www.ffb.com Open in urlscan Pro
74.200.39.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.ffbemail.com/?qs=6fa300ac258c4dc92067429e88b3156620086df732dd239fa827791fca5129e9557fae71c67221ea9c7b47c274cd...
Effective URL:
https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.f...
Submission: On November 09 via api (November 9th 2022, 2:25:22 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 107 HTTP transactions. The main IP is 74.200.39.25, located in Anna, United States and belongs to JACKHENRY, US. The main domain is www.ffb.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 23rd 2022. Valid for: a year.

This is the only time www.ffb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.228.43 13.111.228.43	22606 (EXACT-7) (EXACT-7)
18	74.200.39.25 74.200.39.25	14010 (JACKHENRY) (JACKHENRY)
5	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	52.189.67.130 52.189.67.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
23	8.21.164.114 8.21.164.114	32308 (8X8-AS) (8X8-AS)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	138.128.247.123 138.128.247.123	36007 (KAMATERA) (KAMATERA)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	63.34.213.108 63.34.213.108	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	108.158.56.121 108.158.56.121	16509 (AMAZON-02) (AMAZON-02)
4	44.206.39.165 44.206.39.165	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
16	18.66.112.25 18.66.112.25	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	83.229.67.229 83.229.67.229	36007 (KAMATERA) (KAMATERA)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
107	26

1 13.111.228.43 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.ffbemail.com

click.ffbemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 74.200.39.25 (Anna, United States)

ASN14010 (JACKHENRY, US)
PTR: www.bankofoxford.com

www.ffb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.189.67.130 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

banno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kernel-serve.banno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 8.21.164.114 (United States)

ASN32308 (8X8-AS, US)
PTR: linux204.mycontactual.com

vcc-na14b.8x8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web1.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

9214061.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.213.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-213-108.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.56.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-56-121.bom78.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.206.39.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-39-165.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.112.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-25.fra56.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.229.67.229 (New York, United States)

ASN36007 (KAMATERA, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	8x8.com vcc-na14b.8x8.com — Cisco Umbrella Rank: 418228	179 KB
18	ffb.com www.ffb.com	166 KB
16	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409	3 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 9214061.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	4 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5922	845 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	357 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355 www.linkedin.com — Cisco Umbrella Rank: 576 px4.ads.linkedin.com — Cisco Umbrella Rank: 6256	4 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2846	7 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3870 cdn.acsbapp.com — Cisco Umbrella Rank: 4336 web1.acsbapp.com — Cisco Umbrella Rank: 5175	166 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	banno.com banno.com — Cisco Umbrella Rank: 27489 kernel-serve.banno.com — Cisco Umbrella Rank: 87737	124 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3148	191 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1393 insight.adsrvr.org — Cisco Umbrella Rank: 573	3 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 716	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 4354	4 KB
1	ffbemail.com 1 redirects click.ffbemail.com	342 B
107	21

	Domain	Requested by
23	vcc-na14b.8x8.com	www.ffb.com vcc-na14b.8x8.com
18	www.ffb.com	www.ffb.com
16	cdn.linkedin.oribi.io	snap.licdn.com
5	www.google.de	www.ffb.com
5	www.googletagmanager.com	www.ffb.com www.googletagmanager.com
4	www.google.com	www.ffb.com
4	tags.srv.stackadapt.com	www.ffb.com tags.srv.stackadapt.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.ffb.com www.google-analytics.com
2	cdn.acsbapp.com	acsbapp.com
2	www.facebook.com	www.ffb.com
2	pixel.sitescout.com	9214061.fls.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	9214061.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	snap.licdn.com	www.ffb.com snap.licdn.com
2	kernel-serve.banno.com	www.ffb.com kernel-serve.banno.com
2	connect.facebook.net	www.ffb.com connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	vcc-na14b.8x8.com
1	web1.acsbapp.com
1	insight.adsrvr.org	js.adsrvr.org
1	adservice.google.com	9214061.fls.doubleclick.net
1	px4.ads.linkedin.com	www.ffb.com
1	www.linkedin.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	resources.xg4ken.com	www.ffb.com
1	acsbapp.com	www.ffb.com
1	banno.com	www.ffb.com
1	click.ffbemail.com	1 redirects
107	31

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
app.ffb.com
ffb.getfeedback.com
gobank.ffb.com
ffb.truecar.com
www.ffb-fg.com
ffb.covrtech.com
orderpoint.deluxe.com
www.deluxe.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com
portal.hud.gov
www.fdic.gov

Subject Issuer	Validity	Valid
www.ffb.com GeoTrust EV RSA CA 2018	`2022-02-23` - `2023-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.banno.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-06` - `2023-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.8x8.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-24` - `2023-03-25`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.acsbapp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-28` - `2023-10-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2022-09-19` - `2022-12-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Frame ID: 5CBB381CA31B3472B0A56AF915F4688C
Requests: 72 HTTP requests in this frame

Frame: https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410
Frame ID: A66235B1B642928782422BC6A610CAF9
Requests: 3 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: A4973881AA4D42C3721DA8A50D9F523E
Requests: 1 HTTP requests in this frame

Frame: https://vcc-na14b.8x8.com/CHAT/common/html/config-broker.html
Frame ID: 470A009FFFADBD0E07BB99E35DE9E1B4
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=j0tqlub&ref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&upid=rcy49o3&upv=1.1.0
Frame ID: 72AAC232A7DE5371E713E7533FE629F8
Requests: 1 HTTP requests in this frame

Frame: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
Frame ID: CF0D294FEC83ED13FF9568D358A0FB12
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact Us - First Fidelity Bank

Page URL History Show full URLs

https://click.ffbemail.com/?qs=6fa300ac258c4dc92067429e88b3156620086df732dd239fa827791fca5129e9557fae71... HTTP 302
https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term... Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

31
Subdomains

26
IPs

5
Countries

1170 kB
Transfer

3390 kB
Size

24
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://get.adobe.com/reader/
Title: Download Acrobat Reader X or higher to view PDF files (opens in a new window)

Search URL Search Domain Scan URL

URL: https://app.ffb.com/c/scheduler
Title: Schedule an Appointment (opens in a new window)

Search URL Search Domain Scan URL

URL: https://ffb.getfeedback.com/r/98dZxB11/
Title: Survey (opens in a new window)

Search URL Search Domain Scan URL

URL: https://gobank.ffb.com/
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://ffb.truecar.com/main.html?referrer_id=ZFFBSTAC0002
Title: Auto Center (opens in a new window)

Search URL Search Domain Scan URL

URL: http://www.ffb-fg.com/
Title: First Fidelity Financial Group

Search URL Search Domain Scan URL

URL: https://ffb.covrtech.com/
Title: Personal Insurance (opens in a new window)

Search URL Search Domain Scan URL

URL: http://www.ffb-fg.com/resource-center/calculators
Title: Insurance Calculators

Search URL Search Domain Scan URL

URL: https://gobank.ffb.com/enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://orderpoint.deluxe.com/personal-checks/welcome.htm
Title: Order Personal Checks (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.deluxe.com/shopdeluxe/home
Title: Order Business Checks (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gobankffb
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gobankffb/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/gobankffb
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bankffb
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChL1gN6siNL7n8rk2bmoZEw
Title: YouTube

Search URL Search Domain Scan URL

URL: http://portal.hud.gov/hudportal/HUD

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.ffbemail.com/?qs=6fa300ac258c4dc92067429e88b3156620086df732dd239fa827791fca5129e9557fae71c67221ea9c7b47c274cdf7892cd5f2c66c2add48 HTTP 302
https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://9214061.fls.doubleclick.net/activityi;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410 HTTP 302
https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4070932%252C2705378%26time%3D1668003916814%26url%3Dhttps%253A%252F%252Fwww.ffb.com%252Fcontact-us%253Futm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253DJ11-Survey%2526utm_term%253Dhttps%25253a%25252f%25252fwww.ffb.com%25252fcontact-us%2526utm_id%253D1917873%2526sfmc_id%253D86249410%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tm=gtmv2&liSync=true&e_ipv6=AQLeaiK1tBaaxwAAAYRcx-22Reuvd9QNkmSnovho5SLJkEixffQ6JGbxtADNF0olZiNv0X0kh1w0

