afebd1a1549298a5741c0f337ef4b4cc50efa17e28b31d122d0377f5fb7cf5a8

Request headers

Referer
https://buynow.elavon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
age
1087506
cache-control
public, max-age=2678400, s-max-age=14400
content-encoding
gzip
content-type
text/html
date
Mon, 22 Jan 2024 04:35:38 GMT
etag
W/"655cd69b-7ca"
last-modified
Tue, 21 Nov 2023 16:11:07 GMT
server
nginx/1.16.1
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
x-amz-cf-id
MBP-DrmFPjCvJ9PwRPMjX7vYEXwOYr6OKaAuNHWma7kvmmoquUcTcA==
x-amz-cf-pop
LHR50-P3
x-cache
Hit from cloudfront
943-6227e420d94c716442f0.js
onlinebanking.usbank.com/auth/login/wmf/latest/ 		383 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/wmf/latest/943-6227e420d94c716442f0.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.197.6.137 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-6-137.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3e3afbc957bd5605d6e38b7105cf0468ba09c26b052e1274ad7adfb9c343631b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buynow.elavon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 18:40:45 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 03:17:48 GMT
server
AkamaiNetStorage
etag
"83bca217417d7ced1dc7bacabd1994f8:1705979868.919466"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
expires
Sat, 03 Feb 2024 19:40:45 GMT
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v2/APP_KEY_NOT_SET/ 		0
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v2/APP_KEY_NOT_SET/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.11.55 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536010; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://buynow.elavon.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 18:40:47 GMT
strict-transport-security
max-age=31536010; includeSubDomains
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ua number| msie number| trident undefined| vars undefined| parts undefined| englishMessage undefined| danishMessage undefined| germanMessage undefined| frenchMessage undefined| norwayMessage undefined| polishMessage undefined| swedishMessage undefined| spanshMessage object| sbWebpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| _cf object| bmak string| _sdTrace object| process object| USBAuthLoginModule object| webpackChunkUSBAuthLoginModule object| appDTimers object| com object| aesjs object| elliptic function| sha256 function| sha224 object| __XMSDK_PLUGINS number| adrum-start-time boolean| adrum-disable object| adrum-config string| ConfigAppID object| ADRUM

