retrievals.echecks.com Open in urlscan Pro
2.18.64.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW
Submission Tags: falconsandbox
Submission: On July 26 via api (July 26th 2024, 3:01:36 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2.18.64.19, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is retrievals.echecks.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on September 26th 2023. Valid for: a year.

This is the only time retrievals.echecks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2.18.64.19 2.18.64.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:58c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.255.168.181 34.255.168.181	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:28d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.73.80.234 54.73.80.234	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.105.226 99.80.105.226	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1 1	18.244.20.31 18.244.20.31	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	15

18 2.18.64.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-19.deploy.static.akamaitechnologies.com

retrievals.echecks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.echecks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:58c::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.168.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-168-181.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:28d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.80.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-80-234.eu-west-1.compute.amazonaws.com

deluxecorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.105.226 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-105-226.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

sstats.deluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.20.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-31.fra56.r.cloudfront.net

d37gvrvc0wt4s1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	echecks.com retrievals.echecks.com my.echecks.com — Cisco Umbrella Rank: 674957	868 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	142 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 deluxecorp.demdex.net — Cisco Umbrella Rank: 432237	2 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 2168 c.go-mpulse.net — Cisco Umbrella Rank: 906	51 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	70 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	9 KB
1	cloudfront.net 1 redirects d37gvrvc0wt4s1.cloudfront.net	608 B
1	deluxe.com sstats.deluxe.com — Cisco Umbrella Rank: 453205	373 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	93 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	304 B
44	14

	Domain	Requested by
17	my.echecks.com	retrievals.echecks.com my.echecks.com
7	cdn.cookielaw.org	retrievals.echecks.com cdn.cookielaw.org
3	bat.bing.com	retrievals.echecks.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	assets.adobedtm.com retrievals.echecks.com
2	fonts.googleapis.com	my.echecks.com
2	assets.adobedtm.com	retrievals.echecks.com assets.adobedtm.com
1	cdnjs.cloudflare.com
1	d37gvrvc0wt4s1.cloudfront.net	1 redirects
1	sstats.deluxe.com	retrievals.echecks.com
1	cm.everesttech.net	1 redirects
1	deluxecorp.demdex.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	www.googletagmanager.com	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	s.go-mpulse.net	retrievals.echecks.com
1	retrievals.echecks.com
44	17

This site contains links to these domains. Also see Links.

Domain
my.echecks.com
echecks.zendesk.com
www.btobsource.com

Subject Issuer	Validity	Valid
www.echecks.com GlobalSign Extended Validation CA - SHA256 - G3	`2023-09-26` - `2024-10-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
sstats.deluxe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-17` - `2025-06-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW
Frame ID: B3238021AEA2D5D3E7D158804EE36D3D
Requests: 40 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/4CHDC-GCC6E-9FEA5-GN9CD-TK7AM
Frame ID: 1E7E0800FFD4D37D0937129D862F904E
Requests: 2 HTTP requests in this frame

Frame: https://my.echecks.com/salesforce_chat?affiliate_brand_name=deluxe&body_class=bg-snow-white&show_widget=true
Frame ID: A9036A449C199B2CF23811F45E5C934C
Requests: 4 HTTP requests in this frame

Frame: https://deluxecorp.demdex.net/dest5.html?d_nsid=0
Frame ID: DDC58B47657B0FDF496EA8DDFA6D945A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retrieve Your eCheck | Deluxe Payment Exchange

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

44
Requests

95 %
HTTPS

56 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

1319 kB
Transfer

3439 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://my.echecks.com/assets/sample_print-765711e6dc5a0af0bdfb04083fa21be32edfd269e797ae47a0c7af1efaf486f6.pdf
Title: Sample File

Search URL Search Domain Scan URL

URL: https://echecks.zendesk.com/hc/en-us/articles/19622943994771-Before-you-Print
Title: set print scaling

Search URL Search Domain Scan URL

URL: https://echecks.zendesk.com/hc/en-us
Title: Help Center & Articles

Search URL Search Domain Scan URL

URL: https://my.echecks.com/user_terms_and_conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://my.echecks.com/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://my.echecks.com/accessibility_policy
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://www.btobsource.com/Cookie-Policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://cm.everesttech.net/cm/dd?d_uuid=78810217274491081903887492067540628619 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqO6SAAAAGB8-wOJ

Request Chain 43

https://d37gvrvc0wt4s1.cloudfront.net/js/1/rollbar.min.js HTTP 301
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.1.0/rollbar.min.js

44 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request FJE_3ecGfkcBpnmCvQAW Show response
retrievals.echecks.com/check_retrievals/ 94 KB
31 KB 1582ms
548ms Document
text/html 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

be22bb770151e06022e45145b3681bfcee223160437892a0778c5f04268c0c08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .my.echecks.com my.echecks.com default-src ; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE, PATCH
Access-Control-Allow-Origin: https://retrievals.echecks.com
Cache-Control: private, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 28941
Content-Security-Policy: frame-ancestors 'self' *.my.echecks.com my.echecks.com default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Jul 2024 15:01:26 GMT
ETag: W/"2f7ea8015f15592cef40aff79b195738"
Link: <https://my.echecks.com/assets/retrieval/application/pages/check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/retrieval/application/pages/check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/retrieval/check_retrievals-b908df3510b1bf9de6ef84f158e7ac7090cf3f3b3243a8433396adf3baa0647c.js>; rel=preload; as=script; nopush,<https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/application-v2-609ef5154af2ab62d0d0f81f370c464cf5bd2b33884133c24baf2cc4e7565cf8.js>; rel=preload; as=script; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Server-Timing: cdn-cache; desc=MISS edge; dur=267 origin; dur=227 ak_p; desc="1722006085039_34911059_1672354145_49401_5108_47_687_-";dur=1
Status: 200 OK
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Akamai-Transformed: 9 31180 0 pmb=mRUM,1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 193affbe-b659-4460-9eaf-28e22f272f53
X-Runtime: 0.182821
X-XSS-Protection: 0

GET
H2 200 check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css
my.echecks.com/assets/retrieval/application/pages/ 2 KB
1 KB 379ms
186ms Stylesheet
text/css 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/retrieval/application/pages/check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f6150eeba6fcdd15d9f9c883e201cab4d0b2362775b644ef83c386b306242849

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sun, 09 Jun 2024 03:47:22 GMT
server: nginx
etag: W/"666525ca-7bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="732489431", ak_p; desc="1722006086490_34911059_1672359692_33_13587_51_0_255";dur=1
content-length: 605
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 check_retrievals-b908df3510b1bf9de6ef84f158e7ac7090cf3f3b3243a8433396adf3baa0647c.js Show response
my.echecks.com/assets/retrieval/ 2 KB
1 KB 464ms
271ms Script
application/x-javascript 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/retrieval/check_retrievals-b908df3510b1bf9de6ef84f158e7ac7090cf3f3b3243a8433396adf3baa0647c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a61c052d38995f29cf461cc6801be13dfecf5bf1ee906b489258aa14566da496

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sun, 09 Jun 2024 03:47:22 GMT
server: nginx
etag: W/"666525ca-803"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-529278232", ak_p; desc="1722006086490_34911059_1672359694_27_13287_51_0_219";dur=1
content-length: 841
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css
my.echecks.com/assets/ 180 KB
40 KB 262ms
69ms Stylesheet
text/css 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b09d26cd9fe31676205dcbb9311365a722c6cb1e4e651725f0cda634983d268a

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sun, 09 Jun 2024 03:47:21 GMT
server: nginx
etag: W/"666525c9-2ce3c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="1138128211", ak_p; desc="1722006086381_34911059_1672359682_29_14695_51_101_255";dur=1
content-length: 40627
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css
my.echecks.com/assets/ 306 KB
58 KB 321ms
129ms Stylesheet
text/css 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

efd3fda3f5bb68d82da1d5666a04c1f732b5bfb07558326424152fbe0181aa0f

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 12 Jul 2024 01:19:05 GMT
server: nginx
etag: W/"66908489-4c6b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1079824326", ak_p; desc="1722006086490_34911059_1672359690_27_13690_51_0_255";dur=1
content-length: 58458
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 application-v2-609ef5154af2ab62d0d0f81f370c464cf5bd2b33884133c24baf2cc4e7565cf8.js Show response
my.echecks.com/assets/ 965 KB
263 KB 376ms
185ms Script
application/x-javascript 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/application-v2-609ef5154af2ab62d0d0f81f370c464cf5bd2b33884133c24baf2cc4e7565cf8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7de7b283501bf50c16a20b5f20681fdd2adb9b6b20fb64b57aa1e26370e17e9b

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sun, 09 Jun 2024 03:47:20 GMT
server: nginx
etag: W/"666525c8-f15d9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1240797427", ak_p; desc="1722006086490_34911059_1672359693_32_13288_51_0_219";dur=1
content-length: 268670
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 260ms
69ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PzcU3Ivp6w0l3AsetHXgNw==
age: 26335
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:45 GMT
server: cloudflare
etag: 0x8DCAB84B60D1366
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4fb8a903-801e-00bc-14fa-dd84fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a9543d8984b5c1a-FRA

GET
H2 200 launch-b759b90b5c67.min.js Show response
assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/ 163 KB
48 KB 190ms
53ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/launch-b759b90b5c67.min.js
Requested by: Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4eae136b2903ad8671416c68514eb9a93cf9559e2902e04ce820813637f739c3

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
last-modified: Mon, 15 Jul 2024 15:24:47 GMT
server: AkamaiNetStorage
etag: "f4dfa74d958d6ca9d861c8e2dd2b8cb4:1721057087.889728"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://retrievals.echecks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 49358
expires: Fri, 26 Jul 2024 16:01:27 GMT

GET
H2 200 deluxe_paymentexchange_logo_4c-cff700348d2e6715d1ebb33c8735a368d863f44970267699cf59004c77250c48.png
my.echecks.com/assets/logos/ 17 KB
18 KB 460ms
271ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/logos/deluxe_paymentexchange_logo_4c-cff700348d2e6715d1ebb33c8735a368d863f44970267699cf59004c77250c48.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d05baa73825e7beb01c0f8d0ef1d32b1387fc8d75b48d31406774f77e888554e

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 11 Mar 2022 02:04:14 GMT
server: nginx
etag: "622aae1e-4522"
content-type: image/png
cache-control: max-age=19285779
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="1040126884", ak_p; desc="1722006086490_34911059_1672359695_29_19703_51_0_182";dur=1
accept-ranges: bytes
content-length: 17698
expires: Thu, 06 Mar 2025 20:11:05 GMT

GET
H2 200 retrieval_print_now-530fe86758eb652e9bb5ecb66468520e585e8014256ba1f06747bb5068ee2822.png
my.echecks.com/assets/retrievals/check_retrievals/ 45 KB
45 KB 198ms
193ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/retrievals/check_retrievals/retrieval_print_now-530fe86758eb652e9bb5ecb66468520e585e8014256ba1f06747bb5068ee2822.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4f87d196ce23f003232c4694af8ffbdfab8cf221c660c96f3be1ceae3d569880

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 08 Dec 2023 02:12:45 GMT
server: nginx
etag: "65727b9d-b21d"
content-type: image/png
cache-control: max-age=19285762
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006086574_34911059_1672360315_29_6648_45_0_182";dur=1
accept-ranges: bytes
content-length: 45597
expires: Thu, 06 Mar 2025 20:10:48 GMT

GET
H2 200 retrieval_printer-1d614eb2f75f35298cd6ab5fb2f5c73d8341830aa667a9a056896a9dfdbc7cf9.png
my.echecks.com/assets/retrievals/check_retrievals/ 54 KB
54 KB 61ms
47ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/retrievals/check_retrievals/retrieval_printer-1d614eb2f75f35298cd6ab5fb2f5c73d8341830aa667a9a056896a9dfdbc7cf9.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

712f1fa5af1d169399b0aa7407abba747cb783684d0f28137196e6a55560b188

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 08 Dec 2023 02:12:48 GMT
server: nginx
etag: "65727ba0-d7e9"
content-type: image/png
cache-control: max-age=19285763
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006086802_34911059_1672361775_24_6895_44_0_182";dur=1
accept-ranges: bytes
content-length: 55273
expires: Thu, 06 Mar 2025 20:10:49 GMT

GET
H2 200 retrieval_stock-32cd3a2c8a1ced3299b66460b3129fbe24984e2e655e70ff3dd691490044d1e4.png
my.echecks.com/assets/retrievals/check_retrievals/ 246 KB
247 KB 51ms
49ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/retrievals/check_retrievals/retrieval_stock-32cd3a2c8a1ced3299b66460b3129fbe24984e2e655e70ff3dd691490044d1e4.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e0d0d293bc99fd3e58afaecb4bb7bd3e4e4e3da03f342a73626ee079922a6fcb

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 08 Dec 2023 02:12:45 GMT
server: nginx
etag: "65727b9d-3d9ae"
content-type: image/png
cache-control: max-age=19285818
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006086820_34911059_1672361896_100_6960_44_0_182";dur=1
accept-ranges: bytes
content-length: 252334
expires: Thu, 06 Mar 2025 20:11:44 GMT

GET
H2 200 sample_file_icon-1e5599cbad74ef1ff62e4815a92ce1785502dccc31ec7a0dea04c497459a84d1.png
my.echecks.com/assets/retrievals/check_retrievals/ 870 B
1 KB 48ms
47ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/retrievals/check_retrievals/sample_file_icon-1e5599cbad74ef1ff62e4815a92ce1785502dccc31ec7a0dea04c497459a84d1.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

036e0261fd2d23c5d127a753cfbcce15a57bf0d8f6a36b3da225c51d2a44fa76

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Fri, 08 Dec 2023 02:12:44 GMT
server: nginx
etag: "65727b9c-366"
content-type: image/png
cache-control: max-age=19285860
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006086865_34911059_1672362217_27_7131_39_0_182";dur=1
accept-ranges: bytes
content-length: 870
expires: Thu, 06 Mar 2025 20:12:26 GMT

GET
H2 200 deluxe_paymentexchange_stacked_logo_4c-688bd1fbc6d87aa17983a175548a76a4ef55819572ae7cf24e25eb9f80cc803d.png
my.echecks.com/assets/logos/ 9 KB
10 KB 77ms
65ms Image
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.echecks.com/assets/logos/deluxe_paymentexchange_stacked_logo_4c-688bd1fbc6d87aa17983a175548a76a4ef55819572ae7cf24e25eb9f80cc803d.png

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a327c38afa424e1cdb62a2fc3dfe2eaefd1af88b88b0e0ca7ccef866e935d41e

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:27 GMT
last-modified: Fri, 11 Mar 2022 02:04:06 GMT
server: nginx
etag: "622aae16-2559"
content-type: image/png
cache-control: max-age=19281099
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006087174_34911059_1672364551_24_7083_41_0_146";dur=1
accept-ranges: bytes
content-length: 9561
expires: Thu, 06 Mar 2025 18:53:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 813 B
817 B 369ms
57ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mrs+Saint+Delafield

Requested by

Host: my.echecks.com
URL: https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aab7087cc94756996130e1a0ad015b363f5d0bd07f6b30b47076db7caa3465e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://my.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jul 2024 15:01:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jul 2024 15:01:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
544 B 364ms
58ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: my.echecks.com
URL: https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://my.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jul 2024 14:24:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jul 2024 15:01:27 GMT

GET
H2 200 b8ee3875-be79-4f06-96c0-33dce6864056.json Show response
cdn.cookielaw.org/consent/b8ee3875-be79-4f06-96c0-33dce6864056/ 5 KB
2 KB 211ms
108ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8ee3875-be79-4f06-96c0-33dce6864056/b8ee3875-be79-4f06-96c0-33dce6864056.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f802af6c6cdaf356a8e12086b0c3c25bab99fff41980b656a9b35c07e8030bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10727
content-md5: V+nufMspET6OCnVDMIlHsw==
content-length: 1801
x-ms-lease-status: unlocked
last-modified: Fri, 12 Jul 2024 18:15:57 GMT
server: cloudflare
etag: 0x8DCA29EAD689C8E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89622a0c-901e-00ec-0587-d49bf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a9543dd7b0b8fd6-FRA
expires: Sat, 27 Jul 2024 15:01:27 GMT

GET
H2 200 check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css
my.echecks.com/assets/retrieval/application/pages/ 2 KB
0 4ms
3ms Stylesheet
text/css 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/retrieval/application/pages/check_retrievals-c9a375800eca43d36fef65e570d1e9d163f98ef529be9c8b5e7a6cc1c59ad509.css

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f6150eeba6fcdd15d9f9c883e201cab4d0b2362775b644ef83c386b306242849

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sun, 09 Jun 2024 03:47:22 GMT
server: nginx
etag: W/"666525ca-7bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="732489431", ak_p; desc="1722006086490_34911059_1672359692_33_13587_51_0_255";dur=1
content-length: 605
expires: Mon, 24 Jul 2034 15:01:26 GMT

GET
H2 200 4CHDC-GCC6E-9FEA5-GN9CD-TK7AM Show response
s.go-mpulse.net/boomerang/ Frame 1E7E 202 KB
51 KB 243ms
77ms Script
application/javascript 2a02:26f0:1700:58c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/4CHDC-GCC6E-9FEA5-GN9CD-TK7AM
Requested by: Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:58c::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 21 May 2024 13:08:04 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 297ms
116ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:18:31 GMT
x-content-type-options: nosniff
age: 268976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 12:18:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 286ms
106ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 11:45:25 GMT
x-content-type-options: nosniff
age: 270962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 11:45:25 GMT

GET
H2 200 micre13b-bm1-webfont-aa734aac12136b0d9eb5ec4387b5da211f20308f8c81d4e68ceb6269e82f26ed.woff
my.echecks.com/assets/ 4 KB
5 KB 285ms
80ms Font
application/font-woff 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.echecks.com/assets/micre13b-bm1-webfont-aa734aac12136b0d9eb5ec4387b5da211f20308f8c81d4e68ceb6269e82f26ed.woff
Requested by: Host: my.echecks.com
URL: https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: df42d9dbf71351c81cbf8e63140cfe5b4a48ffda6963b75d0ffe45cc2cd3351c

Request headers

Referer: https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
last-modified: Fri, 11 Mar 2022 02:04:05 GMT
server: nginx
etag: "622aae15-10c0:dtagent10279231130031246I7tr"
content-type: application/font-woff
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="496133234", dtTao;desc="1", ak_p; desc="1722006087474_34911059_1672367961_26_6743_51_148_255";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 4288

GET
H2 200 fa-regular-400-b1d0b0ef1341c2c249de4bec502338cac0ccd3245615715031e5a8e1cd0a2b7d.woff2
my.echecks.com/assets/font-awesome/ 13 KB
14 KB 373ms
168ms Font
font/woff2 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.echecks.com/assets/font-awesome/fa-regular-400-b1d0b0ef1341c2c249de4bec502338cac0ccd3245615715031e5a8e1cd0a2b7d.woff2
Requested by: Host: my.echecks.com
URL: https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Referer: https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
last-modified: Fri, 11 Mar 2022 02:04:07 GMT
server: nginx
etag: "622aae17-34ec:dtagent10275230919171419IEU9"
content-type: font/woff2
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="950654029", ak_p; desc="1722006087643_34911059_1672368055_263_7528_51_0_255";dur=1
accept-ranges: bytes
content-length: 13548

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 226ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 259488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:56:39 GMT

GET
H2 200 fa-solid-900-d79dc4d04bb16579193cf7f93be3b0dbd4c8a39c8e9c4b9bb51d865222bafce5.woff2
my.echecks.com/assets/font-awesome/ 78 KB
79 KB 285ms
81ms Font
font/woff2 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.echecks.com/assets/font-awesome/fa-solid-900-d79dc4d04bb16579193cf7f93be3b0dbd4c8a39c8e9c4b9bb51d865222bafce5.woff2
Requested by: Host: my.echecks.com
URL: https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css
Origin: https://retrievals.echecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
last-modified: Fri, 11 Mar 2022 02:04:10 GMT
server: nginx
etag: "622aae1a-139ac"
content-type: font/woff2
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006087643_34911059_1672368054_260_7351_51_0_255";dur=1
accept-ranges: bytes
content-length: 80300

GET
H2 200 salesforce_chat
my.echecks.com/ Frame A903 0
0 359ms
358ms Document
text/html 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/salesforce_chat?affiliate_brand_name=deluxe&body_class=bg-snow-white&show_widget=true

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .my.echecks.com my.echecks.com default-src ; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://retrievals.echecks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 3689
content-security-policy: frame-ancestors 'self' *.my.echecks.com my.echecks.com default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Fri, 26 Jul 2024 15:01:27 GMT
etag: W/"4a1212ba32c77d632685803fd3f0b317:dtagent10295240705110949IFhq"
expires: Fri, 26 Jul 2024 15:01:27 GMT
link: <https://my.echecks.com/assets/base-6bf0c7f9ce621aef492ed3a246ae5baa08c1c5d0116660049a2004df042af4a0.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/application-6eee6a7167344d3cd1bd24c862bfea1990d55bcbbd7a839d908fe9b94d3f9337.css>; rel=preload; as=style; nopush,<https://my.echecks.com/assets/application-v2-609ef5154af2ab62d0d0f81f370c464cf5bd2b33884133c24baf2cc4e7565cf8.js>; rel=preload; as=script; nopush
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
server-timing: cdn-cache; desc=REVALIDATE edge; dur=261 origin; dur=45 dtSInfo;desc="0", dtRpid;desc="-206109772" ak_p; desc="1722006087448_34911059_1672366685_30606_7219_41_0_255";dur=1
status: 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 1830 0 pmb=mTOE,5mRUM,1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-permitted-cross-domain-policies: none
x-request-id: 75ba355c-5f0b-450f-b85a-562c246e928c
x-runtime: 0.021431
x-ruxit-js-agent: true
x-xss-protection: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 354ms
81ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8a9543e04d14917d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 id Show response
dpm.demdex.net/ 1 KB
1 KB 259ms
70ms XHR
application/json 34.255.168.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5DBF123F5245B1EA0A490D45%40AdobeOrg&d_nsid=0&ts=1722006087522

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/launch-b759b90b5c67.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.255.168.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-168-181.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5bfee7e870305c92a1451b8d9e9d369b559548cfba3c76391cfe1ab3e0752ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v063-0c390207b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jul 2024 15:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: gsJxkoJVT8o=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://retrievals.echecks.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 650
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX17c1772d0def4b0787b0b23df1e14d77-libraryCode_source.min.js Show response
assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/e0dac626ca0b/ 56 KB
21 KB 67ms
67ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/e0dac626ca0b/EX17c1772d0def4b0787b0b23df1e14d77-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/launch-b759b90b5c67.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e88388d194ce8e3ffc96896803a60b4bc79b54cab653ab9143ec9e8171fc0ab1

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
last-modified: Mon, 15 Jul 2024 15:24:49 GMT
server: AkamaiNetStorage
etag: "2d38cda83fa201f207d42d30c9356949:1721057089.048981"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://retrievals.echecks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 21475
expires: Fri, 26 Jul 2024 16:01:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 227ms
65ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 26 Jul 2024 15:01:26 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42436A65C6884FFEA0BC4042D9E8BEA6 Ref B: FRA31EDGE0713 Ref C: 2024-07-26T15:01:27Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
93 KB 198ms
71ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1010778289&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/launch-b759b90b5c67.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

258f806ed88be06eee07f99e9902f2bfb349c2771c6d052bbb78e610b1eb65af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 15:01:27 GMT

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ Frame 1E7E 51 B
214 B 174ms
77ms XHR
application/json 2a02:26f0:1700:28d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=4CHDC-GCC6E-9FEA5-GN9CD-TK7AM&d=retrievals.echecks.com&t=5740020&v=1.632.0&if=&sl=0&si=hsi4vv9c7o-sh8kef&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=570919
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/4CHDC-GCC6E-9FEA5-GN9CD-TK7AM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:28d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e1b77a6ee84e148bf6e4f60766f18698b05e41abfb4b37147604d85a2de62158

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Jul 2024 15:01:27 GMT
cache-control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 51
content-type: application/json

GET
H2 200 dest5.html
deluxecorp.demdex.net/ Frame DDC5 0
0 161ms
57ms Document
text/html 54.73.80.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deluxecorp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/926c5a9f1f85/ea0ffbdeb75a/launch-b759b90b5c67.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.73.80.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-80-234.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://retrievals.echecks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 26 Jul 2024 15:01:27 GMT
dcs: dcs-prod-irl1-1-v063-05d74d6d8.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 18 Jul 2024 09:27:13 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: RBwr+c5DSAs=

GET
H2

200

ibs:dpid=411&dpuuid=ZqO6SAAAAGB8-wOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=78810217274491081903887492067540628619
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqO6SAAAAGB8-wOJ

42 B
715 B

61ms
60ms

Image
image/gif

34.255.168.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqO6SAAAAGB8-wOJ

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Server

34.255.168.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-168-181.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v063-0ca870a0f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jul 2024 15:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: e8X9iReFT0I=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqO6SAAAAGB8-wOJ
Date: Fri, 26 Jul 2024 15:01:28 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s53476868407926
sstats.deluxe.com/b/ss/deluxeechecksprod,deluxeglobalprod/1/JS-2.4.0-LDQM/ 43 B
373 B 481ms
68ms Image
image/gif 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.deluxe.com/b/ss/deluxeechecksprod,deluxeglobalprod/1/JS-2.4.0-LDQM/s53476868407926?AQB=1&ndh=1&pf=1&t=26%2F6%2F2024%2017%3A1%3A27%205%20-120&mid=73517636652195403594515580915675426770&aamlh=6&ce=UTF-8&ns=deluxecorp&pageName=eChk%3AApp%3ACheck%20retrievals%3AFje%203ecgfkcbpnmcvqaw%3AShow&g=https%3A%2F%2Fretrievals.echecks.com%2Fcheck_retrievals%2FFJE_3ecGfkcBpnmCvQAW%23payee-choice&cc=USD&ch=Check%20retrievals&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Fje%203ecgfkcbpnmcvqaw&c4=App&v9=New&c11=eChecks&v16=eChecks&v17=Direct&v23=eChecks&c29=eChecks&c34=Entire%20Site&c37=VisitorAPI%20Present&v42=D%3DpageName&c52=D%3DpageName&v55=D%3Dg&c58=19&c62=D%3Dg&c68=AM%202.4.0&v70=deluxe&v74=Direct&v137=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5DBF123F5245B1EA0A490D45%40AdobeOrg&AQE=1

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 15:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 27 Jul 2024 15:01:28 GMT
server: jag
etag: 3697979917566377984-4618524552040078387
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 15:01:28 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 451 KB
110 KB 58ms
58ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7I5y/rp4ODu7ul89ty+epQ==
age: 59708
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 112027
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:20:01 GMT
server: cloudflare
etag: 0x8DCA5E56F667161
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c05e064f-501e-009c-79cf-d7e837000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a9543e139ee5c1a-FRA

GET
DATA 200
OK truncated
/ Frame A903 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A903 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A903 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 28000256.js Show response
bat.bing.com/p/action/ 335 B
403 B 68ms
68ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/28000256.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jul 2024 15:01:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03B75F5DCC7C4F8C82DB69A0F2AE8A20 Ref B: FRA31EDGE0713 Ref C: 2024-07-26T15:01:28Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b8ee3875-be79-4f06-96c0-33dce6864056/2da9a411-7169-4afc-a7b1-eb6f98cff702/ 60 KB
15 KB 107ms
104ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8ee3875-be79-4f06-96c0-33dce6864056/2da9a411-7169-4afc-a7b1-eb6f98cff702/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5248f98bce33589a473dfe816facbc59c0313dd2dbecf8033b9ecc3c1d624c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: QtDUAaSz3Q2oET+bsvre5w==
content-length: 15058
x-ms-lease-status: unlocked
last-modified: Fri, 12 Jul 2024 18:16:04 GMT
server: cloudflare
etag: 0x8DCA29EB125B808
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9aa7a46a-101e-0075-6e8b-d41431000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a9543e369ca8fd6-FRA
expires: Sat, 27 Jul 2024 15:01:28 GMT

GET
H2 204 0
bat.bing.com/action/ 0
179 B 97ms
74ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=28000256&Ver=2&mid=d6e69004-4c42-445f-b483-731d2a2aee66&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Retrieve%20Your%20eCheck%20%7C%20Deluxe%20Payment%20Exchange&p=https%3A%2F%2Fretrievals.echecks.com%2Fcheck_retrievals%2FFJE_3ecGfkcBpnmCvQAW%23payee-choice&r=&lt=2762&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=711351

Requested by

Host: retrievals.echecks.com
URL: https://retrievals.echecks.com/check_retrievals/FJE_3ecGfkcBpnmCvQAW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Jul 2024 15:01:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EFED4C807D945489229D5D5E0E7D40D Ref B: FRA31EDGE0713 Ref C: 2024-07-26T15:01:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 10 KB
3 KB 132ms
129ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1eRgXsifXxjN35+Ob1hidA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:19:55 GMT
server: cloudflare
etag: 0x8DCA5E56B98E4AE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e1c8cd42-801e-003f-6775-d82456000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a9543e43a968fd6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
4 KB 148ms
146ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: HyPJ72TNHxdfOI82cqKVqA==
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4f9ba290-201e-00f5-1a75-d8b79b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8a9543e43a988fd6-FRA

GET
H3

200

rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.1.0/
Redirect Chain

https://d37gvrvc0wt4s1.cloudfront.net/js/1/rollbar.min.js
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.1.0/rollbar.min.js

24 KB
9 KB

151ms
84ms

Script
application/javascript

104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.1.0/rollbar.min.js

Protocol

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe13db3eb462b258ece8cfc6bcb4fe034ccaa3715f15c2e97205d2abb241ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 170810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8188
last-modified: Mon, 04 May 2020 16:16:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc0-613d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9yD369lPIQVMwzXEX3hb04y7M6WE8qB%2B64CJbVU%2BI%2BQvlGDE6hS1ejEGoMNCV5JTQDD9Q5YMrPT4o4tZXsKByy963OIQJ81IgK2m8Wr24rYoGkoBhCyo7%2Fu0qzQwBDUhr1RdyWi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9543e62cdf37e3-FRA
expires: Wed, 16 Jul 2025 15:01:28 GMT

Redirect headers

Date: Fri, 26 Jul 2024 13:11:27 GMT
Via: 1.1 google, 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P11
Age: 6601
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.1.0/rollbar.min.js
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 8a94a2bcbde8bbf7-FRA
X-Amz-Cf-Id: kmUB_TuNYa01Ynh1KRAetbFhTk5yeow8QnY_aXrbAgMCQjslo30zgA==

GET
H2 200 deluxe-payments-favicon-72x72-9ce6035e157aad2a9da77f050e08c27a5e2d9e7e2cbb1d2530964e8d0cee635b.png
my.echecks.com/assets/ 1 KB
2 KB 63ms
42ms Other
image/png 2.18.64.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.echecks.com/assets/deluxe-payments-favicon-72x72-9ce6035e157aad2a9da77f050e08c27a5e2d9e7e2cbb1d2530964e8d0cee635b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-19.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

686581bbb91d576390ecbb06689d153b4e0202c8703c7493c4550b4f34fe0543

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
date: Fri, 26 Jul 2024 15:01:28 GMT
last-modified: Fri, 11 Mar 2022 02:04:10 GMT
server: nginx
etag: "622aae1a-539"
content-type: image/png
cache-control: max-age=19281094
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722006088477_34911059_1672374221_32_8287_41_0_219";dur=1
accept-ranges: bytes
content-length: 1337
expires: Thu, 06 Mar 2025 18:53:02 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 62ms
55ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrievals.echecks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jul 2024 15:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 84364
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0bca9740-b01e-0015-2179-dd5113000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8a9543e54e255c1a-FRA

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
retrievals.echecks.com/	1970-01-20 22:30:10	Name: AWSALB Value: qb2XXljRsRSXJPPEZf2DYY49XYe+HZZ9itxf6wMvTlKZELz4e4t1VJ8QnM2AwYE2bTcnos4iViYVrVro678pJn6HXPgLlSLyAbzIklwNXYrnxN65p+7Ww/ibHHIX
retrievals.echecks.com/	1970-01-20 22:30:10	Name: AWSALBCORS Value: qb2XXljRsRSXJPPEZf2DYY49XYe+HZZ9itxf6wMvTlKZELz4e4t1VJ8QnM2AwYE2bTcnos4iViYVrVro678pJn6HXPgLlSLyAbzIklwNXYrnxN65p+7Ww/ibHHIX
retrievals.echecks.com/	1970-01-21 07:56:06	Name: device_id Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkluRm1SMk50VlcxVFdtdHlZVGhvWTFraSIsImV4cCI6bnVsbCwicHVyIjoiY29va2llLmRldmljZV9pZCJ9fQ%3D%3D--5a19231d4464a9189af92d951be93554727a3749
.echecks.com/	1969-12-31 23:59:59	Name: vv_session Value: f1ed75b24c0e7791fd3166bb4f1c9c13
.echecks.com/	1970-01-20 22:30:10	Name: RT Value: "z=1&dm=echecks.com&si=hsi4vv9c7o&ss=lz2tyoqd&sl=0&tt=0"
.demdex.net/	1970-01-21 02:39:18	Name: demdex Value: 78810217274491081903887492067540628619
my.echecks.com/	1970-01-20 22:30:10	Name: AWSALB Value: q0UYO0cZhGMNa5LoFPcR7vYmXmTRd8HlJQiw0mMnu73AbT54W6CxJAVVGMk4DaWPpqN69SnUYOx/k1Ki2rQzCZoskroq3RSskKwMu/eKFgHq1N0uD2Cp5zZedv61
my.echecks.com/	1970-01-20 22:30:10	Name: AWSALBCORS Value: q0UYO0cZhGMNa5LoFPcR7vYmXmTRd8HlJQiw0mMnu73AbT54W6CxJAVVGMk4DaWPpqN69SnUYOx/k1Ki2rQzCZoskroq3RSskKwMu/eKFgHq1N0uD2Cp5zZedv61
.echecks.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_30_sn_64D02C992F98B00FC3048CBCC3448875_perc_100000_ol_0_mul_1_app-3A1dff9d5f21583a61_1_rcs-3Acss_0
.echecks.com/	1970-01-21 07:05:42	Name: _abck Value: AAABF05BAB077CBBCC9A704524A45246~-1~YAAQU7MUAqvdNOCQAQAAUqiP7wxERcpAPazqck5j2GmLKGdhO0tdG5+RQcvFx5rWlgbjNyXT7STyjsHGDtMJcyr5sPS6aC/8P8to8i4uI1u+An2UoA9lzxjlSc12WDscNdaJLVLZ4KP6WTqBB+ruQXT9wfHqJ4hMJmjF8kL/iJEa+l+tpa3Wd1+L/s3kGpj2U+8CzAyWigX1p+sNoXC9nxjSuyCRoXFPFZGpXExK6nHLD88X+gUQpgF7m8OLfincatf2SWhbO28DSb7CHUAr6Yhc29QPXSKtFOzzxuCNqauUvhMVEacZk2JQ4n0xL5Tp17k/7pwlIckWhfCGWwfO7Ez9JHwTkOF3LuAI7IVDI7gm2uOijpvGKlWIcwY=~-1~-1~-1
.echecks.com/	1970-01-20 22:20:13	Name: ak_bmsc Value: 075C8BAFCB563B777F68DD34FDECCA08~000000000000000000000000000000~YAAQU7MUAqzdNOCQAQAAUqiP7xihgL/AUtcUHonAZuwGpGruBu3co5Afpvtu3O3Oj4axkVcpC//g+Ktb9xMmBQUFabxWyTeIDNnNFB+TjDOQ4pyCP+iFUas7asS8jolqzF9ibje/Tdo16RM2ESBeJZddO5eTMSw6bR1zXNrdggDX3LfhDb7/ER4RMpPa6z5QoWqt1AnK0aELNaH4I8BQ0EDq95xAoeHZpuD0Iu/tlYcFZYBrIkwRdG44I54vxfOqlsjCprg97Uf8qb4CAGmTFSvi/l/Y8ys4fsHx2qwD7eIMOPjeihmee9MCK2w2lT2RBTG6+2+/Xgbe341abdKUVRGzv27t/vGDQzI4C8Z7ItP1XWL3F4PRRtw25WjljY71og7s+e7q2eViOw==
.echecks.com/	1970-01-20 22:20:20	Name: bm_sz Value: 3DF5BF8CCC9E6137F9336135FEDE5F1B~YAAQU7MUAq7dNOCQAQAAUqiP7xicG+Lk1k+/RseqB6Sfjzcehf/6Q0FC8ZD0P5uJYACpkFi1DcolsQGaviua8Dt3xfmOVptNPulJPjk78SskLi95q6ndYvJpLf1t4FC2fkQWZbIyVd1Bs0bKqxCHFrs8UML6KDz7IAt65K9AjBGcJrRCDjIndWSJYsCuwI63y8hMYflLbDffIj/QxJjbp1YZkbyxzoTCWQgflAzYajisq/2cLsPXcZJLSX5kMvkkhaIxqJtUAldJgnR1XSvFiZj2YK8GW/5kFWUis4lRhwSE21EU8/euJRGl2a2iVL1BoO1+Z0qj7NI28RXs0+ZKjsvEwNiqQDpUPhrbJbBBvwWoXDcEiiCM~3294768~3621698
.echecks.com/	1969-12-31 23:59:59	Name: AMCVS_5DBF123F5245B1EA0A490D45%40AdobeOrg Value: 1
.echecks.com/	1970-01-20 22:20:07	Name: s_cmtb Value: 1
.echecks.com/	1969-12-31 23:59:59	Name: s_cm Value: Typed%2FBookmarkedTyped%2FBookmarkedundefined
.echecks.com/	1970-01-21 07:56:06	Name: s_ev17 Value: %5B%5B%27Direct%27%2C%271722006087817%27%5D%5D
.echecks.com/	1970-01-20 22:20:07	Name: gpv_pn Value: eChk%3AApp%3ACheck%20retrievals%3AFje%203ecgfkcbpnmcvqaw%3AShow
.echecks.com/	1970-01-21 07:05:42	Name: s_nr365 Value: 1722006087820-New
.echecks.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.echecks.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.echecks.com/	1970-01-21 00:29:42	Name: _gcl_au Value: 1.1.726405445.1722006088
.dpm.demdex.net/	1970-01-21 02:39:18	Name: dpm Value: 78810217274491081903887492067540628619
.echecks.com/	1969-12-31 23:59:59	Name: s_ppv Value: eChk%253AApp%253ACheck%2520retrievals%253AFje%25203ecgfkcbpnmcvqaw%253AShow%2C72%2C72%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.echecks.com/	1970-01-21 07:56:06	Name: AMCV_5DBF123F5245B1EA0A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19931%7CMCMID%7C73517636652195403594515580915675426770%7CMCAAMLH-1722610887%7C6%7CMCAAMB-1722610887%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1722013287s%7CNONE%7CMCSYNCSOP%7C411-19938%7CvVersion%7C5.5.0
