www.fcfcu.com Open in urlscan Pro
63.145.156.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bsfcu.net/
Effective URL:
https://www.fcfcu.com/ballstate
Submission: On March 20 via automatic, source certstream-suspicious (March 20th 2023, 7:39:37 pm UTC) — Scanned from DE

Summary HTTP 79 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 22 domains to perform 79 HTTP transactions. The main IP is 63.145.156.20, located in United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is www.fcfcu.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 11th 2022. Valid for: a year.

This is the only time www.fcfcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.185.114.20 192.185.114.20	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	2606:4700:303... 2606:4700:3031::6815:2046	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	63.145.156.20 63.145.156.20	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
9	2600:9000:211... 2600:9000:211e:a200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.45.237.144 23.45.237.144	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.66.122.37 18.66.122.37	16509 (AMAZON-02) (AMAZON-02)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:1200:15:4f24:a700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.132.183.89 3.132.183.89	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1 3	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	98.98.134.246 98.98.134.246	21859 (ZEN-ECN) (ZEN-ECN)
7	108.138.17.75 108.138.17.75	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	173.231.16.76 173.231.16.76	18450 (WEBNX) (WEBNX)
1	44.239.51.114 44.239.51.114	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
11	2a02:26f0:480... 2a02:26f0:480:e::210:f10f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:780... 2a02:26f0:780::5f65:3681	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
79	25

1 192.185.114.20 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: orion.websitewelcome.com

bsfcu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2046 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bsfcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 63.145.156.20 (United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

www.fcfcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:a200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.237.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-144.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.122.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-37.fra60.r.cloudfront.net

fcfcu-widget.interface.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:1200:15:4f24:a700:93a1 (United States)

ASN16509 (AMAZON-02, US)

bob.dmpxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.132.183.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-183-89.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 98.98.134.242 (United States) 1 redirects

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.246 (United States)

ASN21859 (ZEN-ECN, US)

clickserv.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.17.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-75.fra56.r.cloudfront.net

assets.interface.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.51.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-51-114.us-west-2.compute.amazonaws.com

fcfcu-connect.interface.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:480:e::210:f10f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:3681 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	fcfcu.com www.fcfcu.com	1001 KB
14	interface.ai fcfcu-widget.interface.ai assets.interface.ai — Cisco Umbrella Rank: 319644 fcfcu-connect.interface.ai	926 KB
12	typekit.net use.typekit.net — Cisco Umbrella Rank: 413 p.typekit.net — Cisco Umbrella Rank: 542	250 KB
9	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3113	134 KB
5	gstatic.com fonts.gstatic.com	70 KB
4	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 549 js.adsrvr.org — Cisco Umbrella Rank: 1391	3 KB
3	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3494 clickserv.sitescout.com — Cisco Umbrella Rank: 23122	267 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
2	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 428 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	890 B
2	btstatic.com s.btstatic.com — Cisco Umbrella Rank: 8235	42 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	101 KB
1	basis.net 1 redirects pixel-a.basis.net — Cisco Umbrella Rank: 18921	65 B
1	google.de www.google.de — Cisco Umbrella Rank: 6069	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2634	116 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 4341	253 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 4504	229 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1761	1 KB
1	dmpxs.com bob.dmpxs.com — Cisco Umbrella Rank: 11276	359 B
1	bsfcu.com 1 redirects www.bsfcu.com	701 B
1	bsfcu.net 1 redirects bsfcu.net	94 B
79	22

	Domain	Requested by
16	www.fcfcu.com	www.fcfcu.com
11	use.typekit.net	www.fcfcu.com
9	images.ctfassets.net	www.fcfcu.com
7	assets.interface.ai	www.fcfcu.com fcfcu-widget.interface.ai
6	fcfcu-widget.interface.ai	www.fcfcu.com fcfcu-widget.interface.ai
5	fonts.gstatic.com	fonts.googleapis.com
3	insight.adsrvr.org	www.fcfcu.com js.adsrvr.org
2	fonts.googleapis.com	fcfcu-widget.interface.ai www.fcfcu.com
2	pixel.sitescout.com	www.fcfcu.com
2	s.btstatic.com	www.fcfcu.com s.btstatic.com
2	www.google-analytics.com	www.fcfcu.com www.google-analytics.com
2	www.googletagmanager.com	www.fcfcu.com
1	p.typekit.net	www.fcfcu.com
1	pixel-a.basis.net	1 redirects
1	www.google.de	www.fcfcu.com
1	www.google.com	www.fcfcu.com
1	fcfcu-connect.interface.ai	fcfcu-widget.interface.ai
1	api.ipify.org	fcfcu-widget.interface.ai
1	stats.g.doubleclick.net	www.google-analytics.com
1	clickserv.sitescout.com	www.fcfcu.com
1	pubads.g.doubleclick.net	www.fcfcu.com
1	js.adsrvr.org	www.googletagmanager.com
1	action.media6degrees.com	www.fcfcu.com
1	action.dstillery.com	1 redirects
1	s.thebrighttag.com	s.btstatic.com
1	bob.dmpxs.com	www.fcfcu.com
1	www.bsfcu.com	1 redirects
1	bsfcu.net	1 redirects
79	28

This site contains links to these domains. Also see Links.

Domain
fcfcu.makeplans.net
www.co-opfs.org
www.mycumortgage.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
itunes.apple.com
play.google.com
app.loanspq.com
assets.ctfassets.net

Subject Issuer	Validity	Valid
*.fcfcu.com Thawte RSA CA 2018	`2022-07-11` - `2023-07-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh
s.btstatic.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-30` - `2024-02-20`	a year	crt.sh
interface.ai Amazon RSA 2048 M02	`2023-02-28` - `2023-05-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dmpxs.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-07`	10 months	crt.sh
signal.co Entrust Certification Authority - L1K	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.fcfcu.com/ballstate
Frame ID: E5D108355E562C8E25748F8DD6D892DF
Requests: 75 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 18518DD512524F9266B5AF19160D49D8
Requests: 1 HTTP requests in this frame