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request contact-us Show response
www.ffb.com/
Redirect Chain

https://click.ffbemail.com/?qs=6fa300ac258c4dc92067429e88b3156620086df732dd239fa827791fca5129e9557fae71c67221ea9c7b47c274cdf7892cd5f2c66c2add48
https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

38 KB
11 KB

631ms
301ms

Document
text/html

74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

9504ce24abd7a9d70a8db17cedc6cfdfd366a1e13ae0fba7536fd7782f828ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 10423
content-type: text/html; charset=utf-8
date: Wed, 09 Nov 2022 14:25:16 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=16070400
vary: Accept-Encoding
via: varnish
x-ad-insert-result: success
x-b3-traceid: c69506b4516fcf98
x-content-type-options: nosniff
x-envoy-upstream-service-time: 74
x-frame-options: SAMEORIGIN
x-request-id: c828d3a9-07d4-4fdd-91de-9b52938b930f
x-varnish: 22530968
x-varnish-count: 0
x-varnish-hitmiss: MISS
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 304
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Nov 2022 14:25:15 GMT
Location: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

GET
H2 200 captcha-default.css
www.ffb.com/assets/captcha/ 368 B
678 B 143ms
142ms Stylesheet
text/css 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/captcha/captcha-default.css

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

17e61577e0f59de86528e8794eee3a8a6a596a64936bcad5510f3c76be2c3a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: f5895e03fe83f5d8
age: 78899
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-length: 176
x-xss-protection: 1; mode=block
x-request-id: c9a4c021-253c-40d3-b081-b2a7164d56c2
x-varnish-count: 24
last-modified: Thu, 03 Nov 2022 14:43:44 GMT
server: nginx
etag: "cb6e2295774f128c51ecbe6ab302789c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-varnish: 20150582 3016682
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 style.css
www.ffb.com/assets/css/ 116 KB
21 KB 146ms
146ms Stylesheet
text/css 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/css/style.css?v=ada2018

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

48e0e6affd32a6bf470021ccf9f5e52c3d3fa3c428bb628a6864f431dde89fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 830f38f50c6be2da
age: 79279
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="style.css"
content-length: 21148
x-xss-protection: 1; mode=block
x-request-id: 09606200-505f-4041-b73f-c89bc7b7362c
x-varnish-count: 1457
last-modified: Mon, 22 Aug 2022 16:34:47 GMT
server: nginx
etag: "11e45768e43be7940d7a21423adee2b2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-varnish: 21712777 2621520
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:23:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 101ms
41ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YPJP8WX217

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a12cc56a7286df7594bb7a6e461a5f7ad3076c0160f31f63af0fec1ec12e5794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Nov 2022 14:25:16 GMT

GET
H2 200 Loan%20Payment%20Button.png
www.ffb.com/assets/files/q7nipfr4/ 13 KB
13 KB 256ms
253ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/files/q7nipfr4/Loan%20Payment%20Button.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

6931107308465467b3a8f84fdcaf97cafde8a5b6b03e600f87126948abc29db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: a505a189b93250f9
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 7
content-disposition: filename="Loan Payment Button.png"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 83852414-b52d-44c2-aa53-45066a94a2f8
last-modified: Wed, 22 May 2019 13:13:25 GMT
server: nginx
etag: "9e9eb33ea3280ab0183c1d4380aae598"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 19918964
cache-control: private
accept-ranges: bytes
expires: Wed, 09 Nov 2022 14:25:16 GMT

GET
H2 200 c99864a0-59ae-11e9-8491-024280f98a49
banno.com/a/assets/api/institutions/7027/assets/ 117 KB
118 KB 588ms
290ms Image
image/png 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banno.com/a/assets/api/institutions/7027/assets/c99864a0-59ae-11e9-8491-024280f98a49

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b26b9667bc1a15dc3a11073ca23b99a23eec7c4ee138273d0f157211f369ac31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=15724800
x-b3-traceid: f90f34f79e28dda0
etag: "c9988bb0-59ae-11e9-8491-024280f98a49"
content-type: image/png
x-b3-spanid: 2067bb98016ce071
x-b3-parentspanid: f90f34f79e28dda0
x-b3-sampled: 1
x-envoy-upstream-service-time: 3
x-request-id: b36b094a634aa2b53fee73dd27f4a317

GET
H2 200 ehl.png
www.ffb.com/assets/img/ 473 B
991 B 248ms
246ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/img/ehl.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

5885233e5f706d410ec53151088c0ad818f3dd753e6bd3b144d7af84367d8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 03fa62b87cb997a7
age: 79267
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="ehl.png"
content-length: 473
x-xss-protection: 1; mode=block
x-request-id: 48ea6b60-cbc4-43ff-b8bd-65c5fc17d793
x-varnish-count: 1295
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "bd4726bb0461a86cf0b245f0a3e68db8"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 19918963 1900830
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:24:09 GMT

GET
H2 200 fdic.png
www.ffb.com/assets/img/ 425 B
942 B 255ms
253ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/img/fdic.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

b964b7d5d54765710d16ca8d9edaa11c796aa80af25cfed497db21e5102a0356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 7f5571a5ec3ae58a
age: 79313
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="fdic.png"
content-length: 425
x-xss-protection: 1; mode=block
x-request-id: 05f3dbf7-7572-4d71-8b12-60b325d40f4e
x-varnish-count: 1308
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "335e39de8a57a0877459014b02a17f03"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 24058041 622645
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:23:23 GMT

GET
H2 200 jquery.min.js Show response
www.ffb.com/assets/js/ 131 KB
39 KB 135ms
134ms Script
application/javascript 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/js/jquery.min.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

a15e7ab0cdd40a841038224e43fb31bc3220f0f9d167157fd65bfcf0cc5a9836

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 294b3a96217f265b
age: 79345
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="jquery.min.js"
content-length: 39104
x-xss-protection: 1; mode=block
x-request-id: abc76b76-239f-410d-952e-b95a7d02c550
x-varnish-count: 1944
last-modified: Mon, 22 Aug 2022 16:34:49 GMT
server: nginx
etag: "2c9a0382072da9e2b96d8e53c91567c9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 22621492 1671409
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:22:51 GMT

GET
H2 200 script.min.js Show response
www.ffb.com/assets/js/ 152 KB
40 KB 148ms
147ms Script
application/javascript 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/js/script.min.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

1d46c6be4e5d5bdd34d4e7ef5908ce410477b93d10154b0d3c568300f474280c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 3e4c80a99b16ba14
age: 79228
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="script.min.js"
content-length: 40224
x-xss-protection: 1; mode=block
x-request-id: e49d625e-f2c4-48eb-ae0d-879bb1dfd985
x-varnish-count: 1822
last-modified: Mon, 22 Aug 2022 16:34:49 GMT
server: nginx
etag: "b1832cd826f89b3893d489b80f7b4198"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 24413992 819399
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:24:47 GMT

GET
H2 200 disclaimers.js Show response
www.ffb.com/assets/target/ 3 KB
2 KB 147ms
146ms Script
application/javascript 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/target/disclaimers.js?bh=6ec32b

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: b06d089202b44ecb
age: 79293
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-length: 1400
x-xss-protection: 1; mode=block
x-request-id: 0e445fc3-0ade-465e-87c7-cd1c112c584c
x-varnish-count: 1089
last-modified: Thu, 03 Nov 2022 15:03:56 GMT
server: nginx
etag: "cb6e2295774f128c51ecbe6ab302789c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-varnish: 22172075 4849704
cache-control: public, max-age=15552000
accept-ranges: bytes
expires: Sun, 07 May 2023 16:23:43 GMT

GET
H2 200 captcha.js Show response
www.ffb.com/assets/target/ 7 KB
3 KB 253ms
251ms Script
application/javascript 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/target/captcha.js?bh=6ec32b

