profile.deluxe.com Open in urlscan Pro
54.237.159.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.info.deluxe.com/?qs=30259107c90b9764ea9b32d9b95252d1e3c9a1adc62a0e4948b037fca53866a2ca53aebfcfc0e90ebff55910fad7...
Effective URL:
https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Submission: On July 20 via api (July 20th 2021, 2:17:04 pm UTC) from US

Summary HTTP 18 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 54.237.159.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is profile.deluxe.com.
TLS certificate: Issued by R3 on May 22nd 2021. Valid for: 3 months.

This is the only time profile.deluxe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.196.124 13.111.196.124	22606 (EXACT-7) (EXACT-7)
10	54.237.159.171 54.237.159.171	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:baf2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bc::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	8

1 13.111.196.124 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.info.deluxe.com

click.info.deluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.237.159.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-159-171.compute-1.amazonaws.com

profile.deluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:baf2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.info.deluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bc::416d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.s11.sfmc-content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	deluxe.com 1 redirects click.info.deluxe.com profile.deluxe.com image.info.deluxe.com	847 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	typekit.net use.typekit.net p.typekit.net	3 KB
1	sfmc-content.com image.s11.sfmc-content.com	1 MB
1	googletagmanager.com www.googletagmanager.com	39 KB
18	5

	Domain	Requested by
10	profile.deluxe.com	profile.deluxe.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	image.s11.sfmc-content.com	profile.deluxe.com
1	image.info.deluxe.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	profile.deluxe.com
1	use.typekit.net	profile.deluxe.com
1	click.info.deluxe.com	1 redirects
18	8

This site contains links to these domains. Also see Links.

Domain
www.deluxe.com

Subject Issuer	Validity	Valid
profile.deluxe.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
akamai-san125.exacttarget.com DigiCert SHA2 Secure Server CA	`2020-09-30` - `2021-10-04`	a year	crt.sh
akamai-san24.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-11` - `2022-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Frame ID: A789A227A815CEA992AFD62398ADE35D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.info.deluxe.com/?qs=30259107c90b9764ea9b32d9b95252d1e3c9a1adc62a0e4948b037fca53866a2ca53aebf... HTTP 302
https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

18
Requests

100 %
HTTPS

78 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1951 kB
Transfer

2051 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.deluxe.com/

Search URL Search Domain Scan URL

URL: https://www.deluxe.com/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.deluxe.com/policy/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.info.deluxe.com/?qs=30259107c90b9764ea9b32d9b95252d1e3c9a1adc62a0e4948b037fca53866a2ca53aebfcfc0e90ebff55910fad71bba4d4d0a062b946e9aa5160174bb76d02e HTTP 302
https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
profile.deluxe.com/
Redirect Chain

https://click.info.deluxe.com/?qs=30259107c90b9764ea9b32d9b95252d1e3c9a1adc62a0e4948b037fca53866a2ca53aebfcfc0e90ebff55910fad71bba4d4d0a062b946e9aa5160174bb76d02e
https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

3 KB
5 KB

462ms
108ms

Document
text/html

54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6c461f3c8062254555a36914565e944bd8206975d34e65368a3b93bdf8b0d841

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: profile.deluxe.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Cowboy
Connection: keep-alive
X-Powered-By
Vary: Origin
Cache-Control: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=200
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Xss-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Content-Length: 2617
Etag: W/"a39-nWs222ta5GLR+/JOUQj994VFbRc"
Date: Tue, 20 Jul 2021 14:16:39 GMT
Via: 1.1 vegur

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Date: Tue, 20 Jul 2021 14:16:38 GMT
Connection: close
Content-Length: 213

GET
H2 200 bmb4kxj.css
use.typekit.net/ 35 KB
3 KB 159ms
145ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bmb4kxj.css

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

aac5388f3504edb07cc15627e5dbaff38c43ad9d17803e28ed1048c495ab12d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 20 Jul 2021 14:16:39 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2689

GET
H/1.1 200
OK 2.47e06e2e.chunk.css
profile.deluxe.com/static/css/ 143 KB
145 KB 110ms
109ms Stylesheet
text/css 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/static/css/2.47e06e2e.chunk.css

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

5dd55e8cf6d25469ca09106e4b754bf6c991679db613fc63eb82de3964e25f42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"23cd1-177f47c1ab0"
X-Powered-By
Connection: keep-alive
Content-Length: 146641
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 19:48:30 GMT
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:39 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache
Accept-Ranges: bytes
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK main.8d3fa012.chunk.css
profile.deluxe.com/static/css/ 17 KB
19 KB 321ms
108ms Stylesheet
text/css 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/static/css/main.8d3fa012.chunk.css

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

c450fecde477876b342ebfcad2a35aa594a211394ed2d3a993e31f4acf68c2b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"424d-177f47c1ab0"
X-Powered-By
Connection: keep-alive
Content-Length: 16973
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 19:48:30 GMT
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:39 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache
Accept-Ranges: bytes
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK 2.1eeeaffa.chunk.js Show response
profile.deluxe.com/static/js/ 571 KB
573 KB 339ms
114ms Script
application/javascript 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/static/js/2.1eeeaffa.chunk.js

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

0bd391ca1ca1c54fc1ff4487e1e4799f171c14a3d7689d38b23c3cda05bfb6d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"8ec6e-177f47c1ab0"
X-Powered-By
Connection: keep-alive
Content-Length: 584814
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 19:48:30 GMT
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:39 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache
Accept-Ranges: bytes
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK main.4d827559.chunk.js Show response
profile.deluxe.com/static/js/ 67 KB
70 KB 345ms
116ms Script
application/javascript 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

eaa0a891cd9893ee50b8a501282eeebf699fc07e95b5a797fc9fe7aa663b91ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"10dfa-177f47c1ab0"
X-Powered-By
Connection: keep-alive
Content-Length: 69114
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 19:48:30 GMT
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:39 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache
Accept-Ranges: bytes
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KW4C3FV

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2ec2c85d8ea5b3f919183c31b5bc0d5b118fc0e9dabb0b8abc5a715c3357d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39448
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:16:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KW4C3FV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5140
date: Tue, 20 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 20 Jul 2021 14:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=160615580&t=pageview&_s=1&dl=https%3A%2F%2Fprofile.deluxe.com%2F%3Fid%3Da3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D%26langBU%3DEN-US&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1111433384&gjid=1384465970&cid=1412416408.1626790600&tid=UA-162528998-1&_gid=328565825.1626790600&_r=1&gtm=2wg7j0KW4C3FV&z=739085835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:16:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.deluxe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 19ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bmb4kxj&ht=tk&f=5469.18456.18457.18458.18459.18460.18461.18462.22705.14541.14543.14546.14548.14549.15496.15498.15506.15508.15510.15511.15700.15705.15708.15709.22708.22710.22736.22741.15815.15817.15818.37503.37504.37505.37506.15928.15930.15931.43591.16353.37456.37457.37460.37462.37464.37466.37469.37470.28906.28907.28908.28909&a=18979711&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bmb4kxj.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:16:39 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK packageConfig Show response
profile.deluxe.com/api/ 4 KB
6 KB 120ms
119ms Fetch
application/json 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/api/packageConfig?langBU=EN-US

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

b4ce52d01462b25fdc3c48f823fd04dde31288838c9ea9a2d250a01c89938993

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"fd4-a3pq3PN6/LE91nsc9u4HEUfKWOk"
X-Powered-By
Connection: keep-alive
Content-Length: 4052
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:42 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
88 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=160615580&t=event&ni=1&_s=1&dl=https%3A%2F%2Fprofile.deluxe.com%2F%3Fid%3Da3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D%26langBU%3DEN-US&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cid&ea=getID&el=%2F&_u=aHhAAEABAAAAAC~&jid=1426617215&gjid=1088601013&cid=1412416408.1626790600&tid=UA-162528998-1&_gid=1131950957.1626790602&_r=1&gtm=2wg7j0KW4C3FV&cd1=1412416408.1626790600&z=1620788904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.deluxe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK profile Show response
profile.deluxe.com/api/ 665 B
3 KB 161ms
160ms Fetch
application/json 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/api/profile?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