Frame: https://fcfcu-widget.interface.ai/widget/index.html
Frame ID: 2D4E974C55B6EF0EB750B75246D6B2B5
Requests: 10 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: AD9DE54B06EF7D7A0711BB7FB578DD2A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=cq327qt&ref=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&upid=5ren5rh&upv=1.1.0
Frame ID: 5A145AC5FF495E390EB0F76A18C34399
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BallState - Financial CenterArrow Icon

Page URL History Show full URLs

https://bsfcu.net/ HTTP 301
http://www.bsfcu.com/ HTTP 301
https://www.fcfcu.com/ballstate Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Signal (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

//s\.btstatic\.com/tag\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

99 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

25
IPs

3
Countries

2554 kB
Transfer

6151 kB
Size

5
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://fcfcu.makeplans.net/
Title: Branch Appointment

Search URL Search Domain Scan URL

URL: https://www.co-opfs.org/Shared-Branches-ATMs
Title: 5,000+ shared branching credit unions

Search URL Search Domain Scan URL

URL: https://www.mycumortgage.com/member-access/
Title: CU Mortgage Access

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FinancialCenterFCU

Search URL Search Domain Scan URL

URL: https://twitter.com/FCFCU

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/financial-center

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Financialcenterfcu/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/financial-center-mobile-mpower/id594824876?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.fcfcu

Search URL Search Domain Scan URL

URL: https://app.loanspq.com/xa/xpressApp.aspx?lenderref=fcfirst020821&type=1
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/ko5ptq943svb/1vU1qJWdXzA8ePRI7bscdt/c2596ee45d0b922c8bad3d295487a273/Privacy1220.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bsfcu.net/ HTTP 301
http://www.bsfcu.com/ HTTP 301
https://www.fcfcu.com/ballstate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://action.dstillery.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 60

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

79 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ballstate Show response
www.fcfcu.com/
Redirect Chain

https://bsfcu.net/
http://www.bsfcu.com/
https://www.fcfcu.com/ballstate

229 KB
60 KB

363ms
117ms

Document
text/html

63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

d2bd9aee7e2a237239fbda7047a64c81bb698f63dde2705c83c79a686a2d0aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 20 Mar 2023 19:39:30 GMT
etag: W/"64189a85-39211"
last-modified: Mon, 20 Mar 2023 17:40:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-farmhand: api-srv1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7ab06bea0ced2c39-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 20 Mar 2023 19:39:30 GMT
Expires: Mon, 20 Mar 2023 20:39:30 GMT
Location: https://www.fcfcu.com/ballstate
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19ULCsOZFTfUdNC%2B8jylgBW%2FOZuPvO1FZTSipIIoMiqr7RleZk6bsfG%2F0LtfUI4tILh65dxa1%2FWdI9hrB3f%2FgEXgOZXbh3FiiXepSBmE87taMc0v2TM1b43gVjJFtQ9iwLeIESgNvDirrpBp"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 component---src-layouts-index-js-d3e0241575038feeb9bf.js Show response
www.fcfcu.com/ 14 KB
6 KB 219ms
218ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

33d9c6a846afc08e87005ea903b39a506896bc5dfdc2544dd902f5e1ce6a3681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-378c"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-page-js-c4a00c7528c05b4e7e64.js Show response
www.fcfcu.com/ 4 KB
2 KB 220ms
219ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/component---src-templates-page-js-c4a00c7528c05b4e7e64.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

320d619055e91f4e7941de5d8b386df50cae8bd250cefe46d058da3035ce24cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-11f8"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 path---index-3951eefe7d397ec90827.js Show response
www.fcfcu.com/ 221 KB
33 KB 220ms
219ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---index-3951eefe7d397ec90827.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

e21e4a3c9ce08d52cf0177b58b1917ce8d1d45a74a9f65dc4c7217b0579b6e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-37418"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 app-9ef7539d16dcd082eaf9.js Show response
www.fcfcu.com/ 519 KB
69 KB 332ms
331ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/app-9ef7539d16dcd082eaf9.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

f0fd3658e7d4f8768cf73a41178af40d1171e4c1e00949dedf57feededc30e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-81a52"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 commons-1ea1f7d384bb8b129ca8.js Show response
www.fcfcu.com/ 2 MB
606 KB 375ms
374ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

0db6f0ff15eeb5903515223caed9b6ad189527832df4f254ec40a2df28302a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-1edd5d"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
59 KB 58ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT9T682

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

451aa9be09fceaa82675e78ef959ceb56d40efac87be513883c3e5b02434873a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59883
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:42:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 19:39:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 18:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4557
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 20:23:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
42 KB 77ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WH86XH7

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2db9e28cbc7303e77298b0fe5faa0a8ccaff40ea37e7585223279c11962d0d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42877
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:42:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 19:39:31 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba56c5ed7f8ce0d8ac7d6ee4bca3a96b590d4dd44fe53ff50104d9a9702ff806

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e83574029f2574b0702349887f0c5549a0f7380a255fc0440ae7ae7a7f3c79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c146a1710c8ce9eb9e39914d02997647b6729d2c6258b744e041671745eeb056

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcbee71106eb141ee650f11b4c83ad238df4ccfb2f24322f4d89b10f098500cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 571 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37abf07e4910dcca7949ecd6f2e1a8d6ac969809a7f2c668b07f3ec0137219ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 BecomeMemberIcon.svg
images.ctfassets.net/ko5ptq943svb/1vWxQzvNFewzn1oHffxrx1/eb53c8e7114a9f8f8d53e38a6ce26c08/ 1 KB
1 KB 244ms
201ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/1vWxQzvNFewzn1oHffxrx1/eb53c8e7114a9f8f8d53e38a6ce26c08/BecomeMemberIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e51c14a0aa93874184b7ad5f22ef231fdb600a6d27d08824f7a442210a0ffabe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 15:58:06 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"2665ae41d812dd5462ced0046b7777c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: T6vYYpPlXMmLmHTWYs1poxHXxMKIEwgASZB2WLjpScdCF790qmQmvg==

GET
H2 200 ApplyForLoanIcon.svg
images.ctfassets.net/ko5ptq943svb/2UG5cucbcSSwdZJw8RTL5Z/b954d535edf117cfd5d4ec112c24b7f0/ 7 KB
3 KB 53ms
9ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/2UG5cucbcSSwdZJw8RTL5Z/b954d535edf117cfd5d4ec112c24b7f0/ApplyForLoanIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d4153e2eb2c79a72b237d6538078f18ef7e77e733613c9147d76ce9942f0a0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:45:09 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 15:56:19 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 79854
etag: W/"6aa330703041d0817a393c15e7eb7e48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 3HECbOF9ROA_zR8Z1hNmwA0aBo5IRrlggjhqQhPRjj4l1uZAF2XKqg==

GET
H2 200 GraySOLIDSwirlIcon.svg
images.ctfassets.net/ko5ptq943svb/1NJBrimtZpOC2dijstWTk5/002832af3cfbd8b40826416970f87625/ 1 KB
1 KB 268ms
225ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/1NJBrimtZpOC2dijstWTk5/002832af3cfbd8b40826416970f87625/GraySOLIDSwirlIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 86b7f1d56aae3a609d0620edc125cf51e1a2d562e965768db79895a294f31a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jan 2021 15:32:38 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"a965b8e59195ced071141bad876b7a0d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: aYLnMFcpZ0iHddtgzRG2jhTvy0QX-lb_3sqrpk-1l_cGCuZvMgvVYQ==

GET
H2 200 StayInformedIcon.svg
images.ctfassets.net/ko5ptq943svb/1EBwxL9mkB7On1b7GMvdEj/0de5ccb4d883b4d2d7cd6698a7f4556f/ 3 KB
2 KB 252ms
209ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/1EBwxL9mkB7On1b7GMvdEj/0de5ccb4d883b4d2d7cd6698a7f4556f/StayInformedIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 05df87639e81abd46c38e131d0c518eaacf5a8c6a596324a908e9c7ba5384138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 20:06:27 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"6eab4adcdfb91b768aebfed6e0ca34e0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 9lBSMjL9IBjOHiCh9GBMLQF-wORmFKhB57-0Uez-eXO1OUNwdDKzmA==

GET
H2 200 PodcastIcon.svg
images.ctfassets.net/ko5ptq943svb/4eL4JqjvgVDVGd9sfn7oJz/0203e0da2f74c23e4b2cf700120b2431/ 2 KB
1 KB 53ms
10ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/4eL4JqjvgVDVGd9sfn7oJz/0203e0da2f74c23e4b2cf700120b2431/PodcastIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2887b6341fbdd2f7eb94d7d3a99d7a8167d84ef4ec772a083a05a4126ca04c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 02:02:59 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Fri, 08 Jan 2021 15:34:23 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 63393
etag: W/"74a9865bd5f9a4001f1345d869688f3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: yQEzPAKjklRxOf_u6dcA-LhLPZ3okYe9RSgEZyQUgTRhoIek4p15WQ==

GET
H2 200 RetirementIcon.svg
images.ctfassets.net/ko5ptq943svb/5o2g21CVSvK50BQHk4VvOh/93604fd9f2fe26d2bd12bc5db9b74bb6/ 2 KB
1 KB 53ms
10ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/5o2g21CVSvK50BQHk4VvOh/93604fd9f2fe26d2bd12bc5db9b74bb6/RetirementIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ed10aa4ebc4156c7fd0e6674d299cc4393b5c439d27c3f0e733ee95ec4a0cef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:45:09 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 20:02:39 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 79846
etag: W/"94efe57faf77f41ce97cdc497b00a6cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: u54VPdQS-V0NGbPHJLK81J4-c07udiC5u1StWiOonSKK4X05HWsr2Q==

GET
H2 200 InTheNewsIcon.svg
images.ctfassets.net/ko5ptq943svb/7eT12XfDZZNLZxNLAk7E5O/5abad3d6f7b4e60185ef126d3fa912a8/ 3 KB
2 KB 30ms
11ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/7eT12XfDZZNLZxNLAk7E5O/5abad3d6f7b4e60185ef126d3fa912a8/InTheNewsIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b77708c681de141cb812bdbe937fb2fbb2b96d7190897d616d9e01cc09231a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:28:47 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 20:00:33 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 79845
etag: W/"dca5808af04409205ae782e23913cf07"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: MnPw8-NX5H1RI5xvOp9QnXxP2olecbhNIA4Ho5I_jvzcttaLp10DmA==

GET
H2 200 SecurityTipsIcon.svg
images.ctfassets.net/ko5ptq943svb/6QxbueZgIVzMKoIeABnBBn/7254cb31de45418031964eca270d3682/ 2 KB
1 KB 28ms
9ms Image
image/svg+xml 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/6QxbueZgIVzMKoIeABnBBn/7254cb31de45418031964eca270d3682/SecurityTipsIcon.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0be2bd30a9e468d38ee1fe3ecfb2f38a697c518f5db5336fa36cd969bc11a151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:28:46 GMT
content-encoding: gzip
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 20:05:16 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 79846
etag: W/"62f28df2b1cae69e3fb670d252503139"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 4RSSjGGF1xuFrWjKOzN0rOafNAcf3do7kQw4s0eVniHKPLDdPdYcKA==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e16eaf9458e264b7a28bfe181fecfe45923e103ea974e9f3d31920aaf13a3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99dfe19e22d74771ee813634960ee437dc63ab3912d95ea1dbabddc60ac49ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ 34 KB
13 KB 79ms
14ms Script
application/javascript 23.45.237.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-237-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 19:39:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Feb 2023 15:10:42 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12525

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0688617859a58bb3c37b54371b910e0007228802df93fc3de3729bb045ec232

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 widget-loader.js Show response
fcfcu-widget.interface.ai/ 139 KB
140 KB 80ms
20ms Script
application/json 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget-loader.js
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff74952acc1f144cbb168ea7436839b8199a5e021f93d50293719a7ba92e7364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:45:11 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 04:58:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3261
etag: "b20be35b783a29a5a126173b8c82209f"
x-cache: Hit from cloudfront
content-type: application/json;charset=utf-8
accept-ranges: bytes
content-length: 142586
x-amz-cf-id: Yp1yrQPKpXRO96YyqLRgRpncDztXTWKehbZHSRLhE0z5kUrmwu6WOA==

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 116ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=8mbbe28&ct=0:e2q97pn&fmt=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bob_002.gif
bob.dmpxs.com/ 42 B
359 B 91ms
8ms Image
image/gif 2600:9000:2491:1200:15:4f24:a700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob.dmpxs.com/bob_002.gif?bob_bk=1&phnxid=140647&sub1=
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:15:4f24:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:08:50 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
last-modified: Mon, 03 Feb 2020 23:36:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 66642
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 42
x-amz-cf-id: n2bQBsSquzNSBTFwsPywMppyXHLEuO0VxU2C31d89cRrFAMrP7Cr7A==

GET
H2 200 tag Show response
s.thebrighttag.com/ 826 B
1 KB 356ms
112ms Script
text/javascript 3.132.183.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=1PR3l09&H=-xf7ce6
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.183.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-183-89.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ff2318ae1231dfa1d78358111a2c6bdaabf2ee02ecf3a8d337180a28e1cfb267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
x-bt-requestid: ef431820-c756-11ed-a89d-0000ac170286
server: nginx
etag: bfdcebec192943b6a4525072c3ccee52
content-type: text/javascript
access-control-allow-origin: https://www.fcfcu.com
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 826
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
253 B

507ms
340ms

Script
text/html

2606:4700::6812:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Server: 2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7ab06bf44e725c98-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Mon, 20 Mar 2023 19:39:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ab06bf0d8cf5c98-FRA
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 32ms
6ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH86XH7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 02:32:15 GMT
Content-Encoding: gzip
Via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 61637
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 4aAIO0dI2vJUK7POcUJhvMDfMydAFXWVmyMRvQUud0ezDtJgCxWmIQ==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1851 0
0 70ms
17ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.fcfcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 20 Mar 2023 19:39:30 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 activity;xsp=4634367;ord='+%20a%20+'
pubads.g.doubleclick.net/ 42 B
542 B 97ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4634367;ord='+%20a%20+'?gtmcb=377698978

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7d32a45aef378e16
clickserv.sitescout.com/conv/ 43 B
267 B 69ms
16ms Image
image/gif 98.98.134.246
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickserv.sitescout.com/conv/7d32a45aef378e16
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.246 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:30 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 loading_dots.gif
assets.interface.ai/widget/ 4 KB
4 KB 35ms
8ms Image
image/gif 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/widget/loading_dots.gif
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca5fd78f20572527f4cddaa8a2da165a344450475daeebe506fb0a2f24fd6c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Uh4YPQZ8xyQjWhDx6BR7rhGr06AA5nWO
date: Tue, 14 Mar 2023 17:26:26 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 11:57:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 526386
etag: "71d2aae75d9ba41ad4ee81bfb14d5aca"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 4107
x-amz-cf-id: z98t7ndr6U3vWi4DrgaUQF_o-0AAiVExCAdigawHIFFl80xB9RMBZQ==

GET
H2 200 bot.png
assets.interface.ai/images/FCFCU/ 7 KB
7 KB 33ms
7ms Image
image/png 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/images/FCFCU/bot.png
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f60089c353029c87d93a395a72e6b792e8a4f05e405b9a8355bede1dc23b3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:19:45 GMT
x-amz-version-id: eis0bqcaMmyZ7WUg3JxsdweqbMmdDmPA
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 07:53:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 44387
etag: "517faf7a4857e4b9e66e43bb937a1447"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7216
x-amz-cf-id: BO_hSJy4c3aulXyi_Nz_cUzpVyKvFb5UnDauGNwtuHA8dScea0zY2g==

GET
H2 200 index.html Show response
fcfcu-widget.interface.ai/widget/ Frame 2D4E 3 KB
3 KB 18ms
18ms Document
text/html 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget/index.html
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b882fada3d97e9eb0734b2493aab35d084ea0ac6ae898dfc71b7085e0541ece0

Request headers

Referer: https://www.fcfcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3260
content-length: 2759
content-type: text/html
date: Mon, 20 Mar 2023 18:45:12 GMT
etag: "606a26be3a729c66d487ce5c6057c9ef"
last-modified: Mon, 03 Oct 2022 04:58:41 GMT
server: AmazonS3
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id: _mvbQ65D-G0qqpNE7XydoUyGYaH8mJhBngluB7NLAr98b6qTYpQukg==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 launcher-icon-bg_evnhyf.svg
assets.interface.ai/images/ 2 KB
2 KB 21ms
8ms Image
image/svg+xml 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/images/launcher-icon-bg_evnhyf.svg
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53ff7317219b58ccf50cf5e9f6a1ac43790ed0538d39c10295b2f8f217afaac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:44:48 GMT
x-amz-version-id: h7hZ3uYsJw3rZFcZ15h3_LnKbaTfeFBM
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 11:57:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 496484
etag: "a32b25c7c796ee2717bfc2dc518558b4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 1743
x-amz-cf-id: g9gekPXZORSMaq4heWFbcqO8AOB50vEx02rD6zBNku9AwC2MhHCmFw==

GET
H2 200 2.933512a3.chunk.css
fcfcu-widget.interface.ai/widget/static/css/ Frame 2D4E 5 KB
5 KB 19ms
19ms Stylesheet
text/css 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget/static/css/2.933512a3.chunk.css
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2819d1e722f77c6ae14d5be12750c21149f60523b7f5cd350c3950e25d910231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fcfcu-widget.interface.ai/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:45:13 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 04:58:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3259
etag: "4329eb710328591ad4199a34398346d3"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 4820
x-amz-cf-id: gtmVbysx6WF6E4x4lKj51HqXfJK1pEleFIzwO4iVwkeOE22eAsahnA==

GET
H2 200 main.a098fac5.chunk.css
fcfcu-widget.interface.ai/widget/static/css/ Frame 2D4E 21 KB
21 KB 20ms
19ms Stylesheet
text/css 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a9c015e373c9047722f22fe8ca540ecc0bfe7fa67a76677760a2f64c24f07bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fcfcu-widget.interface.ai/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 20 Mar 2023 18:45:13 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 04:58:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3259
x-amz-server-side-encryption: AES256
etag: "e91b4253d7dd5ac7a0b0d89eb9b9875a"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 21524
x-amz-cf-id: LAGd_RBo5iVbfT_u4KEIEp92HOlhZl0IOnWuz5hc9mmrJs1Nrce6qw==