12 Cookies

Domain/Path Name / Value
buynow.elavon.net/assisted-signup Name: JSESSIONID
Value: "au9L1YY07_U1HJQeiSLYNegBuZ68y5ihUs3RbOz7.svplknxjbcoreapp01:instantdec_3801"
.elavon.net/ Name: bm_sz
Value: DD1C911530E62ABD988A9EF33BD73D6B~YAAQYXcTAhP/slSNAQAAqcpFcBbv4e344uGbH7NOvvoO6gpyYohr4wx/7rCcCik8E5e8PfItPQFCE5RoldRWulOytwq1VuppIxK3rBjMd6N/F7yfHLTSOyRU4FrrIslkF0MVnmN7lKOMliDKViN+UEDQ6LCU7Tkdw3PtsKVvSxIb+DgkcOhGwYS5xXEoQzrcWhw9rIuQC5NoMvwz2Nt3nl8lSlZVl7CU/wwdEdefED4UT3XFjtLpUUNrhK5gWymzM91zwlX81IFIFFuXsTWUe3Op2jowe6RN+/UOMoTvdN+jNwjIb5Fd+32zY+roGhFGyuqBD91uBBCLzZGlpCBS~4276545~3485747
buynow.elavon.net/ Name: JSESSIONID
Value: "au9L1YY07_U1HJQeiSLYNegBuZ68y5ihUs3RbOz7.svplknxjbcoreapp04:instantdec_3801"
buynow.elavon.net/ Name: SameSite
Value: None
buynow.elavon.net/ Name: userLanguage
Value: en_US
.elavon.net/ Name: ak_bmsc
Value: C3F14746639C5E02CF33F76FA17160B3~000000000000000000000000000000~YAAQRXcTAqT7kmGNAQAAKdVFcBbOmBTTWnsxsJpXFXFeNHqBAncoZlcd7x78VY8yXKDNEKEaYZrWMbipTHmWdjHvZyMUKyjHD4Xt9f7mlhgCUTf+xZ2BQ6Y4Nh9N5sjSQAiCbM4OsxEYvK1/fNbFLKBEesXNJsgDO/WHiu71D2lg6aqsh/n9BWgJR9UoM+kibsn0YOBHYEc6yiAv1bCk0vlJhGA/P/v7gZsybV0cpgRCUP9lQZgBqC7qu5LNpO2jjJ2/j6pW0Xj/UmTWNsweEZyVGsS8eHhXYAFREg1stLQStkFvAuxHfEZL6MAz27bCKbRZ/GCkDJDf6T1cbXwb9Rj7FCTUqKUSIi0lXCxSXeUVXLmqN/PcUdJzkLnp+am/lA==
.elavon.net/ Name: mp_5d96c0bf40271980c46286796a53dc38_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218d7045d82cefd-0efb476bc6203b-65335652-1d4c00-18d7045d82d14a2%22%2C%22%24device_id%22%3A%20%2218d7045d82cefd-0efb476bc6203b-65335652-1d4c00-18d7045d82d14a2%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
buynow.elavon.net/ Name: ADRUM_BT1
Value: "R:68|i:1660595|d:6"
buynow.elavon.net/ Name: ADRUM_BTa
Value: "R:68|g:dc0e1366-4d5b-44d6-a7d1-7c776d93db56|n:USBANK_351d091f-c3a8-4779-a0da-4a53785ebec3"
buynow.elavon.net/ Name: EXTOLB
Value: !PP8q+RtV4ie2lmwjLoi167TaC0xMAnXeAOyZktjOVUM/Atz3ty/rlauM8U1uecxi2eDnME3sZLKIkg==
.elavon.net/ Name: _abck
Value: 81ACA732B5C4A3923F53EEE00D39FA52~-1~YAAQRXcTAsj9kmGNAQAAbuVFcAshS/9IKSYfRWGOiH31/bBqEv/6rmZjt5+9q7zCoSdozR2UrAkUbibY4ZCq8VBhaeoeeCnj2Oq/bMzpslleu6lpEZTio3Tbb484I/FH8+VHMZs1Z5tSA1RZV8ku58dwGJkX/appuqD8o6R4Hp3PBCKw96XrGXGjtZ8Ye5yhBxUrKiWW3dHY1SiDwB7/jT7gmVTEymmuLIZgEehZx1ojGKO7UVEy6GR5Y9v7+swJ4xpmVyT8fm+nw3Z1S/ornpOX2MEOTmiwc8be0W/iqkuKzTE/atlF1VoiE3rpCdDxcIcSUdat8F10p7iBWlm1DmZWa3U/Uft24rS1FWsfM9lxKpUQDuoKFdkwj+lPuaRMOPE8d3GM8xelNPy8zBNjGcGrVwcotG45~0~-1~-1
.elavon.net/ Name: bm_sv
Value: EBDDBAF2A7E508DAA299A82FCE683EE7~YAAQRXcTAsn9kmGNAQAAbuVFcBYaRCMIhlMrx+cAgQHmcBtAlZfgXyI+Va/fg6XhNsdUBlZL+Wog+d9DF9TyobK6QDFh9K2OZGubiNmBjGaZYUvtrVYTMB0GSTrP/n3z9wo/aVEuyzdI7IBqsAFPU0LvoVnrHY5y7M26rQaw7hWtZv2ydushwwehb1knROmL7HEaAyBhEyf7x5GqOuMHG4+vit/M1Ik8u7GH67T9wMG1D64rUvRi1eug76N0I2TE~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buynow.elavon.net
cdn.appdynamics.com
content.usbank.com
onlinebanking.usbank.com
pdx-col.eum-appdynamics.com
18.165.201.79
23.197.6.137
2a02:26f0:280:181::2a77
2a02:26f0:280:19d::2a77
2a02:26f0:480:5b0::39f0
54.186.11.55
00eadd458a32cb76ac4fe36f8d2e46806b115e4921f57de36ade7f54076b6546
13d989357a5273b8a62a77c5d08d435c6bb8f432ff9a47cf7ef4f38a65392e4a
18c62620ec5edc900168b99105c1de69cf183bbe46f776add1bb3d0f81c05e2b
36a2370a89ce52429c5dc7909b6b8738847efd68f8f9767348f75fb855b3ac23
3e3afbc957bd5605d6e38b7105cf0468ba09c26b052e1274ad7adfb9c343631b
6650d4d9909fe1f64bd74ce35effa25d43318325469c36811b29d1dff1451991
7630ff019a468550abdc722649b0a9ba36844611d35f481811e995459bc7ccd9
8167eb0437bef2fe4ea926dd73dca2ce9e84c049e70407984a107b790baef84b
8a6fab9e4ccd0c5fce3c67b983d3760a222c0e0164b0491c38db11db3b2d638d
9130b21609b6374265d7ba982746d6ff332ee107ec831b7c92760df02f4af248
a2a01a460cb8558bd70046730f81e8d35afd602b08780f37d1a5a8ba004c13de
add27740a1c6e196bcdd22399ed2693e66ee5a2a90361648ebac0af42b622b7f
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d
afebd1a1549298a5741c0f337ef4b4cc50efa17e28b31d122d0377f5fb7cf5a8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
cc6c4b2493646eb455be40522e20af598fa820b24aa214fceaea90dc6e42f958
d7dc4c297d20c51edf44b6e1332624a0896f16b4137124f2dfb4571988f80f23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
edde5f9519d05ce9c276faa8df865f8ab1eb0e9696bd6c1b0bbd5d174fd8dc1a
f0d0bf9731f51367f0cafa9b577e7cc77c1532e7c66b27bd51f7c8bb670d05d6
f6bca39a9803602af62a177ab175660e58a75b38ad46884f90ad825deed4586e