5cace06cb7714a4961e74bf7cd897ad5c8804d9e2aa6f717b3dc5df44edd53ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
Cookie: _ga=GA1.2.1412416408.1626790600; _gid=GA1.2.1131950957.1626790602; _gat_UA-162528998-1=1
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"299-ZgXpqUCigt7nvcDYwImeXYkNSWM"
X-Powered-By
Connection: keep-alive
Content-Length: 665
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:42 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK interests Show response
profile.deluxe.com/api/ 39 B
2 KB 112ms
111ms Fetch
application/json 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/api/interests?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

5cb8c8aba775369b939ee768e1e71d5f97fe0d0dd7c6ad31e4639c7842b2be8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
Cookie: _ga=GA1.2.1412416408.1626790600; _gid=GA1.2.1131950957.1626790602; _gat_UA-162528998-1=1
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"27-3KxgGUfGuGXKXbEW9CGd4+1bQfM"
X-Powered-By
Connection: keep-alive
Content-Length: 39
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:42 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK qanda Show response
profile.deluxe.com/api/ 39 B
2 KB 162ms
162ms Fetch
application/json 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/api/qanda?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

5cb8c8aba775369b939ee768e1e71d5f97fe0d0dd7c6ad31e4639c7842b2be8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
Cookie: _ga=GA1.2.1412416408.1626790600; _gid=GA1.2.1131950957.1626790602; _gat_UA-162528998-1=1
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"27-3KxgGUfGuGXKXbEW9CGd4+1bQfM"
X-Powered-By
Connection: keep-alive
Content-Length: 39
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:42 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK subscriptions Show response
profile.deluxe.com/api/ 462 B
3 KB 152ms
152ms Fetch
application/json 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.deluxe.com/api/subscriptions?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ==&langBU=EN-US

Requested by

Host: profile.deluxe.com
URL: https://profile.deluxe.com/static/js/main.4d827559.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-159-171.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

4bb6f350af3c07f4a643ac5439f1d2237c1f7d1f83bfd34d8320e6a2c2c717ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: profile.deluxe.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
Cookie: _ga=GA1.2.1412416408.1626790600; _gid=GA1.2.1131950957.1626790602; _gat_UA-162528998-1=1
Connection: keep-alive
Referer: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
Via: 1.1 vegur
Etag: W/"1ce-q8A1gkQS1Q6U5BSi0xHNZB4nxD0"
X-Powered-By
Connection: keep-alive
Content-Length: 462
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: deny
Date: Tue, 20 Jul 2021 14:16:42 GMT
Vary: Origin
Strict-Transport-Security: max-age=200
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
X-Webkit-Csp: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' *.typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: *.typekit.net fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.g.doubleclick.net;

GET
H/1.1 200
OK 5641e9f2-6fa0-4bfa-9934-0c260bf71bff.jpg
image.info.deluxe.com/lib/fe311171716404757d1474/m/1/ 18 KB
18 KB 747ms
705ms Image
image/jpeg 2a02:26f0:6c00::210:baf2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.info.deluxe.com/lib/fe311171716404757d1474/m/1/5641e9f2-6fa0-4bfa-9934-0c260bf71bff.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2013b7830756a1677bf932a06b85f6f467cfc1d2e2b3f4887dcaa02ac135f454

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:16:43 GMT
Last-Modified: Fri, 09 Oct 2020 01:43:43 GMT
Server: AkamaiNetStorage
ETag: "960660cf81429edfd5303dd02de525ca:1602207823.624434"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18648