GET
H2 200 2.a690e02f.chunk.js Show response
fcfcu-widget.interface.ai/widget/static/js/ Frame 2D4E 577 KB
578 KB 20ms
19ms Script
application/javascript 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget/static/js/2.a690e02f.chunk.js
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb44c281e82bc24e36d2deac4a6b10f316e5863b6c88c752c857df67f00f150e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fcfcu-widget.interface.ai/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:45:13 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 04:58:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3259
x-amz-server-side-encryption: AES256
etag: "f4e74741141246a5c092568226c9af6b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 590788
x-amz-cf-id: _jDYQ77WwvRDrRK1VPy3HSPm4lWOyEgVLawkkF9u-WM_aizwifNRTA==

GET
H2 200 main.4c6c48e2.chunk.js Show response
fcfcu-widget.interface.ai/widget/static/js/ Frame 2D4E 131 KB
131 KB 21ms
20ms Script
application/javascript 18.66.122.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ce0b03e48fc59955981ac255deae1fcd188687c48d1c81140758cc009eed91c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fcfcu-widget.interface.ai/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 20 Mar 2023 18:45:13 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 04:58:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3259
etag: "5f30e0fd0e52e014e999f9a99471eb9c"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 133941
x-amz-cf-id: 3RSRjmliKQYCyHIkzr2gELrRuEc46b4TuqFYzFV9uu5a15D5URpD1g==

GET
H2 200 css
fonts.googleapis.com/ Frame 2D4E 7 KB
989 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700,800

Requested by

Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d262cd70baf682ed76d7a583c7cb2eb5c426d3433c660b0d4ac9c815bd5952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fcfcu-widget.interface.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 19:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:43:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 19:39:31 GMT

GET
H2 200 banner.png
assets.interface.ai/images/FCFCU/ 12 KB
12 KB 9ms
8ms Image
image/png 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/images/FCFCU/banner.png
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f5fafbd337ba6b44aa96573cfcc1d683e731c330f772a7a9491f56673597f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 02:03:02 GMT
x-amz-version-id: JIP9Awc1V9nt4MzWFud5xZynNVLlv94.
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 07:54:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 63390
etag: "d198f84058e1603ae1e542fe3de3beea"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12371
x-amz-cf-id: cjPXCP82AmEJ72yAhEmUn-Ht10zUMM4S7pRmh2EovPgbBt7xkFbn0g==

GET
H2 200 thumbs-up.png
assets.interface.ai/widget/ 9 KB
9 KB 10ms
8ms Image
image/png 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/widget/thumbs-up.png
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95a8827147009dbb66c6273a554580d0251f67bef2fd6dbb0aea14bcb8235f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Qs3UeYpIlFjCeHdRlOo9qTe6LpL8dwSk
date: Mon, 20 Mar 2023 13:17:20 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 11:57:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 22932
etag: "e84dacf91f48267d51d3e8a5f553be19"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 8804
x-amz-cf-id: 5PEndluN7ZDWSYA2Jrz4vtq7ySMnHwYpjC4DoQa8cT9IVbvljxkmeQ==

GET
H2 200 thumbs-down.png
assets.interface.ai/widget/ 9 KB
9 KB 10ms
9ms Image
image/png 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.interface.ai/widget/thumbs-down.png
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d6dc445434df5642294b345c9439550818c7646eef2409a6fa4af23069a5292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 6tt_5VlMGx3.kXLTtWxGnF2kNrUvq3wf
date: Wed, 15 Mar 2023 09:15:28 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 11:57:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 469444
etag: "a379af8d6d9bd73938b667b0b9b6a974"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-length: 8846
x-amz-cf-id: oYANcKe8vrhnty5cktrDZbN-p6JFzVWjd6wBd1d9LxQngrv_FzEFlw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=353558354&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&dp=%2Fballstate&ul=en-us&de=UTF-8&dt=Home%20-%20Financial%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1944660436&gjid=916582905&cid=1040184890.1679341171&tid=UA-21760027-1&_gid=311233.1679341171&_r=1&_slc=1&z=1516461443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fcfcu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fcfcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 path---ballstate-d3025c0bbdb3179904c4.js Show response
www.fcfcu.com/ 151 KB
24 KB 117ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---ballstate-d3025c0bbdb3179904c4.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

d36430f9b9a3483bc7b75ffa5046506b51d0faab66450d4526edd5354083757a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-25a18"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21760027-1&cid=1040184890.1679341171&jid=1944660436&gjid=916582905&_gid=311233.1679341171&_u=aEBAAEAAAAAAACAAI~&z=349021091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fcfcu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 19:39:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fcfcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.ipify.org/ Frame 2D4E 21 B
116 B 637ms
154ms XHR
application/json 173.231.16.76
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-76.static.webnx.com
Software: /
Resource Hash: 25678a07332fb75a007a096fad5d6412f55e78190ba2dc02df6c38d2354bfbfb

Request headers

Referer: https://fcfcu-widget.interface.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fcfcu-widget.interface.ai
date: Mon, 20 Mar 2023 19:39:32 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H/1.1 200
OK login Show response
fcfcu-connect.interface.ai/ Frame 2D4E 192 B
532 B 685ms
170ms XHR
application/json 44.239.51.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcfcu-connect.interface.ai/login
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.51.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-51-114.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6173582360d88be96cd4a1fcb513661adbe551acc6aceade79d85cf369b4fa85

Request headers

Referer: https://fcfcu-widget.interface.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
server: istio-envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fcfcu-widget.interface.ai
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 192

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 2D4E 8 KB
8 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fcfcu-widget.interface.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 04:51:17 GMT
x-content-type-options: nosniff
age: 398894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 04:51:17 GMT

GET
H2 200 interfaceicons.woff
assets.interface.ai/fonts/ Frame 2D4E 3 KB
3 KB 21ms
6ms Font
binary/octet-stream 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.interface.ai/fonts/interfaceicons.woff
Requested by: Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e1f6a1e76cd6bec380a11af4c8f2fa59ae1ffc0e8f8a68e2d5025255dc0c4e0

