sandbox-cards.deserve.com Open in urlscan Pro
2606:4700::6812:11f0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sandbox-cards.deserve.com/
Submission: On January 02 via api (January 2nd 2024, 3:09:14 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:11f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is sandbox-cards.deserve.com.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.

This is the only time sandbox-cards.deserve.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700::68... 2606:4700::6812:11f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.50.230 54.192.50.230	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:800... 2600:141b:800::1726:a84a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b323	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.225.214.116 13.225.214.116	16509 (AMAZON-02) (AMAZON-02)
18	5

13 2606:4700::6812:11f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sandbox-cards.deserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.50.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-50-230.yul62.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:800::1726:a84a (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b323 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.214.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-116.ewr50.r.cloudfront.net

dfcweb-assets-static.deserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	deserve.com 1 redirects sandbox-cards.deserve.com dfcweb-assets-static.deserve.com	2 MB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	1 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 2979
18	3

	Domain	Requested by
13	sandbox-cards.deserve.com	1 redirects sandbox-cards.deserve.com
3	dfcweb-assets-static.deserve.com	sandbox-cards.deserve.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	sandbox-cards.deserve.com
1	cdn.segment.com	sandbox-cards.deserve.com
18	5

This site contains links to these domains. Also see Links.

Domain
website-static.deserve.com
www.deserve.com

Subject Issuer	Validity	Valid
sandbox-cards.deserve.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.deserve.com Amazon RSA 2048 M01	`2023-09-11` - `2024-10-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sandbox-cards.deserve.com/
Frame ID: 736E51A4F816CE1FD23DCDF02BABD0FF
Requests: 16 HTTP requests in this frame

Frame: https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: B8D6DB04FC645E2D7363A356602B9322
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

18
Requests

94 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

2534 kB
Transfer

4884 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://website-static.deserve.com/wp-content/uploads/2020/01/Web-Electronic-Consent-Policy-Rev-012020-copy.pdf
Title: Electronic Consent Policy

Search URL Search Domain Scan URL

URL: https://website-static.deserve.com/wp-content/uploads/2019/11/USA-PATRIOT-Act-Notice.pdf
Title: PATRIOT Act Notice

Search URL Search Domain Scan URL

URL: https://www.deserve.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://website-static.deserve.com/wp-content/uploads/2019/11/PrivacyNotice.pdf
Title: Privacy Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sandbox-cards.deserve.com/ 6 KB
3 KB 363ms
241ms Document
text/html 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e15a9db70580a92aab35ebefcc95d5b73dda2d155ba7ef8236efe700b52ea75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83f3ebd77d737430-MIA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 15:09:07 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express

GET
H2 200 env.js Show response
sandbox-cards.deserve.com/apply-card/ 1 KB
735 B 163ms
161ms Script
application/javascript 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/env.js

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

08bd78ce3da410445f8c79f76ad42f7ebeb97079bc733951ab6126fb2663d85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:07 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
server: cloudflare
etag: W/"4ef-mmgN6xDLjGrEzvd8ZYVkl4nvOU8"
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebd8f8087430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:07 GMT

GET
H2 200 2.9efadbbf.chunk.css
sandbox-cards.deserve.com/apply-card/static/css/ 10 KB
4 KB 156ms
155ms Stylesheet
text/css 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/css/2.9efadbbf.chunk.css

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c687503f7c8c54a48c314dea236a7851af7105961ba3a0df9d7fb9210049a97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:07 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"2992-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebd8f8047430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:07 GMT

GET
H2 200 main.bd543a12.chunk.css
sandbox-cards.deserve.com/apply-card/static/css/ 90 KB
18 KB 205ms
204ms Stylesheet
text/css 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

136d22dc1422f98a87491acfdec5c74e211b9c1e660908e71149626ff33c08b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:07 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"16631-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebd8f8067430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:07 GMT

GET
H2 200 2.e5652f91.chunk.js Show response
sandbox-cards.deserve.com/apply-card/static/js/ 2 MB
683 KB 230ms
229ms Script
application/javascript 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/js/2.e5652f91.chunk.js