GET
H/1.1 200
OK bb226a70-f263-49f7-8849-b7bb7bdf41e7.png
image.s11.sfmc-content.com/lib/fe311171716404757d1474/m/1/ 1 MB
1 MB 879ms
842ms Image
image/png 2a02:26f0:6c00:2bc::416d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.s11.sfmc-content.com/lib/fe311171716404757d1474/m/1/bb226a70-f263-49f7-8849-b7bb7bdf41e7.png
Requested by: Host: profile.deluxe.com
URL: https://profile.deluxe.com/?id=a3Jpc3Rlbi5wcmlzZWNhcnVAY2hlbWljYWxiYW5rLmNvbQ%3D%3D&langBU=EN-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bc::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e8447148cda26af69a85f0c825a2d099cbf07752d7a70a6a7206881b21effa35

Request headers

Referer: https://profile.deluxe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:16:43 GMT
Last-Modified: Wed, 19 Aug 2020 17:40:36 GMT
Server: AkamaiNetStorage
ETag: "6a0bfd6ab47a04d224959b9d010b8598:1597858836.918451"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1067946

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deluxe.com/	1970-01-19 19:53:10	Name: _gat_UA-162528998-1 Value: 1
.deluxe.com/	1970-01-19 19:54:37	Name: _gid Value: GA1.2.1131950957.1626790602
.deluxe.com/	1970-01-20 13:24:22	Name: _ga Value: GA1.2.1412416408.1626790600

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
Strict-Transport-Security	max-age=200
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com .googletagmanager.com tagmanager.google.com; object-src 'none'; style-src 'self' 'unsafe-inline' .typekit.net tagmanager.google.com fonts.googleapis.com; img-src 'self' data: .google-analytics.com .googletagmanager.com .sfmc-content.com ssl.gstatic.com www.gstatic.com http://image.info.deluxe.com https://image.s11.sfmc-content.com; frame-ancestors 'none'; frame-src 'none'; font-src 'self' data: .typekit.net fonts.gstatic.com; connect-src 'self' .google-analytics.com *.g.doubleclick.net;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.info.deluxe.com
image.info.deluxe.com
image.s11.sfmc-content.com
p.typekit.net
profile.deluxe.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
13.111.196.124
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00:2bc::416d
2a02:26f0:6c00::210:ba2a
2a02:26f0:6c00::210:baf2
54.237.159.171
0bd391ca1ca1c54fc1ff4487e1e4799f171c14a3d7689d38b23c3cda05bfb6d1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2013b7830756a1677bf932a06b85f6f467cfc1d2e2b3f4887dcaa02ac135f454
4bb6f350af3c07f4a643ac5439f1d2237c1f7d1f83bfd34d8320e6a2c2c717ec
5cace06cb7714a4961e74bf7cd897ad5c8804d9e2aa6f717b3dc5df44edd53ff
5cb8c8aba775369b939ee768e1e71d5f97fe0d0dd7c6ad31e4639c7842b2be8a
5dd55e8cf6d25469ca09106e4b754bf6c991679db613fc63eb82de3964e25f42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c461f3c8062254555a36914565e944bd8206975d34e65368a3b93bdf8b0d841
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
aac5388f3504edb07cc15627e5dbaff38c43ad9d17803e28ed1048c495ab12d0
b4ce52d01462b25fdc3c48f823fd04dde31288838c9ea9a2d250a01c89938993
c450fecde477876b342ebfcad2a35aa594a211394ed2d3a993e31f4acf68c2b3
e2ec2c85d8ea5b3f919183c31b5bc0d5b118fc0e9dabb0b8abc5a715c3357d9b
e8447148cda26af69a85f0c825a2d099cbf07752d7a70a6a7206881b21effa35
eaa0a891cd9893ee50b8a501282eeebf699fc07e95b5a797fc9fe7aa663b91ee

profile.deluxe.com Open in urlscan Pro 54.237.159.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

78 %IPv6

5 Domains

8 Subdomains

8 IPs

2 Countries

1951 kBTransfer

2051 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

profile.deluxe.com Open in urlscan Pro
54.237.159.171 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

78 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1951 kB
Transfer

2051 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions