www.bancfirst.insurance Open in urlscan Pro
24.248.243.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bancfirst.insurance/personal
Effective URL:
https://www.bancfirst.insurance/personal
Submission: On June 22 via api (June 22nd 2021, 3:04:00 pm UTC) from US

Summary HTTP 16 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 24.248.243.212, located in Oklahoma City, United States and belongs to BANCFIRST, US. The main domain is www.bancfirst.insurance.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on April 9th 2021. Valid for: a year.

This is the only time www.bancfirst.insurance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	24.248.243.212 24.248.243.212	36860 (BANCFIRST) (BANCFIRST)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	6

6 24.248.243.212 (Oklahoma City, United States)

ASN36860 (BANCFIRST, US)
PTR: www.bancfirst.insurance

www.bancfirst.insurance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	typekit.net use.typekit.net p.typekit.net	139 KB
6	bancfirst.insurance www.bancfirst.insurance	85 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleapis.com ajax.googleapis.com	5 KB
1	jquery.com code.jquery.com	33 KB
16	5

	Domain	Requested by
6	www.bancfirst.insurance	www.bancfirst.insurance
5	use.typekit.net	ajax.googleapis.com www.bancfirst.insurance
2	www.google-analytics.com	www.bancfirst.insurance www.google-analytics.com
1	p.typekit.net	www.bancfirst.insurance
1	ajax.googleapis.com	www.bancfirst.insurance
1	code.jquery.com	www.bancfirst.insurance
16	6

This site contains links to these domains. Also see Links.

Domain
bancfirst.epaypolicy.com
portal.zywave.com
get.adobe.com

Subject Issuer	Validity	Valid
*.bancfirst.insurance GeoTrust TLS RSA CA G1	`2021-04-09` - `2022-04-08`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.bancfirst.insurance/personal
Frame ID: 78E9A28F6F0F1EC72AE51488526B1ED9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bancfirst.insurance/personal HTTP 307
https://www.bancfirst.insurance/personal Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

script /googleapis\.com\/.+webfont/i

Page Statistics

16
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

282 kB
Transfer

421 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bancfirst.epaypolicy.com/

Search URL Search Domain Scan URL

URL: https://portal.zywave.com/
Title: Customer Portal

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Adobe Reader is required to read the Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bancfirst.insurance/personal HTTP 307
https://www.bancfirst.insurance/personal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set personal Show response
www.bancfirst.insurance/
Redirect Chain

http://www.bancfirst.insurance/personal
https://www.bancfirst.insurance/personal

22 KB
7 KB

1405ms
1069ms

Document
text/html

24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

976a007be1b3a5134bd4ff1195da1410088917121b954869d9f1f794cad82b0a

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.bancfirst.insurance
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:38 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: NOSNIFF
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; expires=Tue, 22-Jun-2021 17:03:38 GMT; Max-Age=7200; path=/;Secure;HttpOnly gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D; expires=Tue, 22-Jun-2021 17:03:38 GMT; Max-Age=7200; path=/; httponly;Secure;HttpOnly
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Content-Length: 5498
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive

Redirect headers

Location: https://www.bancfirst.insurance/personal
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK layout.css
www.bancfirst.insurance/dist/ 26 KB
6 KB 168ms
167ms Stylesheet
text/css 24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancfirst.insurance/dist/layout.css?v=5c64737d7c9e8dcb621b79e724ffece6

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

3f96b13772e2a145d6b9b46c7afc102d1e7125e779426fa40703cff95a0f3a18

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancfirst.insurance
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bancfirst.insurance/personal
Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
Connection: keep-alive
Referer: https://www.bancfirst.insurance/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: NOSNIFF
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 17 Feb 2021 17:50:12 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"602d5754-697e"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Keep-Alive: timeout=10, max=499

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 26ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:38 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2015 16:20:58 GMT
server: nginx
etag: W/"553fb36a-176d5"
vary: Accept-Encoding
x-hw: 1624374218.dop004.fr8.t,1624374218.cds203.fr8.hc,1624374218.cds127.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33261

GET
H/1.1 200
OK logo.png
www.bancfirst.insurance/img/ 6 KB
7 KB 308ms
169ms Image
image/png 24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancfirst.insurance/img/logo.png

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

09068902551902e018d9d4cec47b7f9d49cdbe571097a4d7f037de9069338f91

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancfirst.insurance
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancfirst.insurance/personal
Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
Connection: keep-alive
Referer: https://www.bancfirst.insurance/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:39 GMT
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
X-Content-Type-Options: NOSNIFF
Last-Modified: Mon, 07 Jan 2019 22:43:04 GMT
Server: nginx
ETag: "5c33d5f8-1786"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=498
Content-Length: 6022
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK phone.png
www.bancfirst.insurance/img/ 194 B
954 B 339ms
168ms Image
image/png 24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancfirst.insurance/img/phone.png

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

20c856d9510d5a2cc64dcfc35440051a523665d92814c7d761776235b189fe96

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancfirst.insurance
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancfirst.insurance/personal
Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
Connection: keep-alive
Referer: https://www.bancfirst.insurance/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:39 GMT
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
X-Content-Type-Options: NOSNIFF
Last-Modified: Mon, 07 Jan 2019 22:43:04 GMT
Server: nginx
ETag: "5c33d5f8-c2"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=497
Content-Length: 194
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK paynow.png
www.bancfirst.insurance/img/ 3 KB
4 KB 338ms
167ms Image
image/png 24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancfirst.insurance/img/paynow.png

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

00c21fe4d3e2e743a0b4934fd4293592fb150aa0113814c7c13233201517db6a

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancfirst.insurance
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancfirst.insurance/personal
Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
Connection: keep-alive
Referer: https://www.bancfirst.insurance/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:39 GMT
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
X-Content-Type-Options: NOSNIFF
Last-Modified: Wed, 17 Feb 2021 17:50:12 GMT
Server: nginx
ETag: "602d5754-d23"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 3363
X-Xss-Protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 14:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 14:12:18 GMT

GET
H/1.1 200
OK 19-17808.jpg
www.bancfirst.insurance/uploads/ 61 KB
61 KB 491ms
174ms Image
image/jpeg 24.248.243.212
BANCFIRST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancfirst.insurance/uploads/19-17808.jpg

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.248.243.212 Oklahoma City, United States, ASN36860 (BANCFIRST, US),

Reverse DNS

www.bancfirst.insurance

Software

nginx /

Resource Hash

9680237b635858c6ae9b53029756637cd49db84afa4669dac16f71f5ae6ad9fc

Security Headers

Name	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancfirst.insurance
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancfirst.insurance/personal
Cookie: XSRF-TOKEN=eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9; gardienneSession=eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
Connection: keep-alive
Referer: https://www.bancfirst.insurance/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 15:03:39 GMT
Via: 1.1 www.bancfirst.insurance (Apache/2.4.46)
X-Content-Type-Options: NOSNIFF
Last-Modified: Mon, 07 Jan 2019 22:48:08 GMT
Server: nginx
ETag: "5c33d728-f279"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Content-Security-Policy: script-src *.bancfirst.tv *.typekit.net *.addthis.com *.googletagmanager.com *.moatads.com *.addthisedge.com *.google-analytics.com *.googleapis.com *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 62073
X-Xss-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 302
date: Tue, 22 Jun 2021 14:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 22 Jun 2021 16:58:37 GMT

GET
H2 200 kco0yah.js Show response
use.typekit.net/ 17 KB
7 KB 28ms
14ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/kco0yah.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fda73817b0920769d148b0b2b52cc3195bf1e80656f57e37d3ddcb453acdf2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 22 Jun 2021 15:03:39 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6864

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
31 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=180571988&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bancfirst.insurance%2Fpersonal&ul=en-us&de=UTF-8&dt=Personal%20%7C%20BancFirst%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1372104054&gjid=767799021&cid=1287343569.1624374219&tid=UA-61103203-4&_gid=1816530032.1624374219&_r=1&_slc=1&z=325665941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 15:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bancfirst.insurance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 18ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Origin: https://www.bancfirst.insurance
Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:39 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 20ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

Origin: https://www.bancfirst.insurance
Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:39 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32380

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 26ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

Origin: https://www.bancfirst.insurance
Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:39 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33180

GET
H2 200 l
use.typekit.net/af/1cd3b2/00000000000000003b9b0937/27/ 34 KB
34 KB 23ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1cd3b2/00000000000000003b9b0937/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7dc62f16b1c4d7f6f5a32c7176c18615864c1c14751cdb03606e6fa8511f73b4