Request headers

Referer: https://fcfcu-widget.interface.ai/
Origin: https://fcfcu-widget.interface.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: jvJ9bJd.swPmbDu3lOIx4gzQf5tqBnAX
date: Fri, 17 Mar 2023 01:38:55 GMT
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 324037
x-cache: Hit from cloudfront
content-length: 2588
last-modified: Thu, 10 Dec 2020 00:36:45 GMT
server: AmazonS3
etag: "392a2f961b5725809920abb7617792e1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-amz-cf-id: _RVRN_4My2nsdBY8PwbKK1_-JmRQYSAFCD9JHUPMo-c5e4Zef43VtA==

GET
H/1.1 200
OK BrightTag.jquery-1.5.1.js Show response
s.btstatic.com/ 82 KB
29 KB 16ms
16ms Script
application/javascript 23.45.237.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-237-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 19:39:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Feb 2023 15:10:42 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29695

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 45ms
45ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=b0nopif&ct=0:qzu74q9&fmt=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 66ms
45ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21760027-1&cid=1040184890.1679341171&jid=1944660436&_u=aEBAAEAAAAAAACAAI~&z=820996645

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 66ms
44ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21760027-1&cid=1040184890.1679341171&jid=1944660436&_u=aEBAAEAAAAAAACAAI~&z=820996645

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 19:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 orf4sjh.js Show response
use.typekit.net/ 19 KB
7 KB 127ms
31ms Script
text/javascript 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/orf4sjh.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f8d4e69d61b728417c005fa49d406b1ec0f8f746a5df0de4412f2b2f78e0393b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6905

GET
H2 200 css
fonts.googleapis.com/ 8 KB
817 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 19:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 18:40:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 19:39:31 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43c7db19c257617111725dd2c449441796009aa687c9b258c27f5d82416c9e48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame AD9D
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

14ms
13ms

Document
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.fcfcu.com/ballstate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 20 Mar 2023 19:39:31 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2 200 fcfcu-logo-a6ae74f0f6b71f305f8cc90b1090e850-cff4b.webp
www.fcfcu.com/static/ 7 KB
7 KB 114ms
113ms Image
image/webp 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fcfcu.com/static/fcfcu-logo-a6ae74f0f6b71f305f8cc90b1090e850-cff4b.webp

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

7de5181efa24b35e03c3a21bd19a340f2913bfc64117e4358e8f6b3b7c23dc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:32:04 GMT
server: nginx
etag: "64189894-1c96"
x-farmhand: api-srv1
x-frame-options: SAMEORIGIN
content-type: image/webp
accept-ranges: bytes
content-length: 7318
x-xss-protection: 1; mode=block

GET
H2 200 BSF_BrighterFuture_0820.jpg
images.ctfassets.net/ko5ptq943svb/3XDhBOHeKOhGCLvmwYHDjD/de42d8578d64fe65cb967dcc4ecadde3/ 121 KB
121 KB 58ms
58ms Image
image/webp 2600:9000:211e:a200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ko5ptq943svb/3XDhBOHeKOhGCLvmwYHDjD/de42d8578d64fe65cb967dcc4ecadde3/BSF_BrighterFuture_0820.jpg?w=2000&h=1000&q=80&fm=webp
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d0a178e1827c5949d3647226288de836fb729816a8303cf55a16cb57965569c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:51:39 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "f976268f829fabd871abf147d6f17f05"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 123870
x-amz-cf-id: kIoz91qYLujLRCfZ6vLUN9z2GPkABmYgnteY2464w-82mtFiknQADQ==

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 01:04:53 GMT
x-content-type-options: nosniff
age: 412478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 01:04:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 307221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:19:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 253934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 21:07:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 397103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:21:08 GMT

GET
H2 200 l
use.typekit.net/af/442215/000000000000000000010b5a/27/ 23 KB
23 KB 105ms
26ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "9523c64514161c03124fab238b18113d17bad9eb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23800

GET
H2 200 l
use.typekit.net/af/3df5fe/000000000000000000010b5b/27/ 25 KB
25 KB 106ms
27ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3df5fe/000000000000000000010b5b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "639e52eb61e2e74a6b9e567eea4595b8cedfd8df"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25160

GET
H2 200 l
use.typekit.net/af/1709eb/000000000000000000010b60/27/ 24 KB
24 KB 156ms
78ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "9bd0488a91630a3c738a4d950e0b0b7930bcb98f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24740

GET
H2 200 l
use.typekit.net/af/65fc7d/000000000000000000010b61/27/ 26 KB
26 KB 160ms
81ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/65fc7d/000000000000000000010b61/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "08910aa8e42a32045f6a1944e9821c03acb37f44"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26660

GET
H2 200 l
use.typekit.net/af/ba2099/000000000000000000010b58/27/ 23 KB
23 KB 163ms
84ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ba2099/000000000000000000010b58/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 294ae0fff50521a07608e00efcf5ddd6d518b3d8a5bf8feacc46fd827d49ded1

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "02f2a31f97bd41f4cd19e9b17104d622e87bbdf5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23360

GET
H2 200 l
use.typekit.net/af/1ece10/000000000000000000010b59/27/ 23 KB
23 KB 170ms
92ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ece10/000000000000000000010b59/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 30bdc57e6ab23a0571f989fad6f4be3aadf1c774e81ac0633b50d726028d6aec

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "d08dedb0d79df51ca1b20b96bd1b830a76d6f7e4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23764

GET
H2 200 l
use.typekit.net/af/8dd886/000000000000000000010b5c/27/ 23 KB
23 KB 105ms
26ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8dd886/000000000000000000010b5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "02ac0f44fc2605ad66d853df88904127aa3b3e9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23180

GET
H2 200 l
use.typekit.net/af/441f33/000000000000000000010b5d/27/ 24 KB
24 KB 132ms
54ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/441f33/000000000000000000010b5d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1d9365bce1517ad551714c48bf91e35c7e46c9bfa8f99b6602908b49da91eb7b

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "c279e65fbd61688650c397769c289211ded91d9f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24656

GET
H2 200 l
use.typekit.net/af/cef9f3/000000000000000000010b5e/27/ 24 KB
24 KB 166ms
88ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cef9f3/000000000000000000010b5e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "2cf082c83c603f9c00006fb11a3498c4cf214475"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24232