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c2c74db1666d3a33576f88f7131fe92b22b9be21845679e748360a31f4f90ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:07 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"252d87-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebd8f8097430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:07 GMT

GET
H2 200 main.1043014c.chunk.js Show response
sandbox-cards.deserve.com/apply-card/static/js/ 423 KB
90 KB 227ms
226ms Script
application/javascript 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/js/main.1043014c.chunk.js

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

060db96a9d21a999f3a7aeec6d9c60d8650e27f3ca3f0511faeb831b2214ee51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:07 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"69ce4-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebd8f80a7430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:07 GMT

GET
H2 404 analytics.min.js
cdn.segment.com/analytics.js/v1// 0
0 505ms
326ms Script
text/plain 54.192.50.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1//analytics.min.js
Requested by: Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.50.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-50-230.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 02 Jan 2024 15:08:06 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 62
x-cache: Error from cloudfront
content-length: 49
last-modified: Mon, 25 Jun 2018 17:54:06 GMT
server: AmazonS3
etag: "328257380186d550f96adf638ff85092"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 65CPYGLIgjOxlre6xDrSqdJwsooYAT32GncpUyVB13rBiqQG56wtwA==

GET
H2 200 gma8jdu.css
use.typekit.net/ 3 KB
898 B 326ms
129ms Stylesheet
text/css 2600:141b:800::1726:a84a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gma8jdu.css

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:800::1726:a84a Newark, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5532866580d22edc34072bb3c80360d953f67463f3cc218f548a2913e8fb3f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 02 Jan 2024 15:09:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 675

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 228ms
68ms Stylesheet
text/css 2600:141b:1c00:8::1728:b323
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gma8jdu&ht=tk&f=15528.15529.15530&a=2474567&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gma8jdu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
last-modified: Fri, 14 Jul 2023 12:54:09 GMT
server: nginx
etag: "64b14571-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 403
Forbidden logo.svg
dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/ 0
0 306ms
126ms Image
application/xml 13.225.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/logo.svg
Requested by: Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-116.ewr50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden poweredby.svg
dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/ 0
0 307ms
127ms Image
application/xml 13.225.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/poweredby.svg
Requested by: Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-116.ewr50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden home-img.png
dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/ 0
0 315ms
135ms Image
application/xml 13.225.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/home-img.png
Requested by: Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-116.ewr50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 bg-img.64f25005.png
sandbox-cards.deserve.com/apply-card/static/media/ 1 MB
1 MB 201ms
201ms Image
image/png 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox-cards.deserve.com/apply-card/static/media/bg-img.64f25005.png

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

964ad9aae1d024c81be48572acec7eca543464d1b3ee3bee515c42bff845e51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
content-length: 1566422
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"17e6d6-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83f3ebdebb267430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:08 GMT

GET
H2 200 CircularStd-Medium.9ffafedd.otf
sandbox-cards.deserve.com/apply-card/static/media/ 72 KB
42 KB 187ms
186ms Font
font/otf 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/media/CircularStd-Medium.9ffafedd.otf

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2f373e53647dcfc6705c468f7ebe02379af1a212e9ba813c4654770514ecf2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css
Origin: https://sandbox-cards.deserve.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"12184-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebdebb2b7430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:08 GMT

GET
H2 200 SF-UI-Display-Regular.696eab33.otf
sandbox-cards.deserve.com/apply-card/static/media/ 283 KB
106 KB 209ms
208ms Font
font/otf 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/media/SF-UI-Display-Regular.696eab33.otf

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

acc82d2639201e3e87c74000b6289e082ae7bd4d0a6df5c29b8dde458c3d7d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css
Origin: https://sandbox-cards.deserve.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"46dac-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebdebb317430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:08 GMT

GET
H2 200 SuisseIntl-Book.bab5502f.otf
sandbox-cards.deserve.com/apply-card/static/media/ 79 KB
50 KB 178ms
178ms Font
font/otf 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/apply-card/static/media/SuisseIntl-Book.bab5502f.otf