.adnxs.com/	1970-01-21 07:56:06	Name: receive-cookie-deprecation Value: 1
.demdex.net/	1970-01-21 02:39:18	Name: dextp Value: 358-1-1722006088193\|771-1-1722006088311\|1957-1-1722006088412\|144237-1-1722006088518
.doubleclick.net/	1970-01-21 07:41:42	Name: IDE Value: AHWqTUlGFGUCIDPzxrlNYUihUQDlVy60S8Ij9cMQN6qH-dEf1-dGmMt5R0yaGRcYw9g
.bing.com/	1970-01-21 07:41:42	Name: MUID Value: 0D412376DE916E3125E037BEDF3D6F79
.c.bing.com/	1970-01-20 22:30:10	Name: MR Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://my.echecks.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.my.echecks.com my.echecks.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .my.echecks.com my.echecks.com default-src ; script-src * 'unsafe-inline' 'unsafe-eval'; font-src * 'self' data:; style-src * 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bat.bing.com
c.go-mpulse.net
cdn.cookielaw.org
cdnjs.cloudflare.com
cm.everesttech.net
d37gvrvc0wt4s1.cloudfront.net
deluxecorp.demdex.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
my.echecks.com
retrievals.echecks.com
s.go-mpulse.net
sstats.deluxe.com
www.googletagmanager.com
104.17.25.14
18.244.20.31
2.18.64.19
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2620:1ec:c11::237
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
2a02:26f0:1700:28d::11a6
2a02:26f0:1700:58c::11a6
2a02:26f0:3500:591::1e80
34.255.168.181
54.73.80.234
63.140.62.17
99.80.105.226
036e0261fd2d23c5d127a753cfbcce15a57bf0d8f6a36b3da225c51d2a44fa76
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1f802af6c6cdaf356a8e12086b0c3c25bab99fff41980b656a9b35c07e8030bb
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
258f806ed88be06eee07f99e9902f2bfb349c2771c6d052bbb78e610b1eb65af
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
4eae136b2903ad8671416c68514eb9a93cf9559e2902e04ce820813637f739c3
4f87d196ce23f003232c4694af8ffbdfab8cf221c660c96f3be1ceae3d569880
5bfee7e870305c92a1451b8d9e9d369b559548cfba3c76391cfe1ab3e0752ee1
686581bbb91d576390ecbb06689d153b4e0202c8703c7493c4550b4f34fe0543
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
712f1fa5af1d169399b0aa7407abba747cb783684d0f28137196e6a55560b188
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7de7b283501bf50c16a20b5f20681fdd2adb9b6b20fb64b57aa1e26370e17e9b
8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9fe13db3eb462b258ece8cfc6bcb4fe034ccaa3715f15c2e97205d2abb241ff7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a327c38afa424e1cdb62a2fc3dfe2eaefd1af88b88b0e0ca7ccef866e935d41e
a61c052d38995f29cf461cc6801be13dfecf5bf1ee906b489258aa14566da496
aab7087cc94756996130e1a0ad015b363f5d0bd07f6b30b47076db7caa3465e0
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0
b09d26cd9fe31676205dcbb9311365a722c6cb1e4e651725f0cda634983d268a
be22bb770151e06022e45145b3681bfcee223160437892a0778c5f04268c0c08
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d05baa73825e7beb01c0f8d0ef1d32b1387fc8d75b48d31406774f77e888554e
df42d9dbf71351c81cbf8e63140cfe5b4a48ffda6963b75d0ffe45cc2cd3351c
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e0d0d293bc99fd3e58afaecb4bb7bd3e4e4e3da03f342a73626ee079922a6fcb
e1b77a6ee84e148bf6e4f60766f18698b05e41abfb4b37147604d85a2de62158
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4
e88388d194ce8e3ffc96896803a60b4bc79b54cab653ab9143ec9e8171fc0ab1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd3fda3f5bb68d82da1d5666a04c1f732b5bfb07558326424152fbe0181aa0f
f6150eeba6fcdd15d9f9c883e201cab4d0b2362775b644ef83c386b306242849
fc5248f98bce33589a473dfe816facbc59c0313dd2dbecf8033b9ecc3c1d624c

retrievals.echecks.com Open in urlscan Pro 2.18.64.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

56 %IPv6

14 Domains

17 Subdomains

15 IPs

4 Countries

1319 kBTransfer

3439 kBSize

29 Cookies

7 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

retrievals.echecks.com Open in urlscan Pro
2.18.64.19 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

56 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

1319 kB
Transfer

3439 kB
Size

29
Cookies

44 HTTP transactions
3 data transactions