GET
H2 200 l
use.typekit.net/af/2a72d2/000000000000000000010b5f/27/ 26 KB
26 KB 135ms
57ms Font
application/font-woff2 2a02:26f0:480:e::210:f10f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2a72d2/000000000000000000010b5f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: aa62b8b21767c2925740b17092c3584a7a29cad72443650d2a96c54ad1819ef5

Request headers

Referer: https://www.fcfcu.com/
Origin: https://www.fcfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
server: nginx
etag: "ce2f74527cde9d77ddc7a1f5995e3509410cbee4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26604

GET
H2 200 path---carpedime-ada332007abfbafa42a1.js Show response
www.fcfcu.com/ 156 KB
22 KB 116ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---carpedime-ada332007abfbafa42a1.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

6d6f25e0d73902ad111b5915ec98289ce1625cf10a7e6c4331f90576967ef974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:31 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-2719d"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 path---live-chat-e6492c37369d4e1d50ff.js Show response
www.fcfcu.com/ 143 KB
20 KB 116ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---live-chat-e6492c37369d4e1d50ff.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

76dd997ffae23e8ea16b7e9da625fe6a99a2b3741825991c34c0060262ac95c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-23b93"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 664ms
162ms Image
image/gif 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=orf4sjh&ht=tk&h=www.fcfcu.com&f=10954.13453.13454.13455.13456.13457.13458.13459.13460.13461&a=8857365&js=1.21.0&app=typekit&e=js&_=1679341172004
Requested by: Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 path---articles-gift-from-ball-state-financial-will-boost-universitys-financial-literacy-cc7ab02d745030c11692.js Show response
www.fcfcu.com/ 144 KB
20 KB 116ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---articles-gift-from-ball-state-financial-will-boost-universitys-financial-literacy-cc7ab02d745030c11692.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

0aeb94816ec032e67c39fbc083bcdd6b161d7d92dbc37db50cfa51072b377d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-23fb9"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-article-js-5ff1547a0791c713795e.js Show response
www.fcfcu.com/ 3 KB
2 KB 115ms
115ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/component---src-templates-article-js-5ff1547a0791c713795e.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

8afa64d683a45e37ef3970da4c3cbbeebbc0dea6450205c93c03bf0f962f85e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-ad0"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 path---financial-education-education-video-library-4a0588d9af886860b9c1.js Show response
www.fcfcu.com/ 148 KB
21 KB 116ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---financial-education-education-video-library-4a0588d9af886860b9c1.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

531a807d2726f99bf454d32c442114aef2f053f2c6c3edd7bb5e6ad0696bb2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-24e70"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 path---webinar-calendar-ae09488ffb9c73132add.js Show response
www.fcfcu.com/ 149 KB
22 KB 116ms
116ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---webinar-calendar-ae09488ffb9c73132add.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

7bb124a2c26ccd707cd517d9ba440bdd66ee456ff8f9af10ef318a4f2c2f5724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-25585"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 path---app-d475bbbd39025c2b765a.js Show response
www.fcfcu.com/ 160 KB
25 KB 117ms
117ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/path---app-d475bbbd39025c2b765a.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

2286a5b1a4fdcb4364de34b2981616b0279a68dddbb2bfacd51910a01ce9a7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-27ecf"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 component---src-banking-index-js-7c96e7634df499d63f39.js Show response
www.fcfcu.com/ 260 KB
61 KB 118ms
117ms Script
application/javascript 63.145.156.20
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fcfcu.com/component---src-banking-index-js-7c96e7634df499d63f39.js

Requested by

Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-1ea1f7d384bb8b129ca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