Request headers

Origin: https://www.bancfirst.insurance
Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:39 GMT
server: nginx
etag: "3c711f00d66ac1783195f3b82f0bc24e037cf7ef"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34636

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 19ms
6ms Image
image/gif 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=kco0yah&ht=tk&h=www.bancfirst.insurance&f=139.5474.25136.25137&a=4065597&js=1.20.0&app=typekit&e=js&_=1624374219263
Requested by: Host: www.bancfirst.insurance
URL: https://www.bancfirst.insurance/personal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.bancfirst.insurance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:03:39 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bancfirst.insurance/	1970-01-19 19:12:54	Name: _gat Value: 1
.bancfirst.insurance/	1970-01-19 19:14:20	Name: _gid Value: GA1.2.1816530032.1624374219
www.bancfirst.insurance/	1970-01-19 19:13:01	Name: gardienneSession Value: eyJpdiI6InpJVlZSNG1NcVc4U294WUtwTjFPaXc9PSIsInZhbHVlIjoiekdMUjNsdzhRSGo2OFV1V09aeGxBdytJcGhWQW9Zem40N2lRdnFKUlJpZFpFMW8yZTl4a1dSdXNkaTI3OXJ3UWNqWGVqSEZMSTF6S29PWEhLVnlhSXc9PSIsIm1hYyI6IjYxNGUwMGEwNzg1OTRlNjU3NzhkOGQ5Y2Y0NzQ0YTA1MTM5NmVkMzJmM2RiNGM3NDBkM2IzZGFiZmEyODg2MTgifQ%3D%3D
.bancfirst.insurance/	1970-01-20 12:44:06	Name: _ga Value: GA1.2.1287343569.1624374219
www.bancfirst.insurance/	1970-01-19 19:13:01	Name: XSRF-TOKEN Value: eyJpdiI6IkNDUUpDWFl1SytWS1YrQ2poazlKSUE9PSIsInZhbHVlIjoiXC9GWUxXOVl4R3BcL0NjaFE4K2dURTJhbmlqZ242M3JldGFHU1hUVXdqVTNuYkE1MGJNTUVrMXMwR3FRK2lEaFZ1WTFzVmJCWE1Ud2sxQnlpd3hVZGg1Zz09IiwibWFjIjoiMjIxYzViY2ZkMzIwY2NjMGNlOWNlZTA1M2FlZGQwMzg5ZjkyMTk4MTY0NDlhMWM1Nzc5MzRiM2Y1MzZlYzM4OCJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src .bancfirst.tv .typekit.net .addthis.com .googletagmanager.com .moatads.com .addthisedge.com .google-analytics.com .googleapis.com .jquery.com 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'unsafe-inline' data:; object-src 'none'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
p.typekit.net
use.typekit.net
www.bancfirst.insurance
www.google-analytics.com
2001:4de0:ac18::1:a:2a
24.248.243.212
2a00:1450:4001:827::200e
2a00:1450:4001:830::200a
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
00c21fe4d3e2e743a0b4934fd4293592fb150aa0113814c7c13233201517db6a
09068902551902e018d9d4cec47b7f9d49cdbe571097a4d7f037de9069338f91
20c856d9510d5a2cc64dcfc35440051a523665d92814c7d761776235b189fe96
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
3f96b13772e2a145d6b9b46c7afc102d1e7125e779426fa40703cff95a0f3a18
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7dc62f16b1c4d7f6f5a32c7176c18615864c1c14751cdb03606e6fa8511f73b4
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
9680237b635858c6ae9b53029756637cd49db84afa4669dac16f71f5ae6ad9fc
976a007be1b3a5134bd4ff1195da1410088917121b954869d9f1f794cad82b0a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
fda73817b0920769d148b0b2b52cc3195bf1e80656f57e37d3ddcb453acdf2d6

www.bancfirst.insurance Open in urlscan Pro 24.248.243.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

83 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

282 kBTransfer

421 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

www.bancfirst.insurance Open in urlscan Pro
24.248.243.212 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

282 kB
Transfer

421 kB
Size

5
Cookies

16 HTTP transactions
0 data transactions