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

07d9cd1b49e3ae4c4aeb99096e5d64ae901de69b5eece48d510c230ce0f0e9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 593c7781c72b1463
age: 76255
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-length: 2242
x-xss-protection: 1; mode=block
x-request-id: 19438eac-ec02-4c8c-8de4-257d21a36738
x-varnish-count: 24
last-modified: Thu, 03 Nov 2022 15:03:56 GMT
server: nginx
etag: "cb6e2295774f128c51ecbe6ab302789c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-varnish: 24316424 3937121
cache-control: public, max-age=15552000
accept-ranges: bytes
expires: Sun, 07 May 2023 17:14:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
60 KB 123ms
80ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GNPLG3

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81f4d9198df24f4527eb72d21537f6c69a033ad39d98f08af5133eecc170be7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61375
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Nov 2022 14:25:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
80 KB 138ms
95ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53NPPCG

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fefc224ba61820c7d6a1e92abb9341a730b90830358c37172fd48afadb108ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81696
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Nov 2022 14:25:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Nov 2022 14:25:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IEt5LPBxS0JTZa2UjOzE/4htunRZhgOpYJW61BlhT008wnpALgI+9sNzQfZU5VWfpO+K45UcLARP5MQLzGFPGA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 first-fidelity-na.svg
www.ffb.com/assets/img/ 8 KB
3 KB 246ms
245ms Image
image/svg+xml 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/img/first-fidelity-na.svg

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/assets/css/style.css?v=ada2018

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

c1ac460eaa7745b05bc98e05f5008da2518a316f6bada79951678abf6fe7c94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/assets/css/style.css?v=ada2018
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: feb5919757556fa7
age: 79313
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="first-fidelity-na.svg"
content-length: 2906
x-xss-protection: 1; mode=block
x-request-id: 8dd433d1-c60e-4442-9640-1a0d9f1d5ba9
x-varnish-count: 1344
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "1d5f72917893b30dd65224a1454bced8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-varnish: 10733046 1376285
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:24:37 GMT

GET
H2 200 sprites.png
www.ffb.com/assets/img/ 7 KB
7 KB 246ms
245ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/img/sprites.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/assets/css/style.css?v=ada2018

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

16292a6289d78199c113fad28f3027e16f8841c997aaf143b7d1c3a573da79f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/assets/css/style.css?v=ada2018
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: dd7590b0b5a7fb98
age: 79225
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sprites.png"
content-length: 6952
x-xss-protection: 1; mode=block
x-request-id: dab13d7e-28af-483e-a2d2-5052dad43b1b
x-varnish-count: 850
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "eadd2d3c42fb900e1120466ccb16538e"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 23992393 3211403
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:24:50 GMT

GET
H2 200 search.png
www.ffb.com/assets/img/ 396 B
914 B 254ms
254ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/assets/img/search.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/assets/css/style.css?v=ada2018

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

da0b793f31216f3330e639f16150c724033bee45d321cc4499e0b7b491625982

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/assets/css/style.css?v=ada2018
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 2a91a09741948a9e
age: 79326
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="search.png"
content-length: 396
x-xss-protection: 1; mode=block
x-request-id: f7fc4516-dd8d-49c5-af99-06436eb809d1
x-varnish-count: 954
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "891d9a82c6ea1049ad4686b1c36e533c"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 8647699 3539184
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:23:10 GMT

GET
H2 200 673320523123864 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 160ms
159ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/673320523123864?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

364fb07775fde6a9867a6bc68db2c1ef022bf997aa845d2145299790ad9136d3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Nov 2022 14:25:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JO7KZljXinnhK8GaP09jMlcdITSldlrpRNoQUrnXoWiG/IJrngP68kGYZM26QuRISGgWu3IDr8ZTFhNUtvkIYA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK chat.js Show response
vcc-na14b.8x8.com/CHAT/common/js/ 20 KB
6 KB 959ms
169ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/chat.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

375e78adbe5cec0ebf6a9e1080bd3de05edef845d4cdabca0a51aad1b559ed18

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:18:00 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 5704
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 13:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 09 Nov 2022 15:15:54 GMT

GET
H2 200 kernel.js Show response
kernel-serve.banno.com/ 6 KB
6 KB 524ms
164ms Script
application/javascript 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kernel-serve.banno.com/kernel.js

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7cae47a88d24c17da61cc71f1baf4614bee4655d81280c92fc2475747ce34230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
strict-transport-security: max-age=15724800
x-b3-traceid: 6298cf801ed0290e
etag: "13313E3976F35F88B2181A14ED86D18A"
content-type: application/javascript
x-envoy-upstream-service-time: 0
content-length: 5713
x-request-id: 422874956cc29cd79462e33f99fb01ec

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
640 B 89ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 32dc60f0505bcf00bcdff838e34496f9ec99898671d18e042328252936f28e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=37420
accept-ranges: bytes
content-length: 472

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 427 KB
139 KB 410ms
204ms Script
application/x-javascript 138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: e7bd8851b07a73755dbbd07fe9def642394581ebab2171e38173dacbfc062aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 18:06:07 GMT
etag: "6aab4-6361600f-af3ebb833015feec;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 142347
expires: Thu, 10 Nov 2022 14:25:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/760563991/ 2 KB
2 KB 90ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760563991/?random=1668003916621&cv=11&fst=1668003916621&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&auid=74594627.1668003917&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNPLG3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38f301e7bc87a8cd5a44cecc9d83624345aafc7548283413d9b8d9681d14254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 964
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_sourc... Show response
9214061.fls.doubleclick.net/ Frame A662
Redirect Chain

https://9214061.fls.doubleclick.net/activityi;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_sou...
https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2F...

1 KB
601 B

102ms
61ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNPLG3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

61358dafd9664897512410b6db294dbc7f2204ef89f7f9c14cde3483bf600ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ffb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 576
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 14:25:16 GMT
expires: Wed, 09 Nov 2022 14:25:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 14:25:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 409ms
42ms Script
text/plain 63.34.213.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2BAB-3ED

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.213.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-213-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e0eeac54bf3808bccba4fa2b52734bdfc5e70e690ef47a59d68c2037f4d86c7c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 07:26:31 GMT
server: nginx
etag: "6358e127-dd8"
content-type: text/plain
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 14:25:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 85ms
40ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YPJP8WX217&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNPLG3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e2ea2d2cb35ba3d80c4af7328af7a5c53c46b1eddbe689300e2b8a7c966094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Nov 2022 14:25:16 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
345 B 87ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YPJP8WX217&gtm=2oeb70&_p=141003561&_gaz=1&cid=1711502684.1668003917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668003916&sct=1&seg=0&dl=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&dt=Contact%20Us%20-%20First%20Fidelity%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YPJP8WX217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 89ms
30ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YPJP8WX217&cid=1711502684.1668003917&gtm=2oeb70&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YPJP8WX217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 116ms
59ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YPJP8WX217&cid=1711502684.1668003917&gtm=2oeb70&aip=1&z=1996751410

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 583ms
187ms Script
application/x-javascript 108.158.56.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53NPPCG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.56.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-56-121.bom78.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 08 Nov 2022 17:27:07 GMT
Content-Encoding: gzip
Via: 1.1 7fadec67483932afc5d1809c0659de34.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: BOM78-P4
Age: 75491
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 07xmdmDpT2i6sT_d8NiigK80z22rqDvwj6vEU8R0KNZNj4kPKFa37g==

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 471ms
114ms Script
text/javascript 44.206.39.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.39.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-39-165.compute-1.amazonaws.com
Software: /
Resource Hash: 086b75604e29ad81128b89423cb30ef74c5c12073e88eda1b3dd56a52d15e25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Nov 2022 14:25:17 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5391
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-332417914

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53NPPCG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd9e7d53b6534a9e7c9e4fcdb9a42db1e507a09330576b7051427c3212b535b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68684
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Nov 2022 14:25:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 69ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=141003561&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&ul=en-us&de=UTF-8&dt=Contact%20Us%20-%20First%20Fidelity%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1835274522&gjid=2139958539&cid=1711502684.1668003917&tid=UA-59606914-1&_gid=333938426.1668003917&_r=1&_slc=1&z=1865749949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
29ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=141003561&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&ul=en-us&de=UTF-8&dt=Contact%20Us%20-%20First%20Fidelity%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1867333484&gjid=1429979061&cid=1711502684.1668003917&tid=UA-59606914-1&_gid=333938426.1668003917&_r=1&gtm=2wgb7053NPPCG&z=1519053612

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 23ms
22ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=37427
accept-ranges: bytes
content-length: 4530

GET
H2 200 /
www.google.com/pagead/1p-user-list/760563991/ 42 B
548 B 82ms
32ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/760563991/?random=1668003916621&cv=11&fst=1668002400000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&fmt=3&is_vtc=1&random=2189182225&rmt_tld=0&ipr=y

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/760563991/ 42 B
548 B 35ms
35ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/760563991/?random=1668003916621&cv=11&fst=1668002400000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&fmt=3&is_vtc=1&random=2189182225&rmt_tld=1&ipr=y

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 disclaimer Show response
www.ffb.com/_/api/ 2 KB
1 KB 136ms
136ms XHR
application/json 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/_/api/disclaimer

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/assets/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

e27dbd4139165e2dee5d44bd5ad3ba8f37a081da8355180b1413aa9dff9852f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: d5da86806b81df8e
age: 0
x-varnish-ttl: 0.000
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 3
content-length: 803
x-xss-protection: 1; mode=block
x-request-id: 05eba3c9-23db-428c-88c1-6ff008ef1925
x-varnish-count: 0
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-varnish: 21491261
cache-control: public, max-age=0
accept-ranges: bytes
expires: Wed, 09 Nov 2022 14:25:16 GMT

POST
H2 200 captcha Show response
www.ffb.com/_/api/ 100 B
565 B 193ms
193ms XHR
application/json 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/_/api/captcha

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/assets/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

6c09fca0c211d32cfce2282b301c83ef46e687822e3ad6e6c9d2237aec790a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: f4b4292794e25a23
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 22
content-length: 83
x-xss-protection: 1; mode=block
x-request-id: c9b46fa8-1c6f-4e5e-9dcd-c280e2ae1a17
x-varnish-count: 0
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-varnish: 24381619
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 85ms
29ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1835274522&gjid=2139958539&_gid=333938426.1668003917&_u=IADAAEAAAAAAACAAI~&z=971066454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
373 B 25ms
25ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 1_2G0bBU06JBIdXlc3t1YX07R0Crj3ATcQCPQn367riC1-82VN2stQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 78ms
22ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: HTKp4wOc3o5UPdhV3gdiOAYW3osBHOSBsUZQkAvgJIL0BxdFpTrqtQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 76ms
21ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: HMZ0EugHBb4f0JzA9xbRP_NVJTLBySuqEBPALZ0BNifCAND5l1VrjA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
375 B 26ms
25ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: H8X7p8shlMWqsV5LDOLmhhClZhBcrdUIXjNjq2124vKiU2cGSwjE-g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
374 B 27ms
25ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: kpeIkT2pb5dpgTnb8qVr2onjEt1F3Iw4cpfbzyV_srqsBAPlCI7YsA==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 79ms
25ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: BhzyX_W5H-msiR_eOXG0XnBBfLHAORRx5b7939RLcbD1FBCFPRahQA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
376 B 26ms
24ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: yhKP4fixb4cX-SSAEDdGF1rjO1fpZC_kZQx2NBmSabGGkjs3B3iRDw==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 77ms
25ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: joud_xsYiG0kuABjtztm05nkh-5A152-UVnX9-Hgc17WE1P74454RA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
377 B 26ms
23ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: ZB8JcUqqYtCSVAzyoOH_Vv0JVk4MFIqIMXQuIk5NjGN2DMZntgBWPQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 76ms
24ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: 4CZiuDU1srAn3QyvMxZoB3jNRn3p6RxJTjmCK8HA7SKM9uLAv34oEQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
375 B 26ms
23ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: HIC4NNaG0bfWVtEE-eg-jV6ALgQyGYuvowsKd4lMmho3QEdigz6VhQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 74ms
24ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: qnH-8380syqrU-hEiqnTn34DvZDbvWdRXlU1VsdIpePuBCqsj9ptJQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 76ms
30ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1867333484&gjid=1429979061&_gid=333938426.1668003917&_u=YADAAEABAAAAACAAI~&z=387280731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
375 B 27ms
23ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: u1_mCeJndYVu0uLev6OwRlSqfqwOyLL6zu_KftYiO304j99HWZuXkw==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 71ms
23ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: blO9fmGz84wRb_G-lFWYrB2VSfN5ACnQLoAkA2YzG2Ee9AOZHRLIxw==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Surv...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4070932%252C2705378%26time%3D1668003916814%26url%3Dhttps%253A%252F%252Fwww.ffb.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Surv...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Sur...

0
264 B

184ms
129ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tm=gtmv2&liSync=true&e_ipv6=AQLeaiK1tBaaxwAAAYRcx-22Reuvd9QNkmSnovho5SLJkEixffQ6JGbxtADNF0olZiNv0X0kh1w0
Requested by: Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8B5C7ABA3D934DA5839418BA38DD5D83 Ref B: FRAEDGE1213 Ref C: 2022-11-09T14:25:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtCmz7hyHffKP8qn2lCg==

Redirect headers

date: Wed, 09 Nov 2022 14:25:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 72C56153AE504274B0CB5BEC4EBA1E80 Ref B: FRAEDGE1517 Ref C: 2022-11-09T14:25:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4070932%2C2705378&time=1668003916814&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tm=gtmv2&liSync=true&e_ipv6=AQLeaiK1tBaaxwAAAYRcx-22Reuvd9QNkmSnovho5SLJkEixffQ6JGbxtADNF0olZiNv0X0kh1w0
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtCmz4ZE6Y2N1PHc0GHw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ 36 B
375 B 24ms
24ms XHR
application/json 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.ffb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 13:33:06 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3130
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 5-fSCN0-A7zHsFWSPWNhMpV1ZZ3yRUaa5hFYAS84NfS_7Vly7_P6oA==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/ Frame 0
0 66ms
23ms Preflight 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4070932,2705378/domain/ffb.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ffb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33251
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 09 Nov 2022 05:11:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: lbfnizw6Ok-GVdcQkCUyfBfPSEr54Qd93zHCsShvFDTmPLYWeYoc8Q==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 107ms
59ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1835274522&_u=IADAAEAAAAAAACAAI~&z=1623327309

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 121ms
67ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1835274522&_u=IADAAEAAAAAAACAAI~&z=1623327309

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 108ms
60ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1867333484&_u=YADAAEABAAAAACAAI~&z=428397751

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 122ms
68ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59606914-1&cid=1711502684.1668003917&jid=1867333484&_u=YADAAEABAAAAACAAI~&z=428397751

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=*;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demai...
adservice.google.com/ddm/fls/z/ Frame A662 42 B
494 B 110ms
60ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=*;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410

Requested by

Host: 9214061.fls.doubleclick.net
URL: https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9214061.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame A497 0
0 131ms
49ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 9214061.fls.doubleclick.net
URL: https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://9214061.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 09 Nov 2022 14:25:16 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 204 fa92752d77c545a2
pixel.sitescout.com/iap/ Frame A662 0
191 B 130ms
47ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/fa92752d77c545a2
Requested by: Host: 9214061.fls.doubleclick.net
URL: https://9214061.fls.doubleclick.net/activityi;dc_pre=CNiWx-emofsCFRncsgodjckFQQ;src=9214061;type=rtfmi0;cat=dnr_r0;ord=1;num=9656843236906;gtm=2wgb70;auiddc=74594627.1668003917;~oref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9214061.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 09 Nov 2022 14:25:16 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 75ms
21ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=673320523123864&ev=PageView&dl=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&rl=&if=false&ts=1668003916988&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668003916987.1684363529&it=1668003916557&coo=false&rqm=GET

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 09 Nov 2022 14:25:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 550257e1-603a-11ed-8bbe-0242c24f8f5a.png
www.ffb.com/_/api/captcha/image/ 1 KB
2 KB 144ms
143ms Image
image/png 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffb.com/_/api/captcha/image/550257e1-603a-11ed-8bbe-0242c24f8f5a.png

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

10598f5a945668e72826e5d09c825d9032369b4eeaf7b5e5f7330d4afc3df6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 4b256fb00627804f
age: 0
x-varnish-ttl: 0.000
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-length: 1430
x-xss-protection: 1; mode=block
x-request-id: d8b6411f-a129-48be-a8ba-ae799afb16e3
x-varnish-count: 0
server: nginx
etag: "04946716b281f325981705e5766f4109"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 23116832
cache-control: public, max-age=8640000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 14:25:17 GMT

GET
H2 200 visit Show response
kernel-serve.banno.com/institutions/bd22c266-ec46-4d92-b47b-118400004213/profiles/5496c4d0-603a-11ed-8877-0242bcb68289/ 0
205 B 190ms
188ms Script
application/javascript 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kernel-serve.banno.com/institutions/bd22c266-ec46-4d92-b47b-118400004213/profiles/5496c4d0-603a-11ed-8877-0242bcb68289/visit?keywords=bank,%20oklahoma,%20arizona,%20first%20fidelity%20bank,%20ffb,%20contact,%20phone,%20email,%20mail,%20secure&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410

Requested by

Host: kernel-serve.banno.com
URL: https://kernel-serve.banno.com/kernel.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
strict-transport-security: max-age=15724800
x-b3-traceid: f718b7e6597e08b4
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0
x-envoy-upstream-service-time: 10
content-length: 0
x-request-id: db819f4d0e65796496c2cbbe2f3d3abb

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 127ms
125ms Stylesheet
text/css 44.206.39.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.39.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-39-165.compute-1.amazonaws.com
Software: /
Resource Hash: 385522688155f96e835e80b22d8774ee2bfbe3c1299191183ae71c075a44ce83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Nov 2022 14:25:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 456ms
115ms Fetch
image/jpeg 44.206.39.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.39.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-39-165.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Nov 2022 14:25:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/ffb.com/ 159 B
346 B 311ms
102ms Fetch
application/json 83.229.67.229
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/ffb.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 83.229.67.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 8c54296891c38d289fba1d1f42abb54c4810a70a8010790188443e1bcb73c761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
last-modified: Wed, 09 Nov 2022 14:23:16 GMT
etag: "9f-636bb7d4-bfee136b09911dde;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 159
expires: Thu, 10 Nov 2022 14:25:17 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/332417914/ 2 KB
1005 B 81ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332417914/?random=1668003917302&cv=11&fst=1668003917302&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&auid=74594627.1668003917&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-332417914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5af540519e037579fac36f1b55a5095c0f9e8b702d004ba3a4193e7852f9e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/332417914/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/332417914/?random=1668003917302&cv=11&fst=1668002400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097610344&rmt_tld=0&ipr=y

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/332417914/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/332417914/?random=1668003917302&cv=11&fst=1668002400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&tiba=Contact%20Us%20-%20First%20Fidelity%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097610344&rmt_tld=1&ipr=y

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 14:25:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 45ms
20ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=673320523123864&ev=Microdata&dl=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&rl=&if=false&ts=1668003917492&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20Contact%20Us%20-%20First%20Fidelity%20Bank%5Cn%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Contact%20First%20Fidelity%20Bank%20by%20phone%2C%20mail%2C%20email%2C%20or%20by%20sending%20a%20secure%20email.%22%2C%22meta%3Akeywords%22%3A%22bank%2C%20oklahoma%2C%20arizona%2C%20first%20fidelity%20bank%2C%20ffb%2C%20contact%2C%20phone%2C%20email%2C%20mail%2C%20secure%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A130%2C%22w%22%3A205%7D%2C%22properties%22%3A%7B%22logo%22%3A%22First%20Fidelity%20Bank%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBankOrCreditUnion%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1668003916987.1684363529&it=1668003916557&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 09 Nov 2022 14:25:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 238 KB
25 KB 210ms
210ms Fetch
application/json 83.229.67.229
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 83.229.67.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 03f7fce5e0936a5f59921e0482c73abb8a474d4a53749e0f141727bebbb1719a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
content-encoding: br
last-modified: Sun, 06 Nov 2022 16:24:03 GMT
etag: "3b8a8-6367dfa3-51b46ab52c9d7b04;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25891
expires: Thu, 10 Nov 2022 14:25:17 GMT

GET
H/1.1 200
OK config-broker.html Show response
vcc-na14b.8x8.com/CHAT/common/html/ Frame 470A 1 KB
882 B 169ms
169ms Document
text/html 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/html/config-broker.html

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/CHAT/common/js/chat.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

a59ecd7ca41219d99637d61086c2441760f0d4ffbc554d0c0862874628974528

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 09 Nov 2022 14:25:17 GMT
Last-Modified: Mon, 31 Oct 2022 13:16:09 GMT
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
416 B 111ms
111ms XHR
text/plain 44.206.39.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=kMCNsxDaaTj5xe_SZurdWw&is_js=true&landing_url=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&t=Contact%20Us%20-%20First%20Fidelity%20Bank&tip=_hNsZY4JHIf29Shv4DuZHNB-VLdldkDUn0DuLt54TrE&host=https://www.ffb.com&sa_conv_data_css_value=%20%220-46ae18d5-0812-4479-63d4-442ecfe892c8%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd991399654313043935099e184c7af5ed1d972da17&sa-user-id-v2=s%253ARq4Y1QgSRHlj1EQuz-iSyNly2hc.X0X8vJAb%252BeKePCvlaKUjIIXKEpP%252BuGgOUty66yklkJo&sa-user-id=s%253A0-46ae18d5-0812-4479-63d4-442ecfe892c8.lkG3ECZGZa%252BCfmjKM07n43yS4AFLWAmML4%252FapTe3R24
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.39.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-39-165.compute-1.amazonaws.com
Software: /
Resource Hash: 8bdeff6ba40afccf3009559198c5356e4aa122d0f14f04385576e953682927f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.ffb.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H2 200 fonts.css Show response
www.ffb.com/assets/css/ 2 KB
872 B 142ms
140ms XHR
text/css 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/css/fonts.css?v=11242014

Requested by

Host: www.ffb.com
URL: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

6e3c5e17d37ca033a1065ad370fd41a37856284766c9ae3382a56e29d688120c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 140b3a47b48f5141
age: 79352
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="fonts.css"
content-length: 321
x-xss-protection: 1; mode=block
x-request-id: 6f93fb54-33d4-424c-a6a2-8047dfc7af56
x-varnish-count: 227
last-modified: Mon, 22 Aug 2022 16:34:46 GMT
server: nginx
etag: "699a9ea3ae87017c1fbcb36937a2889a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-varnish: 22882826 3342394
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:23:59 GMT

GET
H/1.1 200
OK chat.php Show response
vcc-na14b.8x8.com/CHAT/ Frame 470A 619 B
736 B 236ms
235ms XHR
application/json 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/chat.php?action=checkPlatform&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&channel=Chat%20Channel&script=script_14352575605e5548a28248d6.94172313

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/CHAT/common/html/config-broker.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

95ce6ced6a9a31c007c7cc0c8b3617c387e72d36266966af1174d411378a7bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/config-broker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 72AA 0
182 B 146ms
45ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=j0tqlub&ref=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&upid=rcy49o3&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ffb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 09 Nov 2022 14:25:17 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 4 KB
1 KB 119ms
103ms Image
image/svg+xml 138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1210
expires: Thu, 09 Nov 2023 14:25:17 GMT

GET
H2 200 montserrat-regular-webfont.woff2
www.ffb.com/assets/font/ 18 KB
19 KB 134ms
134ms Font
application/octet-stream 74.200.39.25
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffb.com/assets/font/montserrat-regular-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.25 Anna, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.bankofoxford.com

Software

nginx /

Resource Hash

27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffb.com/contact-us?utm_source=sfmc&utm_medium=email&utm_campaign=J11-Survey&utm_term=https%3a%2f%2fwww.ffb.com%2fcontact-us&utm_id=1917873&sfmc_id=86249410
Origin: https://www.ffb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:25:17 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 068b81369d36c6f5
age: 79338
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-regular-webfont.woff2"
content-length: 18500
x-xss-protection: 1; mode=block
x-request-id: c0ad7f11-3288-4b90-9e24-92f207b4df3f
x-varnish-count: 1248
last-modified: Mon, 22 Aug 2022 16:34:48 GMT
server: nginx
etag: "53eca2b5ec904d06652753d02b06fd30"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 21708704 2359441
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:22:59 GMT

GET
H/1.1 200
OK embedded-chat.html Show response
vcc-na14b.8x8.com/CHAT/common/html/ Frame CF0D 2 KB
1 KB 170ms
169ms Document
text/html 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/CHAT/common/js/chat.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

e9a42c0c336625219805c2bb2fea547cad6c21416c9f3f98db74da86194d0877

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 09 Nov 2022 14:25:18 GMT
Last-Modified: Mon, 31 Oct 2022 13:28:34 GMT
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK normalize.min.css
vcc-na14b.8x8.com/CHAT/common/css/ Frame CF0D 2 KB
1 KB 173ms
170ms Stylesheet
text/css 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/css/normalize.min.css

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

ed2a1ae84c6618d190a88cb1450755762984c359c2dec44a5787f4b4d745a0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:58 GMT
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Content-Length: 901
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embedded-chat.css
vcc-na14b.8x8.com/CHAT/common/css/ Frame CF0D 9 KB
3 KB 343ms
170ms Stylesheet
text/css 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/css/embedded-chat.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

ac425cd6c8f1b6f64090b1cb243638841406c9445a768a13ba1051d546d37fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:56 GMT
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Content-Length: 2700
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame CF0D 2 KB
1 KB 89ms
33ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 09 Nov 2022 14:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 12:49:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Nov 2022 14:25:18 GMT

GET
H/1.1 200
OK jquery-1.8.2.min.js Show response
vcc-na14b.8x8.com/GEN/js/jQuery/ Frame CF0D 91 KB
33 KB 514ms
170ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/GEN/js/jQuery/jquery-1.8.2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:19:43 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 33361
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bugsnag.min.js Show response
vcc-na14b.8x8.com/GEN/js/bugsnag/ Frame CF0D 42 KB
13 KB 675ms
168ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/GEN/js/bugsnag/bugsnag.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

f14d0ef4cb0dcd10bdb336264feab9cc3a2445ec90d9335209296f7dd7797e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:18:18 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 13039
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK purl.js Show response
vcc-na14b.8x8.com/CHAT/common/3rdparty/jquery/ Frame CF0D 4 KB
2 KB 682ms
169ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/3rdparty/jquery/purl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

e36307407a04b1bfe85579c3e457e8caa92889d1c556600dbad8a26743172d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:48 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 1552
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK spin.min.js Show response
vcc-na14b.8x8.com/CHAT/common/3rdparty/spin/ Frame CF0D 4 KB
2 KB 681ms
169ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/3rdparty/spin/spin.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:52 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 2043
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK underscore-min.js Show response
vcc-na14b.8x8.com/CHAT/common/3rdparty/underscore/ Frame CF0D 14 KB
5 KB 685ms
170ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/3rdparty/underscore/underscore-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

163189ef69a3c210a04bb4cac2c336119d78b576fb84b4231977514419eb0faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 5054
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bundle-echat-db1aebe02f5ed1b434c4.js Show response
vcc-na14b.8x8.com/client/chalet/public/ Frame CF0D 177 KB
54 KB 691ms
175ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/client/chalet/public/bundle-echat-db1aebe02f5ed1b434c4.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

e30af0cbb968e2c8d3a61cdb1c860f7c8108c39e6152d081d4c0fde83572245e

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:28:34 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embedded-chat-common.js Show response
vcc-na14b.8x8.com/CHAT/common/js/ Frame CF0D 3 KB
2 KB 696ms
172ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/embedded-chat-common.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

a8eaec989973d6f80afa88ab7012c273362810a5cee872afe4abb93f1f79e718

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:18:02 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 1263
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embedded-chat.js Show response
vcc-na14b.8x8.com/CHAT/common/js/ Frame CF0D 190 KB
38 KB 847ms
173ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/embedded-chat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

76f0a4ef35979dda0294b5e1e7951659034f4ab417f29882d54914987afda039

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:16:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK messageLevel.js Show response
vcc-na14b.8x8.com/CHAT/common/js/constants/ Frame CF0D 206 B
490 B 850ms
168ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/constants/messageLevel.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

6104c7bf37dcdcb8253bc5c6753f1a12296adad858fa88c75edcdff0eb8c2409

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:18:01 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 127
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK chat-config.js Show response
vcc-na14b.8x8.com/CHAT/common/js/ Frame CF0D 314 B
574 B 852ms
170ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/chat-config.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

ff544a76191617388ed790139a387259105beb4fb86a916288f862c7be87d423

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:17:59 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 211
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK load-remote-guest-chat.js Show response
vcc-na14b.8x8.com/CHAT/common/js/ Frame CF0D 3 KB
2 KB 854ms
169ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/common/js/load-remote-guest-chat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

2b371680f98d8123e28861aeca7c192c314b328967abfa0ced9b4a5102fcea66

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Last-Modified: Mon, 31 Oct 2022 13:16:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK chat.php Show response
vcc-na14b.8x8.com/CHAT/ Frame CF0D 619 B
736 B 199ms
199ms XHR
application/json 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/chat.php?action=checkPlatform&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&channel=Chat%20Channel&script=script_14352575605e5548a28248d6.94172313

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/GEN/js/jQuery/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

95ce6ced6a9a31c007c7cc0c8b3617c387e72d36266966af1174d411378a7bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v12/ Frame CF0D 16 KB
17 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vcc-na14b.8x8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:46:15 GMT
x-content-type-options: nosniff
age: 31144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 05:46:15 GMT

GET
H/1.1 200
OK chat.php Show response
vcc-na14b.8x8.com/CHAT/ Frame CF0D 3 KB
1 KB 184ms
184ms XHR
application/json 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/chat.php?action=translateSystemMessages&script=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&tenantOEMPath=%2Fvcc&dictionary%5B%5D=endChatButton&dictionary%5B%5D=closeChatButton&dictionary%5B%5D=errorServerUnavailable&dictionary%5B%5D=chatEstablished&dictionary%5B%5D=chatEstablishedName&dictionary%5B%5D=chatEstablishedAgent&dictionary%5B%5D=chatEstablishedAgentNew&dictionary%5B%5D=chatQueued&dictionary%5B%5D=chatTitle&dictionary%5B%5D=chatForwarded&dictionary%5B%5D=chatMsgTooLong&dictionary%5B%5D=chatDisconnected&dictionary%5B%5D=chatEnded&dictionary%5B%5D=agent&dictionary%5B%5D=agentName&dictionary%5B%5D=agentMessage&dictionary%5B%5D=informativeMessage&dictionary%5B%5D=agentTyping&dictionary%5B%5D=agentTypingName&dictionary%5B%5D=agentDisconnected&dictionary%5B%5D=errorInvalidLogin&dictionary%5B%5D=endChatNotification&dictionary%5B%5D=endChatConfirmation&dictionary%5B%5D=chatLogTitle&dictionary%5B%5D=chatLogDescription&dictionary%5B%5D=yesButton&dictionary%5B%5D=noButton&dictionary%5B%5D=coBrowsingStartButton&dictionary%5B%5D=coBrowsingEndButton&dictionary%5B%5D=saveButton&dictionary%5B%5D=clearButton&dictionary%5B%5D=pullDownInfo&dictionary%5B%5D=pullUpInfo&dictionary%5B%5D=errorGenericMessage&dictionary%5B%5D=errorRequiredMessage&dictionary%5B%5D=errorCrmFieldInvalidMessage&dictionary%5B%5D=errorInvalidNumber&dictionary%5B%5D=errorInvalidEmail&dictionary%5B%5D=preChatFormData&dictionary%5B%5D=offChatFormData&dictionary%5B%5D=skipQueueFormData&dictionary%5B%5D=chatTranslationOn&dictionary%5B%5D=chatTranslationOff&dictionary%5B%5D=chatTranslationServiceError&dictionary%5B%5D=coBrowsingInvitePrompt&dictionary%5B%5D=coBrowsingInviteAccept&dictionary%5B%5D=coBrowsingInviteReject&dictionary%5B%5D=coBrowsingInviteAccepted&dictionary%5B%5D=coBrowsingInviteRejected&dictionary%5B%5D=coBrowsingSessionStarted&dictionary%5B%5D=coBrowsingSessionEnded&dictionary%5B%5D=coBrowsingSessionRestored&dictionary%5B%5D=sessionDisconnected&dictionary%5B%5D=emptySubject&dictionary%5B%5D=messageBoxPlaceholder&dictionary%5B%5D=yourMessage&dictionary%5B%5D=sendMessage&dictionary%5B%5D=invitationAppeared&dictionary%5B%5D=formAppeared&dictionary%5B%5D=windowAppeared&langto=en

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/GEN/js/jQuery/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

35fc9dcfa24d8d870734a241e3e6cc1607829590305b2ba1f44b80af148936f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK chat.php Show response
vcc-na14b.8x8.com/CHAT/ Frame CF0D 153 B
476 B 182ms
182ms XHR
application/json 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/chat.php?action=getNextStep&step=initButton&script=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&langfrom=en&langto=en

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/GEN/js/jQuery/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

6cc1363c8f7aff7e2d1972594b12bd3e82c7e0b5a7437feeb41f07c915217e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK chat.php Show response
vcc-na14b.8x8.com/CHAT/ Frame CF0D 125 B
450 B 180ms
180ms XHR
application/json 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/CHAT/chat.php?action=getNextStep&step=initInvitation&customTrigger=&script=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&langfrom=en&langto=en

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/GEN/js/jQuery/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

6b04692a6ed1d6cea49c6422d5eb05093a6009891dfc86004358b5efc4d80b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://vcc-na14b.8x8.com/CHAT/common/html/embedded-chat.html?uuid=script_14352575605e5548a28248d6.94172313&tenant=Zmlyc3RmaWRlbGl0eWJhbmswMQ&domain=https%3A%2F%2Fwww.ffb.com&channel=Chat%20Channel&referrer=https%3A%2F%2Fwww.ffb.com%2Fcontact-us%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DJ11-Survey%26utm_term%3Dhttps%253a%252f%252fwww.ffb.com%252fcontact-us%26utm_id%3D1917873%26sfmc_id%3D86249410&popup=false&chatAlign=right&popuporigin=button&startedbychatapi=false&waitbusinitialize=true&syncrequired=false
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=157680000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK button.js Show response
vcc-na14b.8x8.com/shared/CHAT/Zmlyc3RmaWRlbGl0eWJhbmswMQ/button_18913213815e58367600c324.53860534/ 215 B
553 B 172ms
171ms Script
application/javascript 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vcc-na14b.8x8.com/shared/CHAT/Zmlyc3RmaWRlbGl0eWJhbmswMQ/button_18913213815e58367600c324.53860534/button.js

Requested by

Host: vcc-na14b.8x8.com
URL: https://vcc-na14b.8x8.com/CHAT/common/js/chat.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

677630a966fcd850127b7b3e8e18fba09c52cf37859883a234893d0343f8f4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Strict-Transport-Security: max-age=157680000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Feb 2020 22:42:07 GMT
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo
vcc-na14b.8x8.com/shared/CHAT/Zmlyc3RmaWRlbGl0eWJhbmswMQ/button_18913213815e58367600c324.53860534/img/ 11 KB
11 KB 177ms
177ms Image
application/octet-stream 8.21.164.114
8X8-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcc-na14b.8x8.com/shared/CHAT/Zmlyc3RmaWRlbGl0eWJhbmswMQ/button_18913213815e58367600c324.53860534/img/logo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

8.21.164.114 , United States, ASN32308 (8X8-AS, US),

Reverse DNS

linux204.mycontactual.com

Software

Resource Hash

9455df8686d191daf5c9fcfb2114ebd1ec5512cdc39b86f1ffe74735055f835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ffb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 14:25:19 GMT
Strict-Transport-Security: max-age=157680000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Feb 2020 22:42:07 GMT
Content-Type: application/octet-stream
nnCoection: close
Accept-Ranges: bytes
Content-Length: 11418
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ffb.com/	1970-01-20 07:20:36	Name: PLAY_SESSION Value: 61c522b509deb39b11b286c8afcb935f26615d4a-v=1
.www.ffb.com/	1970-01-20 16:56:03	Name: __bkp Value: 5496c4d0-603a-11ed-8877-0242bcb68289
.ffb.com/	1970-01-20 09:29:39	Name: _gcl_au Value: 1.1.74594627.1668003917
.ffb.com/	1970-01-20 16:56:03	Name: _ga_YPJP8WX217 Value: GS1.1.1668003916.1.0.1668003916.60.0.0
.ffb.com/	1970-01-20 16:56:03	Name: _ga Value: GA1.2.1711502684.1668003917
.ffb.com/	1970-01-20 07:21:30	Name: _gid Value: GA1.2.333938426.1668003917
.ffb.com/	1970-01-20 07:20:03	Name: _gat Value: 1
.ffb.com/	1970-01-20 07:20:03	Name: _gat_UA-59606914-1 Value: 1
.www.ffb.com/	1970-01-20 07:21:30	Name: ln_or Value: d
.doubleclick.net/	1970-01-20 16:41:39	Name: IDE Value: AHWqTUkdggLUBeU2Zgu7dCkN6M0jPxr_LcFMhk_dsJpDZtg9RTucuFWsY388sJUzJ_A
.ffb.com/	1970-01-20 09:29:39	Name: _fbp Value: fb.1.1668003916987.1684363529
.linkedin.com/	1970-01-20 08:03:15	Name: UserMatchHistory Value: AQLRfkFtWUILfgAAAYRcx-yQs99zDwZ2_nPL57I0RyU0FWrjp0FJEigKuaY9f763zswNDJlls0vOog
.linkedin.com/	1970-01-20 08:03:15	Name: AnalyticsSyncHistory Value: AQIsmwdwfvz9HgAAAYRcx-yQ3rEu_nykVw56cHg2AoEFospSXAZHSh2PZQtL3uXecqhaZhGe0xRjf68N8VM1wQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:05:39	Name: bcookie Value: "v=2&b7ae7742-6477-420e-8fa3-9dc6232609e9"
.linkedin.com/	1970-01-20 07:21:30	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2489:u=1:x=1:i=1668003916:t=1668090316:v=2:sig=AQE9Mt0YJyv3m7lG5mSd_jVF5pfWiMEC"
.ffb.com/	1970-01-20 16:56:03	Name: __bkp Value: 5496c4d0-603a-11ed-8877-0242bcb68289
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:05:39	Name: bscookie Value: "v=1&2022110914251785013be4-7738-422a-8371-e8c15365591aAQFGQ1m-fn2dYoWXuCkJzODmIoy4wL0Q"
.linkedin.com/	1970-01-20 11:39:15	Name: li_gc Value: MTswOzE2NjgwMDM5MTc7MjswMjEUMvS8RDwoI4kgWFSzHcHip0Rj+iqe0tNTkOmKKFf3XA==
tags.srv.stackadapt.com/	1970-01-20 16:05:39	Name: sa-user-id Value: s%3A0-46ae18d5-0812-4479-63d4-442ecfe892c8.lkG3ECZGZa%2BCfmjKM07n43yS4AFLWAmML4%2FapTe3R24
.srv.stackadapt.com/	1970-01-20 16:05:39	Name: sa-user-id-v2 Value: s%3ARq4Y1QgSRHlj1EQuz-iSyNly2hc.X0X8vJAb%2BeKePCvlaKUjIIXKEpP%2BuGgOUty66yklkJo
www.ffb.com/	1970-01-20 16:05:39	Name: sa-user-id Value: s%253A0-46ae18d5-0812-4479-63d4-442ecfe892c8.lkG3ECZGZa%252BCfmjKM07n43yS4AFLWAmML4%252FapTe3R24
www.ffb.com/	1970-01-20 16:05:39	Name: sa-user-id-v2 Value: s%253ARq4Y1QgSRHlj1EQuz-iSyNly2hc.X0X8vJAb%252BeKePCvlaKUjIIXKEpP%252BuGgOUty66yklkJo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9214061.fls.doubleclick.net
acsbapp.com
adservice.google.com
banno.com
cdn.acsbapp.com
cdn.linkedin.oribi.io
click.ffbemail.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
kernel-serve.banno.com
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
resources.xg4ken.com
snap.licdn.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
vcc-na14b.8x8.com
web1.acsbapp.com
www.facebook.com
www.ffb.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
108.158.56.121
13.107.42.14
13.111.228.43
138.128.247.123
172.217.18.102
18.66.112.25
2001:4860:4802:32::36
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:400c:c08::9c
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
44.206.39.165
52.189.67.130
63.34.213.108
66.155.71.150
74.200.39.25
8.21.164.114
83.229.67.229
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
03f7fce5e0936a5f59921e0482c73abb8a474d4a53749e0f141727bebbb1719a
07d9cd1b49e3ae4c4aeb99096e5d64ae901de69b5eece48d510c230ce0f0e9cf
086b75604e29ad81128b89423cb30ef74c5c12073e88eda1b3dd56a52d15e25d
10598f5a945668e72826e5d09c825d9032369b4eeaf7b5e5f7330d4afc3df6cb
16292a6289d78199c113fad28f3027e16f8841c997aaf143b7d1c3a573da79f8
163189ef69a3c210a04bb4cac2c336119d78b576fb84b4231977514419eb0faf
17e61577e0f59de86528e8794eee3a8a6a596a64936bcad5510f3c76be2c3a9b
1d46c6be4e5d5bdd34d4e7ef5908ce410477b93d10154b0d3c568300f474280c
27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa
2b371680f98d8123e28861aeca7c192c314b328967abfa0ced9b4a5102fcea66
32dc60f0505bcf00bcdff838e34496f9ec99898671d18e042328252936f28e34
35fc9dcfa24d8d870734a241e3e6cc1607829590305b2ba1f44b80af148936f5
364fb07775fde6a9867a6bc68db2c1ef022bf997aa845d2145299790ad9136d3
375e78adbe5cec0ebf6a9e1080bd3de05edef845d4cdabca0a51aad1b559ed18
385522688155f96e835e80b22d8774ee2bfbe3c1299191183ae71c075a44ce83
4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716
48e0e6affd32a6bf470021ccf9f5e52c3d3fa3c428bb628a6864f431dde89fd0
4e2ea2d2cb35ba3d80c4af7328af7a5c53c46b1eddbe689300e2b8a7c966094d
5885233e5f706d410ec53151088c0ad818f3dd753e6bd3b144d7af84367d8760
5af540519e037579fac36f1b55a5095c0f9e8b702d004ba3a4193e7852f9e0ec
6104c7bf37dcdcb8253bc5c6753f1a12296adad858fa88c75edcdff0eb8c2409
61358dafd9664897512410b6db294dbc7f2204ef89f7f9c14cde3483bf600ab6
677630a966fcd850127b7b3e8e18fba09c52cf37859883a234893d0343f8f4eb
6931107308465467b3a8f84fdcaf97cafde8a5b6b03e600f87126948abc29db1
6b04692a6ed1d6cea49c6422d5eb05093a6009891dfc86004358b5efc4d80b25
6c09fca0c211d32cfce2282b301c83ef46e687822e3ad6e6c9d2237aec790a47
6cc1363c8f7aff7e2d1972594b12bd3e82c7e0b5a7437feeb41f07c915217e22
6e3c5e17d37ca033a1065ad370fd41a37856284766c9ae3382a56e29d688120c
76f0a4ef35979dda0294b5e1e7951659034f4ab417f29882d54914987afda039
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cae47a88d24c17da61cc71f1baf4614bee4655d81280c92fc2475747ce34230
81f4d9198df24f4527eb72d21537f6c69a033ad39d98f08af5133eecc170be7f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bdeff6ba40afccf3009559198c5356e4aa122d0f14f04385576e953682927f4
8c54296891c38d289fba1d1f42abb54c4810a70a8010790188443e1bcb73c761
9455df8686d191daf5c9fcfb2114ebd1ec5512cdc39b86f1ffe74735055f835f
9504ce24abd7a9d70a8db17cedc6cfdfd366a1e13ae0fba7536fd7782f828ec5
9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7
95ce6ced6a9a31c007c7cc0c8b3617c387e72d36266966af1174d411378a7bbf
a12cc56a7286df7594bb7a6e461a5f7ad3076c0160f31f63af0fec1ec12e5794
a15e7ab0cdd40a841038224e43fb31bc3220f0f9d167157fd65bfcf0cc5a9836
a59ecd7ca41219d99637d61086c2441760f0d4ffbc554d0c0862874628974528
a8eaec989973d6f80afa88ab7012c273362810a5cee872afe4abb93f1f79e718
ac425cd6c8f1b6f64090b1cb243638841406c9445a768a13ba1051d546d37fc8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b26b9667bc1a15dc3a11073ca23b99a23eec7c4ee138273d0f157211f369ac31
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b964b7d5d54765710d16ca8d9edaa11c796aa80af25cfed497db21e5102a0356
c1ac460eaa7745b05bc98e05f5008da2518a316f6bada79951678abf6fe7c94f
da0b793f31216f3330e639f16150c724033bee45d321cc4499e0b7b491625982
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0eeac54bf3808bccba4fa2b52734bdfc5e70e690ef47a59d68c2037f4d86c7c
e27dbd4139165e2dee5d44bd5ad3ba8f37a081da8355180b1413aa9dff9852f9
e30af0cbb968e2c8d3a61cdb1c860f7c8108c39e6152d081d4c0fde83572245e
e36307407a04b1bfe85579c3e457e8caa92889d1c556600dbad8a26743172d34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
e7bd8851b07a73755dbbd07fe9def642394581ebab2171e38173dacbfc062aa0
e9a42c0c336625219805c2bb2fea547cad6c21416c9f3f98db74da86194d0877
ed2a1ae84c6618d190a88cb1450755762984c359c2dec44a5787f4b4d745a0f2
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76
edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14d0ef4cb0dcd10bdb336264feab9cc3a2445ec90d9335209296f7dd7797e35
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f38f301e7bc87a8cd5a44cecc9d83624345aafc7548283413d9b8d9681d14254
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fd9e7d53b6534a9e7c9e4fcdb9a42db1e507a09330576b7051427c3212b535b2
fefc224ba61820c7d6a1e92abb9341a730b90830358c37172fd48afadb108ae2
ff544a76191617388ed790139a387259105beb4fb86a916288f862c7be87d423

www.ffb.com Open in urlscan Pro 74.200.39.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

99 %HTTPS

50 %IPv6

21 Domains

31 Subdomains

26 IPs

5 Countries

1170 kBTransfer

3390 kBSize

24 Cookies

18 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.ffb.com Open in urlscan Pro
74.200.39.25 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

31
Subdomains

26
IPs

5
Countries

1170 kB
Transfer

3390 kB
Size

24
Cookies

107 HTTP transactions
0 data transactions