Software

nginx /

Resource Hash

a23d398512111c5fcf59c6dea600b61287fca0bf7b90499dcc837ee1a2b98e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fcfcu.com/ballstate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:39:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 20 Mar 2023 17:38:52 GMT
server: nginx
content-encoding: gzip
etag: W/"64189a2c-40f69"
x-farmhand: api-srv1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5A14 0
181 B 44ms
44ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=cq327qt&ref=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&upid=5ren5rh&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fcfcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 20 Mar 2023 19:39:32 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fcfcu.com/	1970-01-20 20:05:01	Name: _ga Value: GA1.2.1040184890.1679341171
.fcfcu.com/	1970-01-20 10:30:27	Name: _gid Value: GA1.2.311233.1679341171
.doubleclick.net/	1970-01-20 10:29:02	Name: test_cookie Value: CheckForPermission
.fcfcu.com/	1970-01-20 10:29:01	Name: _gat Value: 1
www.fcfcu.com/	1969-12-31 23:59:59	Name: btpdb.1PR3l09.dGZjLjc1NjM1MzU Value: U0VTU0lPTg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.dstillery.com
action.media6degrees.com
api.ipify.org
assets.interface.ai
bob.dmpxs.com
bsfcu.net
clickserv.sitescout.com
fcfcu-connect.interface.ai
fcfcu-widget.interface.ai
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
insight.adsrvr.org
js.adsrvr.org
p.typekit.net
pixel-a.basis.net
pixel.sitescout.com
pubads.g.doubleclick.net
s.btstatic.com
s.thebrighttag.com
stats.g.doubleclick.net
use.typekit.net
www.bsfcu.com
www.fcfcu.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.15.119
108.138.17.75
173.231.16.76
18.66.122.37
192.185.114.20
23.45.237.144
2600:9000:211e:a200:12:94b3:c380:93a1
2600:9000:2491:1200:15:4f24:a700:93a1
2606:4700:3031::6815:2046
2606:4700::6812:17ea
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a02:26f0:480:e::210:f10f
2a02:26f0:780::5f65:3681
3.132.183.89
44.239.51.114
52.223.40.198
63.145.156.20
98.98.134.242
98.98.134.246
05df87639e81abd46c38e131d0c518eaacf5a8c6a596324a908e9c7ba5384138
0a9c015e373c9047722f22fe8ca540ecc0bfe7fa67a76677760a2f64c24f07bd
0aeb94816ec032e67c39fbc083bcdd6b161d7d92dbc37db50cfa51072b377d2e
0be2bd30a9e468d38ee1fe3ecfb2f38a697c518f5db5336fa36cd969bc11a151
0db6f0ff15eeb5903515223caed9b6ad189527832df4f254ec40a2df28302a83
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
1d9365bce1517ad551714c48bf91e35c7e46c9bfa8f99b6602908b49da91eb7b
2286a5b1a4fdcb4364de34b2981616b0279a68dddbb2bfacd51910a01ce9a7e9
25678a07332fb75a007a096fad5d6412f55e78190ba2dc02df6c38d2354bfbfb
2819d1e722f77c6ae14d5be12750c21149f60523b7f5cd350c3950e25d910231
2887b6341fbdd2f7eb94d7d3a99d7a8167d84ef4ec772a083a05a4126ca04c32
294ae0fff50521a07608e00efcf5ddd6d518b3d8a5bf8feacc46fd827d49ded1
2db9e28cbc7303e77298b0fe5faa0a8ccaff40ea37e7585223279c11962d0d67
30bdc57e6ab23a0571f989fad6f4be3aadf1c774e81ac0633b50d726028d6aec
320d619055e91f4e7941de5d8b386df50cae8bd250cefe46d058da3035ce24cb
33d9c6a846afc08e87005ea903b39a506896bc5dfdc2544dd902f5e1ce6a3681
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804
37abf07e4910dcca7949ecd6f2e1a8d6ac969809a7f2c668b07f3ec0137219ae
43c7db19c257617111725dd2c449441796009aa687c9b258c27f5d82416c9e48
451aa9be09fceaa82675e78ef959ceb56d40efac87be513883c3e5b02434873a
47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177
531a807d2726f99bf454d32c442114aef2f053f2c6c3edd7bb5e6ad0696bb2e9
53ff7317219b58ccf50cf5e9f6a1ac43790ed0538d39c10295b2f8f217afaac8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
6173582360d88be96cd4a1fcb513661adbe551acc6aceade79d85cf369b4fa85
6d6f25e0d73902ad111b5915ec98289ce1625cf10a7e6c4331f90576967ef974
6f60089c353029c87d93a395a72e6b792e8a4f05e405b9a8355bede1dc23b3af
71f5fafbd337ba6b44aa96573cfcc1d683e731c330f772a7a9491f56673597f3
76dd997ffae23e8ea16b7e9da625fe6a99a2b3741825991c34c0060262ac95c7
7bb124a2c26ccd707cd517d9ba440bdd66ee456ff8f9af10ef318a4f2c2f5724
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d6dc445434df5642294b345c9439550818c7646eef2409a6fa4af23069a5292
7de5181efa24b35e03c3a21bd19a340f2913bfc64117e4358e8f6b3b7c23dc3e
80e83574029f2574b0702349887f0c5549a0f7380a255fc0440ae7ae7a7f3c79
81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b7f1d56aae3a609d0620edc125cf51e1a2d562e965768db79895a294f31a85
8afa64d683a45e37ef3970da4c3cbbeebbc0dea6450205c93c03bf0f962f85e9
8ce0b03e48fc59955981ac255deae1fcd188687c48d1c81140758cc009eed91c
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16eaf9458e264b7a28bfe181fecfe45923e103ea974e9f3d31920aaf13a3aa
8e1f6a1e76cd6bec380a11af4c8f2fa59ae1ffc0e8f8a68e2d5025255dc0c4e0
95a8827147009dbb66c6273a554580d0251f67bef2fd6dbb0aea14bcb8235f85
99dfe19e22d74771ee813634960ee437dc63ab3912d95ea1dbabddc60ac49ad0
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0688617859a58bb3c37b54371b910e0007228802df93fc3de3729bb045ec232
a23d398512111c5fcf59c6dea600b61287fca0bf7b90499dcc837ee1a2b98e08
aa62b8b21767c2925740b17092c3584a7a29cad72443650d2a96c54ad1819ef5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b77708c681de141cb812bdbe937fb2fbb2b96d7190897d616d9e01cc09231a61
b882fada3d97e9eb0734b2493aab35d084ea0ac6ae898dfc71b7085e0541ece0
ba56c5ed7f8ce0d8ac7d6ee4bca3a96b590d4dd44fe53ff50104d9a9702ff806
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d
c146a1710c8ce9eb9e39914d02997647b6729d2c6258b744e041671745eeb056
ca5fd78f20572527f4cddaa8a2da165a344450475daeebe506fb0a2f24fd6c9e
d0a178e1827c5949d3647226288de836fb729816a8303cf55a16cb57965569c5
d2bd9aee7e2a237239fbda7047a64c81bb698f63dde2705c83c79a686a2d0aec
d36430f9b9a3483bc7b75ffa5046506b51d0faab66450d4526edd5354083757a
d4153e2eb2c79a72b237d6538078f18ef7e77e733613c9147d76ce9942f0a0f3
e21e4a3c9ce08d52cf0177b58b1917ce8d1d45a74a9f65dc4c7217b0579b6e34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c14a0aa93874184b7ad5f22ef231fdb600a6d27d08824f7a442210a0ffabe
e8d262cd70baf682ed76d7a583c7cb2eb5c426d3433c660b0d4ac9c815bd5952
ed10aa4ebc4156c7fd0e6674d299cc4393b5c439d27c3f0e733ee95ec4a0cef0
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fd3658e7d4f8768cf73a41178af40d1171e4c1e00949dedf57feededc30e6f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8d4e69d61b728417c005fa49d406b1ec0f8f746a5df0de4412f2b2f78e0393b
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447
fb44c281e82bc24e36d2deac4a6b10f316e5863b6c88c752c857df67f00f150e
fcbee71106eb141ee650f11b4c83ad238df4ccfb2f24322f4d89b10f098500cf
ff2318ae1231dfa1d78358111a2c6bdaabf2ee02ecf3a8d337180a28e1cfb267
ff74952acc1f144cbb168ea7436839b8199a5e021f93d50293719a7ba92e7364

www.fcfcu.com Open in urlscan Pro 63.145.156.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

54 %IPv6

22 Domains

28 Subdomains

25 IPs

3 Countries

2554 kBTransfer

6151 kBSize

5 Cookies

11 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fcfcu.com Open in urlscan Pro
63.145.156.20 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

25
IPs

3
Countries

2554 kB
Transfer

6151 kB
Size

5
Cookies

79 HTTP transactions
9 data transactions