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

20ea36444bd3c22ae83c4a3d885eebd105e95f259c1b6b8c303e046c99bfb608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://sandbox-cards.deserve.com/apply-card/static/css/main.bd543a12.chunk.css
Origin: https://sandbox-cards.deserve.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
last-modified: Tue, 02 Jan 2024 11:56:49 GMT
server: cloudflare
etag: W/"13ce0-18cca0893e8"
x-frame-options: deny
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83f3ebdebb347430-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
expires: Tue, 02 Jan 2024 19:09:08 GMT

GET
H2

200

main.js Show response
sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame B8D6
Redirect Chain

https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

45ms
44ms

Script
application/javascript

2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/

Protocol

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

670e9c0a25875484599b30b4f58246b540a9d48b9b075076a39f2af5ca474d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83f3ebdf2c4c7430-MIA

Redirect headers

date: Tue, 02 Jan 2024 15:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83f3ebdeeb9a7430-MIA

POST
H2 200 83f3ebd77d737430 Show response
sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B8D6 0
251 B 86ms
83ms XHR
text/plain 2606:4700::6812:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/h/g/jsd/r/83f3ebd77d737430

Requested by

Host: sandbox-cards.deserve.com
URL: https://sandbox-cards.deserve.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Jan 2024 15:09:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 83f3ebe05e267430-MIA
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.deserve.com/	1970-01-20 17:23:29	Name: __cf_bm Value: t6bQwmOkRbFMYWuT4.HlehQDXCWc0OSLu924aYUp4RQ-1704208147-1-AUZYFTM1GjPk6HFOIesmgx0AWZMkxbGDpvKbAaE5b88Tp+jC96//NVa0Dl11KM1/JQq0IDNsYhQe5qpBPiS2x/0=
			.deserve.com/	1970-01-21 02:09:04	Name: cf_clearance Value: A9fWIphen0hyZeIEn9MoDmhNVnijYodv32FDpI_s9xQ-1704208148-0-2-f070f55e.b61aca07.a771aabe-0.2.1704208148

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.segment.com/analytics.js/v1//analytics.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/logo.svg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/poweredby.svg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://dfcweb-assets-static.deserve.com/images/hotlink-ok/deserve_edu/home-img.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.segment.com
dfcweb-assets-static.deserve.com
p.typekit.net
sandbox-cards.deserve.com
use.typekit.net
13.225.214.116
2600:141b:1c00:8::1728:b323
2600:141b:800::1726:a84a
2606:4700::6812:11f0
54.192.50.230
060db96a9d21a999f3a7aeec6d9c60d8650e27f3ca3f0511faeb831b2214ee51
08bd78ce3da410445f8c79f76ad42f7ebeb97079bc733951ab6126fb2663d85d
136d22dc1422f98a87491acfdec5c74e211b9c1e660908e71149626ff33c08b0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20ea36444bd3c22ae83c4a3d885eebd105e95f259c1b6b8c303e046c99bfb608
2f373e53647dcfc6705c468f7ebe02379af1a212e9ba813c4654770514ecf2bc
5532866580d22edc34072bb3c80360d953f67463f3cc218f548a2913e8fb3f0d
670e9c0a25875484599b30b4f58246b540a9d48b9b075076a39f2af5ca474d38
964ad9aae1d024c81be48572acec7eca543464d1b3ee3bee515c42bff845e51c
acc82d2639201e3e87c74000b6289e082ae7bd4d0a6df5c29b8dde458c3d7d18
c2c74db1666d3a33576f88f7131fe92b22b9be21845679e748360a31f4f90ddc
c687503f7c8c54a48c314dea236a7851af7105961ba3a0df9d7fb9210049a97e
e15a9db70580a92aab35ebefcc95d5b73dda2d155ba7ef8236efe700b52ea75f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sandbox-cards.deserve.com Open in urlscan Pro 2606:4700::6812:11f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

5 IPs

1 Countries

2534 kBTransfer

4884 kBSize

2 Cookies

4 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

sandbox-cards.deserve.com Open in urlscan Pro
2606:4700::6812:11f0 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

2534 kB
Transfer

4884 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions