www.bluefoundrybank.com Open in urlscan Pro
2606:4700:20::681a:173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bluefoundrybank.com/
Submission: On July 04 via automatic, source certstream-suspicious (July 4th 2024, 6:50:20 am UTC) — Scanned from DE

Summary HTTP 104 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 104 HTTP transactions. The main IP is 2606:4700:20::681a:173, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bluefoundrybank.com.
TLS certificate: Issued by E6 on July 3rd 2024. Valid for: 3 months.

This is the only time www.bluefoundrybank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	2606:4700:20:... 2606:4700:20::681a:173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
10	2600:9000:235... 2600:9000:235a:1200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	44.238.231.3 44.238.231.3	16509 (AMAZON-02) (AMAZON-02)
5	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2.17.147.192 2.17.147.192	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2 4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
104	20

46 2606:4700:20::681a:173 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bluefoundrybank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:235a:1200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.238.231.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-231-3.us-west-2.compute.amazonaws.com

home-c35.nice-incontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.147.192 (Prague, Czech Republic) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-192.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

9488395.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States) 2 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	bluefoundrybank.com www.bluefoundrybank.com	367 KB
10	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3995	5 MB
8	doubleclick.net 2 redirects 9488395.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	2 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	2 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	672 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	150 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	18 KB
3	nice-incontact.com home-c35.nice-incontact.com — Cisco Umbrella Rank: 121536	4 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2414	1 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 360 Failed px4.ads.linkedin.com Failed	748 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	gstatic.com www.gstatic.com	213 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	83 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
0	google.de Failed www.google.de Failed
104	16

	Domain	Requested by
46	www.bluefoundrybank.com	www.bluefoundrybank.com
10	images.ctfassets.net	www.bluefoundrybank.com
8	www.googletagmanager.com	www.bluefoundrybank.com www.googletagmanager.com
6	www.google.com	www.bluefoundrybank.com www.gstatic.com
5	ka-f.fontawesome.com	kit.fontawesome.com www.bluefoundrybank.com
4	9488395.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	cdn.jsdelivr.net	www.bluefoundrybank.com cdn.jsdelivr.net
3	home-c35.nice-incontact.com	www.bluefoundrybank.com home-c35.nice-incontact.com
2	region1.google-analytics.com	www.bluefoundrybank.com
2	region1.analytics.google.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	ad.doubleclick.net	www.bluefoundrybank.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	trkn.us	1 redirects www.bluefoundrybank.com
1	px.ads.linkedin.com	snap.licdn.com www.bluefoundrybank.com
1	snap.licdn.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	code.jquery.com	www.bluefoundrybank.com
1	kit.fontawesome.com	www.bluefoundrybank.com
0	static.cloudflareinsights.com Failed	www.bluefoundrybank.com
0	www.google.de Failed	www.bluefoundrybank.com
0	px4.ads.linkedin.com Failed	www.bluefoundrybank.com
104	22

This site contains links to these domains. Also see Links.

Domain
ir.bluefoundrybank.com
www.bluefoundrycharitablefoundation.org
creditcardlearnmore.com
secure.myvirtualbranch.com
bfb.bd.digitals.dmattercloud.com
www.myaccountaccess.com
account.opening.bluefoundrybank.com
bluefoundrybank.com
www.linkedin.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.ordermychecks.com
www.aboutads.info
allyant.com
www.fdic.gov
www.hud.gov

Subject Issuer	Validity	Valid
www.bluefoundrybank.com E6	`2024-07-03` - `2024-10-01`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.nicecxone.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-04` - `2025-07-05`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.bluefoundrybank.com/
Frame ID: 68B045EE4BB9DF91FF5F0DE16D3567A2
Requests: 96 HTTP requests in this frame

Frame: https://9488395.fls.doubleclick.net/activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F
Frame ID: 3F2E34A1E7DD973DF5E8578E53F4A41B
Requests: 1 HTTP requests in this frame

Frame: https://9488395.fls.doubleclick.net/activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F
Frame ID: 9D58EBC4B3EAA856B4AD3CB5473056DF
Requests: 1 HTTP requests in this frame

Frame: https://home-c35.nice-incontact.com/inContact/ChatClient/ChatClient.aspx?poc=ab6c693d-2cc4-49ca-bf36-89dad4bd1b74&bu=4601701
Frame ID: D09D200661C280930D47AC7B8384CA1B
Requests: 1 HTTP requests in this frame

Frame: https://home-c35.nice-incontact.com/inContact/ChatClient/chatButton.html
Frame ID: BFAEF7CB4E5219E36D2DDEF33D40DE97
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9&co=aHR0cHM6Ly93d3cuYmx1ZWZvdW5kcnliYW5rLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=mgg2sy1fxnl5
Frame ID: 4E4EFD051C5986294B3CEF07AB121154
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9&co=aHR0cHM6Ly93d3cuYmx1ZWZvdW5kcnliYW5rLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=oixo248lyobg
Frame ID: 453005D3FE779ACCED8340E4DEB8DBAC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9
Frame ID: DE8B4E8ADBD35EC7442BCCA1B85E79E6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9
Frame ID: 37AB5AC28BC6C37DE4DBBE7AB8ED8605
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal & Business Banking in New Jersey | Blue Foundry Bank

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

104
Requests

91 %
HTTPS

63 %
IPv6

16
Domains

22
Subdomains

20
IPs

4
Countries

6738 kB
Transfer

9306 kB
Size

14
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://ir.bluefoundrybank.com/overview/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.bluefoundrycharitablefoundation.org/
Title: Charitable Foundation

Search URL Search Domain Scan URL

URL: https://creditcardlearnmore.com/11t3/index?ecdma-lc=24704&ecid=OTHE_25940
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/bluefoundrybank/82235c6c-84a8-4140-959f-76e85052a39e.aspx
Title: Consumer eBanking

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/bluefoundrybank/772f1e0e-c88e-4449-83ff-fe836a0ca2fa.aspx
Title: Business eBanking

Search URL Search Domain Scan URL

URL: https://bfb.bd.digitals.dmattercloud.com/
Title: Home Loan

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/bluefoundrybank/signin.aspx
Title: eBanking Login

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do?loc=24704&theme=elan1
Title: Credit Card Login

Search URL Search Domain Scan URL

URL: https://account.opening.bluefoundrybank.com/apply.aspx?enc=Kw21Wblm1yxpjJabdoZaD2TjqqHzo-rkxWIjuJvqWRl6mSisAFCZWgnfAKxl-2LWGH-IdYcDJRYFaKaGVHDl2BR7_1Vw2pBBqvqOu-hPVkM&_gl=1*12ob31n*_ga*MTUzOTYzNjI1NS4xNjgwMTA2OTU0*_ga_0W44DEMDVW*MTcwMTExNDY0Mi4xNzcuMS4xNzAxMTE1NDM1LjYwLjAuMA..
Title: Open An Account

Search URL Search Domain Scan URL

URL: https://bfb.bd.digitals.dmattercloud.com/landingPage
Title: Apply For A Loan

Search URL Search Domain Scan URL

URL: https://bluefoundrybank.com/boost-cds
Title: Learn More

Search URL Search Domain Scan URL

URL: https://bluefoundrybank.com/blue-axis-edge-checking
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/blue-foundry-bank/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bluefoundrybank/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bluefoundrybank/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/BlueFoundryBank
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGnDIqSpvVMGiArH4QcWJLA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.ordermychecks.com/login_a.jsp
Title: Order Checks

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://allyant.com/

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/

Search URL Search Domain Scan URL

URL: http://www.hud.gov/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://trkn.us/pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93 HTTP 302
https://trkn.us/pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93;ip=217.114.218.19;cuidchk=1

Request Chain 74

https://9488395.fls.doubleclick.net/activityi;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F HTTP 302
https://9488395.fls.doubleclick.net/activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F

Request Chain 75

https://9488395.fls.doubleclick.net/activityi;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F HTTP 302
https://9488395.fls.doubleclick.net/activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F

Request Chain 82

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F HTTP 0
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F&e_ipv6=AQLt2SHIT0p1LgAAAZB8ggdnPG_bt4xPrnbzKnKxKD2R5RC9avZyA69aJrLKK0hc1cFKEf-w3jxD

Request Chain 84

https://region1.analytics.google.com/g/collect?v=2&tid=G-0W44DEMDVW&gtm=45je4730v9101592065z8812361235za200zb812361235&_p=1720075813402&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198138513.1720075814&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1720075814&sct=1&seg=0&dl=https%3A%2F%2Fwww.bluefoundrybank.com%2F&dt=Personal%20%26%20Business%20Banking%20in%20New%20Jersey%20%7C%20Blue%20Foundry%20Bank&en=page_view&_fv=2&_ss=1&_c=1&tfd=7269&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=5805940474119797098&dma=1&dma_cps=sypham&en=page_view&gtm=45je4730v9101592065z8812361235za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F

Request Chain 86

https://region1.analytics.google.com/g/collect?v=2&tid=G-0W44DEMDVW&gtm=45je4730v9101592065za200zb812361235&_p=1720075813402&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198138513.1720075814&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1720075814&sct=1&seg=0&dl=https%3A%2F%2Fwww.bluefoundrybank.com%2F&dt=Personal%20%26%20Business%20Banking%20in%20New%20Jersey%20%7C%20Blue%20Foundry%20Bank&en=open_account_button___all_clicks&_c=1&_et=6&tfd=7276&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=12650686821814538117&dma=1&dma_cps=sypham&en=open_account_button___all_clicks&gtm=45je4730v9101592065za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bluefoundrybank.com/ 174 KB
30 KB 5389ms
5314ms Document
text/html 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368798d45ea73d432a47c573fad998ab1ba15fe06db6f8adc22530b2a2c97cd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89dd2de4c861694c-FRA
content-encoding: br
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 06:50:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVGJq6Kg1ADUmCWESuphuIlB416Y9CYxZIoq8v9wan2loCL2ohBaFa%2BxmTLLAEzkLw%2B%2BN5c1MLtB8%2FKcTeEltaY2jk1Rduzm6feyY5CZo1yCudoN%2Bb4dD2OXLL5RDQ0aTms%2FFenLDQvOm5Az1nJoBJSZX%2FU6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Language,Cookie,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 cart.css
www.bluefoundrybank.com/static/css/ 5 KB
4 KB 84ms
78ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/cart.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc4945b4f5172499053c493a5eaa585d6ec760c8500b3c2225fa76845540954

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37802
content-length: 1747
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "1516-60863a4757670-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxnkvZ0RFBfEBrmL5DMmk%2FP5Qq5eGpEpESv9PaiWSKDw8a6wXhPIVm%2BRxgiZ9Rdvxbc6qxCRchhlNzNE1pWkcrMremnnAqPKDK%2BJgwzQE505zBkUG7Jlrea5lWSICLzIT10I5p1d%2Fhn2VacL3Et%2Ft%2FP4A%2BNY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064aaf694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 slick.css
www.bluefoundrybank.com/static/css/ 2 KB
985 B 78ms
72ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/slick.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 569
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "6f0-60863a4758610-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNXG7XgDJEoG7Dgjc0vKnQAF26hZRTSz%2FQKc4v96miHOd09K%2FN1waSIPgHlLsDcetkCR3ufZSi4zJUuL60j0PDD2Yd2%2B9yEnYCVaI3iQZHeLzEAYQsnqakZ%2BHYESsAyZU2S%2BbJY9T9s3m2RLTWnHqrBotlbY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ab1694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 bootstrap.min.css
www.bluefoundrybank.com/static/css/ 109 KB
19 KB 79ms
74ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/bootstrap.min.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a39c023aa28f517bb9630f61c3a3fdc69ee241c64a7ccc0bcb1eab813d298ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 17905
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "1b3b9-60863a47595b1-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsKj1I1MTH1yl17%2BktoTVifWDNnJe1%2B5cx486HWqN%2Bus0Sqc3OiV5jYxhyT6LILctWJE91jX6zIMiohu4c5lFXhGZLe4A5S6M6eV%2Fmvr9ikxKPe2PTOwXN1D5t0vQzHyuyzPTaXTKsF9nLN%2FDryzdplhVQzs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ab4694c-FRA
expires: Thu, 04 Jul 2024 16:33:47 GMT

GET
H2 200 global_styles.css
www.bluefoundrybank.com/static/css/ 5 KB
2 KB 85ms
80ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/global_styles.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110681a508a57e955f222511d415753d582c61c9dcd2583d50ae83b1cdfa1575

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 1599
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "13c8-60863a4758610-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nRvIE55Z0lkMRuQF04GhafagogzW4sPo0OMjddUDrml4%2FLwpMNm3ef6%2BXzOnBXtyNTRWraCFEKI%2BwhkeakTV5Z6Dfa6ooZm0BqM8ezvynHZERlRA0gel38GXb%2BVwQO0Qdlcq4Co8pFs7pTb6m4FJKFN47Wn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ab9694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 font-awesome.min.css
www.bluefoundrybank.com/static/css/ 28 KB
7 KB 80ms
75ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/font-awesome.min.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958c183adfbc6221fd2de4f08711de89669b1794b93c162598bd8cdd3b8023db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 6493
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "6e94-60863a47566d0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ba3dRxSK1rsWRhBcWZwTMGMgASi%2FzeR733drgKiBs9lH1uu2%2FSiviG1ktni846bvv0Jxz0EhJkQz6nphCbOvOfk4gzj47UX3MJZLUqE%2BYbuS8H1%2FZTVAXmO%2F%2BdUmpx2gDMa%2FgoWpTKoXKd4GbTEpSrA1fnJA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064abb694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 flexslider.css
www.bluefoundrybank.com/static/css/ 5 KB
4 KB 90ms
85ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/flexslider.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16212b03028deecb46dfe367e3df643539393acaeac71116e5fccaa5515c4e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 1723
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "1382-60863a4757670-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4BUbiW6bdH4BxzW9%2BGQzHX2cKPKGCR9CTZEBqJYWw%2FD7ZkeRXRaeiIt2WOFjNZRKFSlZ4RkgrAymdGgZHK76%2Bt7XNsCP6ydBqhgwMwwiIKFoT7Z2vIofwnbEvE7XaDXQFSrvxCsqsoHNgcd5BYnGO1NVW3P"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064abf694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 jquery.fancybox.css
www.bluefoundrybank.com/static/css/ 5 KB
2 KB 81ms
77ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/jquery.fancybox.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a482b3a0ffffe177348952dcc2487ba11a0434f01878334664b11eec947a64b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 1432
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "13f2-60863a47566d0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PO35uym5O4%2FWluoDanzCAXg8usLpjrh1S5LvpuW14%2Fi5yICRGIjDvCQQUdxRSOhLlklzt3y9xt6ABHB2YWxn1QJLSpvO829nzRhaOU83eQXNsgZc6C4iQ1JKnyl4tiAV%2BBNYtZXFGZ3ibsydpLP56mp5OItE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ac2694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 datepicker.css
www.bluefoundrybank.com/static/css/ 24 KB
5 KB 85ms
81ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/datepicker.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015ce7ca130b04907f55ba95c731b88e1c5e81b4cd9ba9a9144c7cbbd229e844

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37802
content-length: 4548
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "60db-60863a47566d0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIhkpVnxfVyiLCzrMTqm0f5cBBtVRYXKY49aGxZ85Md%2BS10WfKocnqVotjSgG2iiyCbTFKhFJn2oDU%2BaT6N%2Bo7QN9RdtAtPdVPRdmdlLS8pFUr%2Bmer7wikcoABYWX8NXzStDxRdB39QFU%2BjKY1H0Yk4%2F8v6e"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ac3694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 styles.css
www.bluefoundrybank.com/static/css/ 9 KB
3 KB 91ms
87ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/styles.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ceeed80eb2257d6346f548146f612fa89c6f5446866b009814b0571c9c3c38d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37802
content-length: 2517
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "248e-60863a4758610-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6m89Wnjjlno%2BCmLE4sxte4eUOGmn%2BISkck3vbt5b9IAdCEU3KH2x%2BrUuRhezK4RBPIFeDXzlnS%2FQ1XHxtTBUxjMxoPFVijqs9sag5qXNdvSkkxj2K9nBSd6xQetLmrOaOs8VokbHADed6L8GdxlCFXU3kWCW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ac5694c-FRA
expires: Thu, 04 Jul 2024 12:14:05 GMT

GET
H2 200 forms.css
www.bluefoundrybank.com/static/css/ 6 KB
2 KB 90ms
86ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/forms.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210a79267a31661e6367470a216ce3d55399516e73c61218f7bdc23eb7d16252

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 1827
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "18c4-60863a4758610-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laZPtCButXvWuqm6K6ahIOuL%2BAfUqL5%2B9%2F09AgJul3%2FmMShOq%2FtfJ3gmpZUUGkWfwx8d3TqQ3o4XIOofh%2BM7lT1LC1%2BYxW9cYlfrIYTeLPGTK32wGsYTuiR%2FaOiBP%2F1XPCwLxO3uL2J0ym4BJmFaFXCch3gj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e064ac6694c-FRA
expires: Thu, 04 Jul 2024 17:41:56 GMT

GET
H2 200 accessible-slick-theme.min.css
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 4 KB
2 KB 137ms
23ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/accessible-slick-theme.min.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4257ec833f1086c2a352b4869ee6f594ad2d15cf0b4850c552b248d1aae7f6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:50:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1405390
x-jsd-version: 1.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1115
x-served-by: cache-fra-etou8220114-FRA
x-jsd-version-type: version
etag: W/"f84-qm9uNKt8quiDxWYtmMgX8jMk5Yo"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
www.bluefoundrybank.com/static/css/ 95 KB
17 KB 98ms
94ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/style.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43be6197a4af24ad4bb7f97d7efc8afe663fa53801cffa90cfc0b13f0f860844

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 15573
last-modified: Thu, 13 Jun 2024 20:41:53 GMT
server: cloudflare
etag: "17c23-61acb8777e112-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPzNX84Wr92Hs7nwej8%2B2uQkjDpxYeTRO1AIfW4Os0G6ZtOS1sSFSDMABur8Xyds5kcqQLkXZWh59QtNWmztBxhEnVyKRPLFnb1aOLuBYn%2F6hYmuYRCCchbjXvvqXlh%2BzTKZRXfPBZq4t2z3JFkDcsT44%2BbK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e06ab0a694c-FRA
expires: Thu, 04 Jul 2024 09:33:25 GMT

GET
H2 200 fullPage.css
www.bluefoundrybank.com/static/css/ 3 KB
1 KB 100ms
96ms Stylesheet
text/css 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/css/fullPage.css

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dba5ea32efe1c34d8b9632360fc11eebfd7c2e52e47154dd8214991e786442b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
age: 37803
content-length: 1039
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
server: cloudflare
etag: "d07-60863a459a15c-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVJ8XDljfKhO4WM6kD6DMm5V4%2BvfD7ofIOn3JQ%2FLza4Y4i9UcowxkmHx1xZkLZJlT7F1NO4Z7g%2BoEvcuEBA%2BHhkLc%2FcbXJs1qteeRdKRK2HTY4eins6Xuv5eqagOiJ2A1zVGFS%2BbNyCjA9So9Rh82FESfXUK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89dd2e06ab0c694c-FRA
expires: Thu, 04 Jul 2024 18:34:17 GMT

GET
H2 200 d51308b5b8.js Show response
kit.fontawesome.com/ 12 KB
5 KB 562ms
442ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/d51308b5b8.js
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85a485b04bb99ac0a085b66a983faa7de70891ee02122897fed66bf80dfa3e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Origin: https://www.bluefoundrybank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 89dd2e07090818c3-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F97NdPGjc82qs0Ij6kDi

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 303ms
78ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35804454-1

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5b61ed1955f0d860e171daeb19b71b35bfd5f2f9e6bbb9f846217052f457473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72801
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
83 KB 282ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-623152145

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

864c8436ba54bf60b2122c1f930f1434f162d7205433dbf952d06f99e2064ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84261
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:13 GMT

GET
H2 200 logomobile.svg
www.bluefoundrybank.com/static/images/ 6 KB
2 KB 195ms
193ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/logomobile.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b06360079c96c94368de474f9aa20c533c42116a98150cdbfe6106ce7207894

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"1673-60863a45432b8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgMn9RC92dbrEtnM6bbnhCAzXFnUmqsYspA43HbwDreeTZ8K3Xh%2Fr8qBhRV1anw3nGN1U%2BNTtTGCpPJyA%2Bg%2BBaQsaEZwShfhfxhxHFJ7gpOgjI74CPLSfi4YW8VEz4GrLdBknwh93i2vvGmdn9khuMqWueAv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e06ab0e694c-FRA

GET
H2 200 search-icon.svg
www.bluefoundrybank.com/static/images/ 353 B
2 KB 204ms
202ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/search-icon.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05870d75736fc5e346d2d1ce577218a6f7a9c83822c6c50b18a1ae7879f7e6f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"161-60863a458f57b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BmuB9D8WsLTtwMmp95WLzfEyVmG5HfsEcH6dK%2BCfcSSb%2Fwt9vP1WBJyRT%2FqU2gMDkj2x8SX4tqCGldJh5sA%2BxqmRDJd2bI%2FCr9OnXHMo1xvhDVUoF%2BhHJrnZ1y%2Fvxmq0B2e%2FMVaWPFaY24QrvSnddV0h8Zi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e06ab11694c-FRA

GET
H2 200 exit-button.svg
www.bluefoundrybank.com/static/images/ 302 B
2 KB 399ms
399ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/exit-button.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589bc6632113c57bc4c8dbfb7a7979d71dae97633b07eabe5050fa12f1b86c8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"12e-60863a4560779"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQU8SSFweqLsnZM%2B904CbKdg9DBLxLK%2B%2B7Kz7FxBMz5NK6pGI%2BXJAoEGU%2B7zcFUW7XfrDAHV3va3GYkgJTokZAa1CvbfCw6s2igvFoMpPVtlE6CfXnlhHr1L7Dv%2FYMqayx6axZZu1LYuh5%2BSWWQReZhko8Op"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e078bd8694c-FRA

GET
H2 200 bfblogo.svg
www.bluefoundrybank.com/static/images/ 6 KB
2 KB 140ms
140ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/bfblogo.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41ce39fce657cc393a1565607ac2b9d59312f24df331fddcdd635017ac7a748

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"1776-60863a45933fb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNobfFuP3c0p%2FUyOrIuIEJO93B1kLERSBEni2EDkULVqmOzHUSGaY92JXF0iwalRFJ4Aq4SrwpjgQKK19YGc8uVOuDIaGh4jhPunoKxldQZxGEKYj3UYpMvi6KTKdWsrF7AGQf4rTLrGTiWcuXi9wA6g7yb9"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e079be3694c-FRA

GET
H2 200 magnifying-glass-blue.svg
www.bluefoundrybank.com/static/images/ 331 B
599 B 129ms
127ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/magnifying-glass-blue.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9753e2701e296922bafeb8c13abb94a8a2502da47435722e0dd1c8bc961a87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"14b-60863a458e5db"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6N%2BnERcQrYqYsdPNr3ULwQA37eRszUJqmVMzwNQ6Vyiwj2D3wKeVeOGvATKwJD9kcGgWtbnxqnUs%2B4FnjNB7t8L3qF2bkCSL%2Fn95MDjMM%2Fo%2Bsu20ogbdcMyspr2WGA3zYw2YBs1MmGG26w5Fj3qs0LxwEm7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e087c95694c-FRA

GET
H2 200 7515_BFB_Icon_Full_Color.png
images.ctfassets.net/6s4kvfh91rz0/7511BfdUBYpDADMLIpbr07/182133261f1ba865df09fd37574790f4/ 43 KB
43 KB 301ms
76ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/7511BfdUBYpDADMLIpbr07/182133261f1ba865df09fd37574790f4/7515_BFB_Icon_Full_Color.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 75ef261853b2511e807fdc1b0cb84dd9e21df10e18952266601f83dd62c0783e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 19:29:10 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "92a6a0ca0cf956b452e06cae11bc61a0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 43961
x-amz-cf-id: Tf_Z4p00lQRXU2iIDAD_o6I1sfxmq0-zEva12LYmlha5f5XbRslClQ==

GET
H2 200 exit-dark.png
www.bluefoundrybank.com/static/images/ 230 B
629 B 155ms
147ms Image
image/png 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/exit-dark.png

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8def913dfd4e94c48508a3e034449afd9d048e9cbe2445740d70b8190d41f7d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-length: 230
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
server: cloudflare
etag: "e6-60863a4547138"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Mrudkbmf6%2FecZvwkFvZ5iDSprCHRpeB7%2BDItt5Txcm63F0gpXvD719GVj%2Fnnf4AWTH8aiIvDywStQvvl3aLvHBi35hFVYX7NOsrX5gPFSVp3NjklDPDgpdrkj0F6Xf7FXd1cbORCPI%2FtT34OY%2BSKWakIXyw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 89dd2e0a0df7694c-FRA
expires: Mon, 19 Aug 2024 17:48:57 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
979 B 90ms
32ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grCaptchaFix

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

863a26a6eb167488799e45278750c317099f451d0ad6919a847311d5277d5c8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 06:50:13 GMT

GET
H2 200 jquery-3.5.1.js Show response
code.jquery.com/ 281 KB
83 KB 257ms
24ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.js
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Origin: https://www.bluefoundrybank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10032657
x-cache: HIT, HIT
content-length: 84374
x-served-by: cache-lga21971-LGA, cache-fra-etou8220085-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720075814.646829,VS0,VE0
etag: W/"28feccc0-4638e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10, 2325

GET
H2 200 7515_BFB_Icon_Full_Color.png
images.ctfassets.net/6s4kvfh91rz0/3bjRukoeVlMNNian7zQ03E/8931bcce36a7cb90d72711f791d51bbb/ 16 KB
17 KB 308ms
85ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/3bjRukoeVlMNNian7zQ03E/8931bcce36a7cb90d72711f791d51bbb/7515_BFB_Icon_Full_Color.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ce2444aab0454ae108d870dd2ac7f540d01364e46353ad914047b26bceac644e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 13:18:30 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "8b34efb4be774ff0bc68f2ab8a4fcd14"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 16763
x-amz-cf-id: WrN2kbgxUnwfmTYoiziBoqWd-HQPNmdbrxldlfsOYVN1RqYFfi578A==

GET
H2 200 allyant.png
www.bluefoundrybank.com/static/images/ 141 KB
141 KB 276ms
270ms Image
image/png 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/allyant.png

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e39596719ef5e13daa92530dc5564481aac1b3d78fe842f63c1d93a82e87c3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-length: 144044
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
server: cloudflare
etag: "232ac-60863a4569419"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWMxE0dRINhkjEsgMVXkl0U%2BZOqLJ%2FDxwei1v6G%2BSSN2Q8Yfqy%2F51dVV2sM221XK64THPZfBrkVAqOXiDW4oRhqImGPEAmTfyCqTUy4t4LppIv%2BzCCxjgU7isYHPY5hHrUmagl5OiaDXCbwtzd5Sttwcyj0C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 89dd2e0a0dfb694c-FRA
expires: Mon, 19 Aug 2024 17:48:57 GMT

GET
H2 200 MF.png
images.ctfassets.net/6s4kvfh91rz0/1qy9Lqg4VZNLzQbciX5PhW/537358d8ded5311595a82a9ec8c25141/ 21 KB
22 KB 309ms
87ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/1qy9Lqg4VZNLzQbciX5PhW/537358d8ded5311595a82a9ec8c25141/MF.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 45e6b0e738b016f79508c43692a2560a0626af776b98d15599a8cd3f9fd4c782

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 14:38:37 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "8f37be7a7ae94cb24fa728865fe68d46"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 21918
x-amz-cf-id: 82Sx3ZXdEF5HgPXYVN7pEsal-ZyYFn2MhASoIfoCB1uul1l_7zhZlw==

GET
H2 200 EHL-NMLS_lockup.png
images.ctfassets.net/6s4kvfh91rz0/22eSM2QieZne337HU7IbS/ad5084f0f0a8547526c5c6aca6fd3cad/ 40 KB
41 KB 431ms
209ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/22eSM2QieZne337HU7IbS/ad5084f0f0a8547526c5c6aca6fd3cad/EHL-NMLS_lockup.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9dd3a27c2c6fc4b4950e623aef18602c7efba0b7c83f552a833b8a9c3f0df0f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 14:39:20 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "c0b4696718125b42ed96afe40a9fc39f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 41412
x-amz-cf-id: ATpXKIWF9e6O5fWUPa2Nnujv4QKxMtVqmo6nt6NUy_BP49hTC8dBkQ==

GET
H/1.1 200
OK embed.min.js Show response
home-c35.nice-incontact.com/inContact/ChatClient/js/ 13 KB
4 KB 857ms
202ms Script
application/javascript 44.238.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c35.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.231.3 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-231-3.us-west-2.compute.amazonaws.com

Software

Resource Hash

6d48929bf5eae1cd3dd011d61a9f97a8767a0d6a877d7ee7231882fe3cf5a94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 06:50:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 29 Apr 2024 06:18:30 GMT
Server: Powered by Nice CXOne
ETag: "0ffe8dfd99da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3195
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-1.10.2.min.js Show response
www.bluefoundrybank.com/static/js/lib/ 91 KB
32 KB 145ms
131ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/jquery-1.10.2.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3227c1f0bd7127f9b7fd63630f1868bd5c865be599bf536355d63222b353c197

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 32811
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "16bb7-60863a479eb14-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reDOHJHe%2BX0%2FWT9m5WF8kwrn1zxriFwLrrGcN7APFvAcs5k7B4QnH7VClMyDk7AplFEHHOCMQULwP0Rvh1xTsA7BSwpNpam2k2b%2BtIyVUKSMYBBMu%2Bbtsmjp7T3nzfwWHogbdTkl2S8vRDwMKG%2FuSk6%2FrERE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edcd694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 noconflict.js Show response
www.bluefoundrybank.com/static/js/lib/ 1 KB
984 B 128ms
115ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/noconflict.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a82af501618f7450a51b11f12398f6782de351b63f4cf8a96a98ad3b11c7c87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 565
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "420-60863a47a3934-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNcDV7y9b9%2Fa5yGRf3NzRZ6%2FPsIma5O1HaU1ZR0F6TJP2XK7IdO61%2BL9ptH4LWCCheNunZoDFxy9IR6ag4SgKhRdn2mgUrke%2F77wbcv7UhMIjByFOtpmpDnG4GSB3hVE%2BwAzL%2Fg%2B%2Bfz7%2B%2BcFQ622XCXwhS8M"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edcf694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 ccard.js Show response
www.bluefoundrybank.com/static/js/lib/ 773 B
2 KB 161ms
147ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/ccard.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ed1712bf06fe8cfc326b50a015b504f6b59cfd2872db1de6d0b31c5ec65baf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 443
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "305-60863a47a2994-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MspsUn70i7wbscTJ4%2BOGUKfZj5eSFpAAvdFIexkFzO7y4JZgv1joLWvwxFT%2Ba0S7iZPozOU7hj3sOjwlUhoK9YVnxidYWj0eieUZMPbd3Uxnh5cfpqSxCQPLco63ukU%2BpjwgKuXjCU9nedKJX59XNKEleP3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd1694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 modernizr.custom.min.js Show response
www.bluefoundrybank.com/static/js/lib/ 9 KB
6 KB 152ms
139ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/modernizr.custom.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06baea430b3a81d68c399be883f8409cc7f01f37e5ac35f084b71ee540289435

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 3957
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "22ae-60863a479fab4-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXBFfJyGSlu2qIrBai6CaenBdt2YJoX9KzJ%2FZ9CtwDgYECeOzDmtENWky4haIT3t%2BhnzKNM%2B2amHM9iC9Ngnn10oi7P1lxxSSEDmmA7tByKrd2l6vy9V2dAsOEj%2Fyq%2FYCsNUlmM0k2LjXKHXFJmGWPQlMpRd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd3694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 selectivizr.js Show response
www.bluefoundrybank.com/static/js/lib/ 23 KB
7 KB 147ms
135ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/selectivizr.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195f8020c0e8e016bef78e5b471c9094622b491bf8abfd8c5814892e3f81a148

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 6555
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "5d3e-60863a47a0a54-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2IEygT%2F5dkdpfnY%2B1QzcDRIjlj1orK9cd73QfJ8D2EmUsx4HHC4GqrLdQw6iVnN1iiDrlzYpfR2ugdSz7XjH0jLNdmYTCXsZW9Q6nd0qpbd9thE5RAASWSPVajbZPDwgi2El1IX5mpRsAR6DKi2dkmKBiAv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd5694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 matchMedia.js Show response
www.bluefoundrybank.com/static/js/lib/ 2 KB
1 KB 145ms
133ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/matchMedia.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0c05ff30d9cfcf9598a7b36b7d6c3766a47ad02b69fbad7ff7db37e34e13e3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 715
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "6d2-60863a47a0a54-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BemjAmBBjqQsTr26AWqv9tSrK7ob3%2B0GW4jBQwXG4r1F8KGb%2FAON7FivLy8bRT7r7hghROWKl9CLuUA%2BNB1CY%2FeatudTWMhMr3lICBcQ4PJYqIyQGioIrSEoBRfDiHLu3flV%2BX2ER21UX2seJLJLyE%2FtWxU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd6694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 matchMedia.addListener.js Show response
www.bluefoundrybank.com/static/js/lib/ 3 KB
3 KB 146ms
134ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/matchMedia.addListener.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eddc071cf14ec2d9141aef93053966e85dc66f46044ebe6a91f7c83384c5a748

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 982
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "b4b-60863a479db74-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVYbiL5v2KExEqtLYfJuXWEG90BlxcrbGAtK4Lb7Xs84c5FxbDkr9M4gC3yPD3HSPCSab87LiM%2BIly5kT1HeyD9pgaNr%2BedqmnoklZczPGIvMMvudyDsv49hoLTBibpaUadBesN7%2B66MX%2Bn8NdVOYS7U1xCH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd7694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 enquire.js Show response
www.bluefoundrybank.com/static/js/lib/ 10 KB
3 KB 150ms
138ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/enquire.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4461cd77932eca376c1e85f93859c2e54817ea57887a7be995391f35571bd5dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 2589
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "2655-60863a479eb14-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0ihem%2BVl29n45YdvxSBzBG7yHssPQCB3nUqeP8TAk2PJ36oUEySmlHelWn4LArMj4orffF8wg%2BNUe%2BIatTnHO%2Fw5dOz6fqVWXvmMWrOmxq8LPsQGGL9aM7Zf0Gmd0A%2BJKxNt76lEXjqdJeURc5DEGK2QZq4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edd8694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 jquery.cycle2.min.js Show response
www.bluefoundrybank.com/static/js/lib/ 22 KB
9 KB 140ms
128ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/jquery.cycle2.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42d27be53d15d2e2cd4575896c054737b7f46fc914bc6fe44b06b6cd35b2285

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 6916
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "5779-60863a47a3934-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KmMdWuiQYbdbCYpSaDClQDIgK2F5lHIDAvXRbt3QcHbHxCEqnhkcm57%2FewwceZzff57ii95io%2BsmYuOwj%2FW1B6i3LXC2RS2%2FpawYI7d8uzfnDt79kbzW1BlZo%2B3imvlA5kQYxzC%2BbriJNuc2NT1%2BwlyrpgMi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09edda694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 jquery.cycle2.swipe.min.js Show response
www.bluefoundrybank.com/static/js/lib/ 1 KB
940 B 147ms
136ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/jquery.cycle2.swipe.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75acad01b36502fbc73925d7740cd061c31c7201990334ded2ee93337657b64b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 560
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "52d-60863a47a3934-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nQP3uoxB7m7BpwlnyDYHAra6A45fMgdTpPElB1EYmJ3ilD35UQMVfjKNe2X0z9BZUimrH1XxB5WUvDPVEjWEs7n9dSsiqzzQfqbDdxLAWK3Tq9rwKW1Gj2%2BPKo7pKoJd8mj%2Bz%2BUyBSL0DGIZpp3GNcH%2BiB7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09eddb694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 slideshow.js Show response
www.bluefoundrybank.com/static/js/lib/ 2 KB
1 KB 412ms
400ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/slideshow.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be390235a8d6800975f0b705effd5dde47591d49fadad9ddc64a67fd81cae3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 714
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "60e-60863a479fab4-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AL4od4FD5WGpYibrKU2NxCm9dhTTV5mbedqCi1%2F%2FAtioNyUO%2BFAeqV87ihLPzsK7RMtkmHA1nzsZIU65Zq%2FPLv7dCRdDpzejwvORTMO0nTydUF5YxS%2FwrKNGEHc0l1AMLAw8Q1urLsc0EU7GYzFukfJRPBn6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09eddc694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 imagesloaded.js Show response
www.bluefoundrybank.com/static/js/lib/ 7 KB
4 KB 405ms
393ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/imagesloaded.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c40cfff97e5940990e1827fa519e0b6edfd1a33c0fa5a7a85a307d79f4473d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 2316
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "1af7-60863a47a2994-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUKhyCxE2lN%2FsMyRaoi0MndgkFB8w1a8m9gQkYZQWPc6u1S9dYCXLEWkjTWSwaRIVJpoa2E%2FJN3J2L0hZ3vGAULy0pT6LLwudEXa5coDFd6y7Z%2BSHqtY75faY6sUTp8YVYuJ1bCZt5XQvNiZ08A4Zj2oqjE%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09eddd694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 bootstrap.min.js Show response
www.bluefoundrybank.com/static/js/lib/ 36 KB
10 KB 135ms
123ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/bootstrap.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184ca94e411472b38d868d0f8f4b0a519fc4111d5f88d05fe0ee0a970a555c45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 9777
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "900e-60863a47a19f4-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRMyM7DMXTJe5jupbKfrWkoHEI8RwvjeG9LI8XTVNvu8akax5mPilQyd3jys%2FeJFQjwYwS6I3mysRVp1mQuQk7j1gTon%2FrG1Wtl8nVTmTOnrnMxmBoGX9hw%2BFsHqmcHiqj2W1uMlh6fcO9wMiLkPo%2F3hohKT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fdde694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 jquery.flexslider.js Show response
www.bluefoundrybank.com/static/js/lib/ 26 KB
6 KB 179ms
168ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/jquery.flexslider.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d63d107df4ea532423c769663bc36072a7c3e280de05948d8f27cbf52bd90ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 5464
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "67e2-60863a479db74-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rYG%2FfQTcwr52jRjpySO5nG5lavp7pTQ20yVkQ3XYiB07%2BQHym9QxIql%2B%2BqkQc4WT1SRoYZLWC9iP5YmokFWCY1T2%2FmAu9L4H9IEL%2Ft2S4DITaM22g%2B5XPvH5VpWdSrTYeSrOJtkT1xglU4IFVsCudHdtj%2Bf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fddf694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 accordion.js Show response
www.bluefoundrybank.com/static/js/lib/ 3 KB
954 B 149ms
137ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/accordion.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451e9406287825318e878c098bf82e3d1d236a119c6db5aa6b959f5e281e1b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 570
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "a97-60863a479cbd4-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O2%2FSy55JBkclRX5gLzYAiBzrJ4jpxwJabE%2FtOOaLh2nrjLfnot8wvvFHmdflxAaKgYEJfs7fNHWkvkPmJ%2Fs6%2FtolWevvVO669TEBnv9q4qmLwELYIKqYGWFYv7Zh7nDNv3aa8bsK5nVqO9z%2BUF1W%2BI5%2BNCto"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde1694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 onepage.js Show response
www.bluefoundrybank.com/static/js/lib/ 3 KB
3 KB 412ms
401ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/onepage.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4c561087a6ce2b6cef0a6581d05a3171d186135ac9bcec83ec8ddd5278d110

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 515
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "a8a-60863a47a2994-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3SGarU7Zb5Q4Dk7yHBLT5d2YjQdVH8xzQ82%2BZVwQGmAUyKYWQFn87W%2BFMAmsi0NndvM10MExlqxO4j%2F5rd4BABDfd7T85b%2BTFjfMie2I%2Fw30GVpiOtt4k1aYppnFj7snk3PBxNhltUnQshNy7AKl8WA1kyx"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde2694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
www.bluefoundrybank.com/static/js/lib/ 23 KB
9 KB 464ms
453ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/jquery.fancybox.pack.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df80e28c49d2b190517d5b14a5d599028e5d7f7a55ddd3b86f0f9a420fac724

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 8669
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "5a90-60863a47a19f4-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SE2suuQtCYvRgCC7RYtOzxCb%2F%2B6Y0KarALaBGhvBzu2XfjNgFp8eZpJhJJ2r7c%2BpYdukSmcoHSlYc6BE0E0g3Mmb6YXiokylCcGILGKYqw1oL7gxGZyTFuOwWOL%2FMrrR9UZUpCzT3Rz3b52pOnUoGg5Kp%2FMQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde3694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 llrouter.js Show response
www.bluefoundrybank.com/static/js/lib/ 3 KB
1 KB 406ms
395ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lib/llrouter.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4df51b5dbef0cc8ae3bb5eee348b24f4e13fa9efe831ba9f365f65726968084

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 879
last-modified: Mon, 23 Oct 2023 15:11:54 GMT
server: cloudflare
etag: "a77-60863a47a2994-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6G%2FvvmJ4GnF05mn%2FY0mxW4C%2FSnM9geoow2tFVUd%2F7Jl7m0AnOi0eetj89yPjIh3v8ZNy4kVdA2%2Fqr%2ByYM%2FDk2bwJgbjQ1Vptwh0NlK2cCgIRoq3y%2FnbzJf60nymQJYr2zjEq6mGHw%2B8rFZOstYJjzcHWmZl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde5694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 43 KB
10 KB 36ms
26ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/slick.min.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:50:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1221568
x-jsd-version: 1.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10035
x-served-by: cache-fra-etou8220114-FRA
x-jsd-version-type: version
etag: W/"aa39-F/+INHoWuPhKTMUEacs+KfI31SM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.js Show response
www.bluefoundrybank.com/static/js/ 8 KB
3 KB 161ms
151ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/main.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b849fe1a3c4ef70d564fa0a6995f50855190bd7be2db071e4b74d0396502b46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 1493
last-modified: Mon, 13 Nov 2023 14:25:20 GMT
server: cloudflare
etag: "2170-60a097098ecf1-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHbY2%2F2NO9HwhPp6U1stzSNg34rnHU8PSwHqnTEvrwnKYNq9YZAyuJfLrdQkXrIj2bvUU7OqUKQj3UJ8YdYFEiRTEG4dWxkQdNt7CVTWyfhxMlLAbI%2FLofxnY96voCQOpefSpcasrxWUQSuZSXm%2FGEj%2FHbxT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde6694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 general.js Show response
www.bluefoundrybank.com/static/js/ 47 KB
11 KB 145ms
135ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/general.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c03ced33ca68b073d6be135cc18431777d6ab11fdeb29095fd0556735aa68e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 9428
last-modified: Thu, 20 Jun 2024 15:01:27 GMT
server: cloudflare
etag: "bb44-61b5396d645ef-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUJOagM9XDJIpiKBmA7URX613pi8838bH8hZcj6JgpCz%2FHK7RcWso0uVGYQghRSj7i8Ft%2F6FyYdHcmZ6orhYitxWRrr1V7blYKTpG13O%2B3k%2BtfMikhqBfkMS4BA7IdVgj1OS9dPKffRNnyf%2F5adx4RQFlGX9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde7694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H2 200 lazy.js Show response
www.bluefoundrybank.com/static/js/ 2 KB
927 B 458ms
449ms Script
text/javascript 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/js/lazy.js

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d922a106e9768edceec2499160b0ceffdd073834684835470eeb87241383627b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
content-length: 587
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
server: cloudflare
etag: "737-60863a459b0fc-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmGSt8JWJ2qHUk6EorTwSIHf1Vvx0yy3lsdurh%2BkISfGgfaf5jGjwsUs1i3g6v76PHVvtZACc3WfjNd5ipcaaeAaPjf4QS16V3ih%2FYr3qbEZH%2Bjqo83%2FMZcsd1nvnJft76XtyOIFCbXg0%2BBtVhZp78xl3K1O"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89dd2e09fde8694c-FRA
expires: Thu, 04 Jul 2024 07:49:12 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
23 KB 86ms
40ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=d51308b5b8
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d51308b5b8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 283104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fon6VLhTB1lzii7uXNaAwRdSfU42Z5ETkN%2BkGUNxEqx9GpNv8lJOK7I8dTcQBkDn6lOeiFmMe9eLpP%2FIMzMV5BKsJUrEhvng5pNliKbAdxe2jPfXpXjr3tUeu%2FsM%2BAIAe1%2B4tdBj%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89dd2e0a1d5e39eb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ITVUizBikg1MT27BX6TqiGSnXWRxWtslZqaQ61R8b9SiFRG-YmnVkQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 111ms
65ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=d51308b5b8
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d51308b5b8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 37803
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcMlVIbPpZ8Q6lX9yMGSByTXsXbrYckA%2BXVpnpURfnlx12sStcOn0L%2FDoQeplTA0q%2B3ZtMXzwtIOPUMADErF8wP5OY7mc1ClWEh800vAxK3ey7PXJ0LBvlb5%2FShXLiEwhdbL0Eq50g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89dd2e0a1d6139eb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IkZfeyj8oReP2P9Iw8o91ZupSFztW3YKuSvv7L28qxB9KNfJr2TpnQ==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
1023 B 84ms
39ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=d51308b5b8
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d51308b5b8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
via: 1.1 c554699ee704a19f7545cb8005037198.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 37803
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8i6PokMeVaDDDSOrI67rc1qAtpb%2Bi6V3FIR4LJDwz97tpNGjp0xbKnZQUlUytGAXYuoLhN1TZFjpIWESS4Qwp1weRKUbHKYr3Fm6UHWKSs%2BCQJ5G%2F7wkBt8CgFj42JwuJLXU%2F675PA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89dd2e0a1d5c39eb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nPC_4KEAbV0L-3mG8_mpmPSuvmU-dlRJu7ECP9x581of6bINAwldSQ==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 109ms
64ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=d51308b5b8
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d51308b5b8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: gzip
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 37803
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5NNH%2Fqg4jzeax3dYYX0xwc2BmGGCaycuoJSxqgewmIEAoVijqRoSg12BoOMkfP3lV%2BqtgL2FgtHH2QN8Vmw3%2BJQ%2B6lXlf%2B1gjusGBsWcAwISiU%2FPG1lqAYBHUqHgv5O8BNF%2BENQGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89dd2e0a1d6039eb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: XsQ93TLtXAHBtwektsEw4J_b0lx_AeOBoxZxLYdvydHWfKsVp3XEYQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
108 KB 354ms
132ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc8e0ca108e3f9ea902cf9c1fcbbab4060108c7037aa86e903891f04c89c48e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110843
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:13 GMT

GET
H2 200 exit.png
www.bluefoundrybank.com/static/images/ 230 B
622 B 144ms
140ms Image
image/png 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/exit.png

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/static/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ec9433cbae467a964b1737394fe4998264dd705b9dbf624ab1c2ddd0c1654a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/static/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-length: 230
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
server: cloudflare
etag: "e6-60863a454a018"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2I4TIJ6Z6IkzMoB2xAgNwe5g28JyIn3AOadt2wyk2zeD95iylsQEfWhEa1Jane1FKplPSl9ZgfyZXol1YCnv1AFhqA3F8s8l4o6WknFtOcRDvT4kdqyF%2B2mzVgoO7viUoBFfCqQTvw6PPhNqun19%2FF7HOmX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 89dd2e0a0dfc694c-FRA
expires: Sun, 01 Sep 2024 14:17:44 GMT

GET
H2 200 frantisek-g-XXuVXLy5gHU-unsplash.png
images.ctfassets.net/6s4kvfh91rz0/2IMujVWOVCNNYllEcuSbbi/48d676e8e010a111872129f820f9c872/ 3 MB
3 MB 245ms
27ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/2IMujVWOVCNNYllEcuSbbi/48d676e8e010a111872129f820f9c872/frantisek-g-XXuVXLy5gHU-unsplash.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 73aac3eeabbf05af02fbdb8282c56977d9df2725136fe89eb255ac72d7e76a6d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 13:50:48 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "3ac7b65b941875f31b67f4fafd0becb3"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 3442248
x-amz-cf-id: ceScOJIWO5lu0aU902YbV5J7GSp8JoQcpBx4aLUdIjKRdiC6DaphPw==

GET
H2 200 iStock-1262941092.jpg
images.ctfassets.net/6s4kvfh91rz0/1lsqpYnZDuD9chyLsvb5NE/975543d395f861a134d527c366f771f0/ 657 KB
658 KB 202ms
202ms Image
image/jpeg 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/1lsqpYnZDuD9chyLsvb5NE/975543d395f861a134d527c366f771f0/iStock-1262941092.jpg
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 045abd7f1f8eeddac67cf7fd2067178f77056c3a4dcbada3e8577d903855811c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 17:47:43 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "e9863f0a985d3d36b95f0cae77c25471"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 672320
x-amz-cf-id: scWIB72ad6577Bf0wZSewAjJ9hXB7cBEJ9yeAPOYmAzDaNFUBqd1fA==

GET
H2 200 iStock-912322946.jpg
images.ctfassets.net/6s4kvfh91rz0/3eFrlxL9TyiPJSYzmsE6OK/32b4c7e8e96ed7ddbb07c71d13f7e6f4/ 86 KB
87 KB 203ms
202ms Image
image/jpeg 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/3eFrlxL9TyiPJSYzmsE6OK/32b4c7e8e96ed7ddbb07c71d13f7e6f4/iStock-912322946.jpg
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6399b4edd0a5e17e931d3811b8890d0f5c44c9f7fcf3310b3549cf9f2e793356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 19:43:34 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "ba20066c1f2148987a93d7c5fd54a31d"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 88133
x-amz-cf-id: jC9q6bjY6U-GJ1G7FGN-znEFrN4JnR994gapUzel9LEMCh2SBShuPg==

GET
H2 200 iStock-1219638428__1_.jpg
images.ctfassets.net/6s4kvfh91rz0/6IOMqVBz2ePHTSVROsv2cz/3be57f4e33ff39facf1d7868ccdbf476/ 114 KB
114 KB 203ms
202ms Image
image/jpeg 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/6IOMqVBz2ePHTSVROsv2cz/3be57f4e33ff39facf1d7868ccdbf476/iStock-1219638428__1_.jpg
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 009ff42f8acf66ec69c73ef8d3ee518477a1baa201dd4ff27ee9089b6536c72c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 23:22:09 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "43315798d14776f474b8fe589b0ba394"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 116736
x-amz-cf-id: kaCl4OrM8hgS4kRBL3N1-WXwTHw8rTaUiAJilk6lXxP962PbrX70tQ==

GET
H2 200 btn.png
images.ctfassets.net/6s4kvfh91rz0/RxiCvCzLKntuJm9RS9WtM/bab349119ebe422788ec9af98422492c/ 186 KB
186 KB 203ms
203ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/RxiCvCzLKntuJm9RS9WtM/bab349119ebe422788ec9af98422492c/btn.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5c41bf9008c253aab868e94b850370ec99439f8b72fd697688ef4f1b89681048

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 14:36:26 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 13:49:49 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 58428
etag: "b7494fcaa3b9e78bad7fe232ce4ca153"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 190122
x-amz-cf-id: NJs5pcsWJAIlkNn-PyC9umozp3wNOkf-Lcnhsj3VEAP0K4ITUvWIsA==

GET
H2 200 iStock-1395058281_Crop.png
images.ctfassets.net/6s4kvfh91rz0/2ISyLd3Itz1LtWn7tCJAER/34066632516f1aea58f3b7e86d99d142/ 659 KB
660 KB 386ms
212ms Image
image/png 2600:9000:235a:1200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/6s4kvfh91rz0/2ISyLd3Itz1LtWn7tCJAER/34066632516f1aea58f3b7e86d99d142/iStock-1395058281_Crop.png
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 16d02265d8f681fba257d487b2b819ae29b4693aed380d8a85ec79cd8b0c6fe1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 10:47:16 GMT
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 20:37:24 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P9
age: 72178
etag: "c318a9a30918587028647f4aaf8c4119"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 675151
x-amz-cf-id: iFcc6ntpwyoKURfYbQ0LM8Wa2ONDsd0hNKQH0SxvAFGh4dJsyC41zQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 536 KB
213 KB 190ms
26ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grCaptchaFix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Origin: https://www.bluefoundrybank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217833
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Jul 2025 00:25:59 GMT

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 115 KB
116 KB 37ms
36ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Origin: https://www.bluefoundrybank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:13 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 37803
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UumBckcnJInaCBXcudH2t9wLJzJyWa55b82Ivwq7LdB88qahNuLSh2cJMCUTDgaxtg3QsUw2Rbqz7pQ80H%2B22ColCA%2B3ymDYyouxiWObAuqPSMitnoNTx1hgzg7BlRvODNEm7DFdZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 89dd2e0ade1d39eb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 7_lI81zTMsC2m0LhYjPLsdSrQ-i9I4kcd5fHgD5arzfrhq5lLg8DDg==

GET
H/1.1

200
OK

ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93;ip=217.114.218.19;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93
https://trkn.us/pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93;ip=217.114.218.19;cuidchk=1

42 B
721 B

44ms
44ms

Image
image/gif

2.17.147.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93;ip=217.114.218.19;cuidchk=1

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

HTTP/1.1

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2024 06:50:14 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/conv/ppt=7142;g=sitewide;gid=25474;ord=8707735114636.93;ip=217.114.218.19;cuidchk=1
Date: Thu, 04 Jul 2024 06:50:14 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 73ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35804454-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-623152145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0df14bb39137f9e2adf5bcdb33b81df8adef73b682789d0d1aa94689b3d2e2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72773
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 141ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35804454-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 05:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jul 2024 07:41:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
105 KB 94ms
94ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0W44DEMDVW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de0c4a566ca1c7a493e87e0a8877e24df83918d9a265a3a10c04d6072ba0baeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 06:50:14 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 205 KB
75 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9488395&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae4698d6ed0a206feb219b7f21421f2b60def8137be6da1653e77df4c0e48421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76215
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:14 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 82ms
81ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-732488980&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

248072d075656cb9d0a7b6a1287b84808da51262577e31f1e42481a2956fea73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84196
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:14 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 174ms
36ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=75636
accept-ranges: bytes
content-length: 14004

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 87ms
82ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10709496

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2DSKFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88e2e73929870a6885fd04b1c355dbe78d2941cdf96811a355016503518fba6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78009
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 06:50:14 GMT

GET
H2

200

activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3...
9488395.fls.doubleclick.net/ Frame 3F2E
Redirect Chain

https://9488395.fls.doubleclick.net/activityi;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand...
https://9488395.fls.doubleclick.net/activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;ua...

0
0

71ms
63ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9488395.fls.doubleclick.net/activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9488395&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Thu, 04 Jul 2024 06:50:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9488395.fls.doubleclick.net/activityi;dc_pre=CKrfpt_ljIcDFXIOogMdHQAB7g;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0....
9488395.fls.doubleclick.net/ Frame 9D58
Redirect Chain

https://9488395.fls.doubleclick.net/activityi;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8....
https://9488395.fls.doubleclick.net/activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86...

0
0

71ms
64ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9488395.fls.doubleclick.net/activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9488395&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Thu, 04 Jul 2024 06:50:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9488395.fls.doubleclick.net/activityi;dc_pre=CIfipt_ljIcDFRMGogMdkNkOHw;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CCh...
ad.doubleclick.net/ 0
23 B 110ms
61ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9488395;type=landing;cat=allpa0;ord=1;num=2184367781431;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=898839037;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11263998738943188614"}],"aggregatable_trigger_data":[{"filters":[{"14":["8725329"]}],"key_piece":"0x2bd3fe80ae571a03","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xa15c080d6b399dca","not_filters":{"14":["8725329"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"8186004110364972300","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11263998738943188614","filters":[{"14":["8725329"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11263998738943188614","filters":[{"14":["8725329"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11263998738943188614","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11263998738943188614","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9488395"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...
ad.doubleclick.net/ 0
23 B 105ms
57ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9488395;type=convert;cat=homep0;ord=2391117876096;npa=1;auiddc=1269539177.1720075814;ps=1;pcor=1990238141;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8812361235za201zb812361235;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bluefoundrybank.com%2F?

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11606980134790524674"}],"aggregatable_trigger_data":[{"filters":[{"14":["8725344"]}],"key_piece":"0xf50702049b72f829","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xe87f09dcc8fdd3c","not_filters":{"14":["8725344"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"1493619438834435520","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11606980134790524674","filters":[{"14":["8725344"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11606980134790524674","filters":[{"14":["8725344"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11606980134790524674","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11606980134790524674","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9488395"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 32ms
31ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1729512643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bluefoundrybank.com%2F&ul=de-de&de=UTF-8&dt=Personal%20%26%20Business%20Banking%20in%20New%20Jersey%20%7C%20Blue%20Foundry%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=968852791&gjid=553040124&cid=1198138513.1720075814&tid=UA-35804454-1&_gid=1100849038.1720075814&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1781005124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefoundrybank.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ChatClient.aspx
home-c35.nice-incontact.com/inContact/ChatClient/ Frame D09D 0
0 788ms
205ms Document
text/html 44.238.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c35.nice-incontact.com/inContact/ChatClient/ChatClient.aspx?poc=ab6c693d-2cc4-49ca-bf36-89dad4bd1b74&bu=4601701

Requested by

Host: home-c35.nice-incontact.com
URL: https://home-c35.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.231.3 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-231-3.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 745
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Jul 2024 06:50:15 GMT
Server: Powered by Nice CXOne
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK chatButton.html
home-c35.nice-incontact.com/inContact/ChatClient/ Frame BFAE 0
0 789ms
198ms Document
text/html 44.238.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c35.nice-incontact.com/inContact/ChatClient/chatButton.html

Requested by

Host: home-c35.nice-incontact.com
URL: https://home-c35.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.231.3 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-231-3.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1669
Content-Type: text/html
Date: Thu, 04 Jul 2024 06:50:15 GMT
ETag: "06e678fc99da1:0"
Last-Modified: Mon, 29 Apr 2024 06:14:20 GMT
Server: Powered by Nice CXOne
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET attribution_trigger
px.ads.linkedin.com/ 0
0

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F&e_ipv6=AQLt2SHIT0p1LgAAAZB8ggdnPG_bt4xPrnbzKnKxKD2R5RC9avZyA69aJrLKK0hc1c...

0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 96ms
33ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35804454-1&cid=1198138513.1720075814&jid=968852791&gjid=553040124&_gid=1100849038.1720075814&npa=1&_u=YEBAAUAAAAAAACAAI~&z=86161465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefoundrybank.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-0W44DEMDVW&gtm=45je4730v9101592065z8812361235za200zb812361235&_p=1720075813402&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ci...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=5805940474119797098&dma=1&dma_cps=sypham&en=page_view&gtm=45je4730v9101592065z8812361235z...

0
0

42ms
32ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=5805940474119797098&dma=1&dma_cps=sypham&en=page_view&gtm=45je4730v9101592065z8812361235za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=5805940474119797098&dma=1&dma_cps=sypham&en=page_view&gtm=45je4730v9101592065z8812361235za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 512
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 29ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0W44DEMDVW&cid=1198138513.1720075814&gtm=45je4730v9101592065z8812361235za200zb812361235&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0W44DEMDVW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefoundrybank.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-0W44DEMDVW&gtm=45je4730v9101592065za200zb812361235&_p=1720075813402&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198138513.17200...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=12650686821814538117&dma=1&dma_cps=sypham&en=open_account_button___all_clicks&gtm=45je473...

0
0

50ms
41ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=12650686821814538117&dma=1&dma_cps=sypham&en=open_account_button___all_clicks&gtm=45je4730v9101592065za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1198138513.1720075814&dbk=12650686821814538117&dma=1&dma_cps=sypham&en=open_account_button___all_clicks&gtm=45je4730v9101592065za200zb812361235&npa=1&tid=G-0W44DEMDVW&dl=https%3A%2F%2Fwww.bluefoundrybank.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 525
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 attribution_trigger
px.ads.linkedin.com/ 2 B
748 B 199ms
198ms Image
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F
Requested by: Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3349EC37BEB24926B5FFB4300DB6472A Ref B: DUS30EDGE0721 Ref C: 2024-07-04T06:50:14Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcZlvtKpEMpkwxo8+Dgg==
x-fs-uuid: 00061c665bed2a910ca64c31a3cf8382

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
34ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35804454-1&cid=1198138513.1720075814&jid=968852791&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1381577198

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 06:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H3 200 ajax-loader.gif
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 4 KB
4 KB 31ms
30ms Image
image/gif 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ajax-loader.gif

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/accessible-slick-theme.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/accessible-slick-theme.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:50:14 GMT
x-content-type-options: nosniff
age: 616255
x-jsd-version: 1.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4178
x-served-by: cache-fra-etou8220109-FRA
x-jsd-version-type: version
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 semicircle.svg
www.bluefoundrybank.com/static/images/ 371 B
2 KB 135ms
135ms Image
image/svg+xml 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bluefoundrybank.com/static/images/semicircle.svg

Requested by

Host: www.bluefoundrybank.com
URL: https://www.bluefoundrybank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5943670768bbb1c5ff0499875f65eafaddaee19b99f12daaa0071af7360ea5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"173-60863a457017a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Dh%2FnDj%2FdTQfgogAF%2FMjuKiHlRyAhFPoy7JahzxXKPaakpHD4lj%2BaxuDo9WJsIYPzRcWKC9jtVGRsmOhI%2FM%2FNhfL%2FDPii9WduP%2BkTWanvdBIqYMkLj2qZM4tXXK6grd%2FFmguxHDnWoCIKbVepsnbAX16lmf5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 89dd2e125cdb694c-FRA

GET
H3 200 slick.woff
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/fonts/ 1 KB
2 KB 78ms
32ms Font
font/woff 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/fonts/slick.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/accessible-slick-theme.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

56500ab0cde6f2d4378a2b105d7f48f729f23b0b5186c2ae3fc80ab57b1e43b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/accessible-slick-theme.min.css
Origin: https://www.bluefoundrybank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:50:14 GMT
x-content-type-options: nosniff
age: 1381549
x-jsd-version: 1.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1356
x-served-by: cache-fra-etou8220137-FRA
x-jsd-version-type: version
etag: W/"54c-ZU6dK+hitsLcfZKeiIkxM1us9Ck"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 4E4E 0
0 123ms
57ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9&co=aHR0cHM6Ly93d3cuYmx1ZWZvdW5kcnliYW5rLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=mgg2sy1fxnl5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n2BPbDQaNggiIe2Pufjrwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n2BPbDQaNggiIe2Pufjrwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 4530 0
0 74ms
48ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sCmBRvBI-czryfSPD8f__A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sCmBRvBI-czryfSPD8f__A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST /
px.ads.linkedin.com/wa/ 0
0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame DE8B 0
0 40ms
37ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gXjbJQG5RfGAWUxOd01WhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gXjbJQG5RfGAWUxOd01WhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 37AB 0
0 84ms
37ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lcuw6sUAAAAAB_m9kpHTDAI67TRtak8gKfE4WG9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zy12iijzT3eTTb6kwcl0jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bluefoundrybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Zy12iijzT3eTTb6kwcl0jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 06:50:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
www.bluefoundrybank.com/static/images/ 1 KB
1 KB 130ms
130ms Other
image/vnd.microsoft.icon 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a1a7f7a430be5a1407b579ff976d25f7f8d2067e410fb4f9703dc28207813f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: br
server: cloudflare
etag: W/"517-60863a45451f8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAnY91Q69cEqd1KT%2FR6buPK%2BQ1KtPTf5rUXJes5KJ3zrAe8c9Jm0b0ZgNUeCvZXrykoV5SeqrS72%2FwKRsR%2F3%2BtHLXok%2B3roV%2BBMLCfxGe8Er%2BSVWdMX3WLWSJ7mm0Xg3sJpgXhn8c5BcWkWsZeedgc0VmPZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cf-ray: 89dd2e202893694c-FRA

GET
H2 200 favicon.ico
www.bluefoundrybank.com/static/images/ 1 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a1a7f7a430be5a1407b579ff976d25f7f8d2067e410fb4f9703dc28207813f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:17 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"517-60863a45451f8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAnY91Q69cEqd1KT%2FR6buPK%2BQ1KtPTf5rUXJes5KJ3zrAe8c9Jm0b0ZgNUeCvZXrykoV5SeqrS72%2FwKRsR%2F3%2BtHLXok%2B3roV%2BBMLCfxGe8Er%2BSVWdMX3WLWSJ7mm0Xg3sJpgXhn8c5BcWkWsZeedgc0VmPZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cf-ray: 89dd2e202893694c-FRA

GET
H2 200 favicon.ico
www.bluefoundrybank.com/static/images/ 1 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 2606:4700:20::681a:173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefoundrybank.com/static/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a1a7f7a430be5a1407b579ff976d25f7f8d2067e410fb4f9703dc28207813f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bluefoundrybank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:50:17 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.hotjar.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com player.vimeo.com *.googleadservices.com snap.licdn.com trkn.us *.nice-incontact.com *.g.doubleclick.net code.jquery.com *.jsdelivr.net; script-src-elem 'self' 'unsafe-inline' *.facebook.net *.ensighten.com *.fontawesome.com *.nice-incontact.com *.hotjar.com *.vimeo.com *.google.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net code.jquery.com *.jsdelivr.net *.youtube.com; script-src-attr 'unsafe-inline' *.hotjar.com code.jquery.com *.jsdelivr.net *.cloudflareinsights.com *.fontawesome.com *.ensighten.com *.nice-incontact.com *.facebook.net *.google.com player.vimeo.com *.googletagmanager.com *.gstatic.com *.google-analytics.com *.googleadservices.com snap.licdn.com trkn.us *.g.doubleclick.net; connect-src 'self' *.google.com *.fontawesome.com *.google-analytics.com *.g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' *.fontawesome.com *.jsdelivr.net; img-src 'self' *.doubleclick.net data: images.ctfassets.net *.bluekai.com *.facebook.com *.choozle.com *.adsrvr.org *.rlcdn.com *.company-target.com *.entitytag.co.uk *.b1img.com *.mookie1.com *.taboola.com *.truefitcorp.com trkn.us px.ads.linkedin.com *.google-analytics.com *.adsymptotic.com *.google.com *.jsdelivr.net; font-src 'self' *.fontawesome.com use.fontawesome.com *.jsdelivr.net; media-src 'self' player.vimeo.com *.ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com *.doubleclick.net *.cloudfront.net vimeo.com bluefoundrybank.referralrock.com *.nice-incontact.com *.hotjar.com *.adsrvr.org *.secureline.com *.g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com *.fls.doubleclick.net *.google.com forms.microsoft.com forms.office.com *.windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:11:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"517-60863a45451f8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAnY91Q69cEqd1KT%2FR6buPK%2BQ1KtPTf5rUXJes5KJ3zrAe8c9Jm0b0ZgNUeCvZXrykoV5SeqrS72%2FwKRsR%2F3%2BtHLXok%2B3roV%2BBMLCfxGe8Er%2BSVWdMX3WLWSJ7mm0Xg3sJpgXhn8c5BcWkWsZeedgc0VmPZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cf-ray: 89dd2e202893694c-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/attribution_trigger?pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F&e_ipv6=AQLt2SHIT0p1LgAAAZB8ggdnPG_bt4xPrnbzKnKxKD2R5RC9avZyA69aJrLKK0hc1cFKEf-w3jxD

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0W44DEMDVW&cid=1198138513.1720075814&gtm=45je4730v9101592065z8812361235za200zb812361235&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1462307871

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35804454-1&cid=1198138513.1720075814&jid=968852791&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1381577198

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/wa/

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluefoundrybank.com/	1970-01-20 23:57:31	Name: _gcl_au Value: 1.1.1269539177.1720075814
.trkn.us/	1970-01-21 06:33:31	Name: barometric[cuid] Value: cuid_66864626-bc93-4110-821b-912b3ff843a8
.bluefoundrybank.com/	1970-01-20 21:49:22	Name: _gid Value: GA1.2.1100849038.1720075814
.bluefoundrybank.com/	1970-01-20 21:47:55	Name: _gat_gtag_UA_35804454_1 Value: 1
.doubleclick.net/	1970-01-20 22:31:07	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:07:07	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:09:31	Name: IDE Value: AHWqTUlWjjKqdTmcmGCqQWVA_J_YGpPOWf_Jsg3-7VSb4baja95rh_Y8sTGBIKcmEvI
.bluefoundrybank.com/	1970-01-21 07:23:55	Name: _ga Value: GA1.1.1198138513.1720075814
.bluefoundrybank.com/	1970-01-21 07:23:55	Name: _ga_0W44DEMDVW Value: GS1.1.1720075814.1.0.1720075814.60.0.0
.linkedin.com/	1970-01-21 06:33:31	Name: bcookie Value: "v=2&f98441e2-044b-4a47-818c-055e3fd62508"
.linkedin.com/	1970-01-21 02:07:07	Name: li_gc Value: MTswOzE3MjAwNzU4MTQ7MjswMjG0dZc6jrfbjoJBRfkYswqzro0b1nBxJzQUl5bo0lbqgg==
.linkedin.com/	1970-01-20 21:49:22	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2872:u=1:x=1:i=1720075814:t=1720162214:v=2:sig=AQHTvZ8_CTrHg5yzmEGUGgL6_RazXGYN"
home-c35.nice-incontact.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: tkztuntlyn4ankxpwwqwvqft
home-c35.nice-incontact.com/	1970-01-20 21:58:00	Name: AWSALBCORS Value: 8qWV9w9JzrWZXeSpT1yZz6CAUKOKmvhXQVRmuPFTeYQ3p7oHhBf1Pj8i6NduGqnWq1Mjjl8a3gU7ddbmvMtpXIQBT5UHUsr7CBdsxU6FdbjmjE/1v2SynP3ONeNu

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Message: Refused to connect to 'https://px.ads.linkedin.com/attribution_trigger?pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F' because it violates the following Content Security Policy directive: "connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io".
security	error	URL: https://www.bluefoundrybank.com/(Line 7117) Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0W44DEMDVW&cid=1198138513.1720075814&gtm=45je4730v9101592065z8812361235za200zb812361235&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1462307871' because it violates the following Content Security Policy directive: "img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net".
security	error	URL: https://www.bluefoundrybank.com/(Line 7126) Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35804454-1&cid=1198138513.1720075814&jid=968852791&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1381577198' because it violates the following Content Security Policy directive: "img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net".
security	error	URL: https://www.bluefoundrybank.com/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com".
security	error	URL: https://www.bluefoundrybank.com/ Message: Refused to load the image 'https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2905964&time=1720075814587&url=https%3A%2F%2Fwww.bluefoundrybank.com%2F&e_ipv6=AQLt2SHIT0p1LgAAAZB8ggdnPG_bt4xPrnbzKnKxKD2R5RC9avZyA69aJrLKK0hc1cFKEf-w3jxD' because it violates the following Content Security Policy directive: "img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net".
security	error	URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Message: Refused to connect to 'https://px.ads.linkedin.com/wa/' because it violates the following Content Security Policy directive: "connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com *.hotjar.com cdn.linkedin.oribi.io".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .facebook.net .ensighten.com .hotjar.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com player.vimeo.com .googleadservices.com snap.licdn.com trkn.us .nice-incontact.com .g.doubleclick.net code.jquery.com .jsdelivr.net; script-src-elem 'self' 'unsafe-inline' .facebook.net .ensighten.com .fontawesome.com .nice-incontact.com .hotjar.com .vimeo.com .google.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net code.jquery.com .jsdelivr.net .youtube.com; script-src-attr 'unsafe-inline' .hotjar.com code.jquery.com .jsdelivr.net .cloudflareinsights.com .fontawesome.com .ensighten.com .nice-incontact.com .facebook.net .google.com player.vimeo.com .googletagmanager.com .gstatic.com .google-analytics.com .googleadservices.com snap.licdn.com trkn.us .g.doubleclick.net; connect-src 'self' .google.com .fontawesome.com .google-analytics.com .g.doubleclick.net player.vimeo.com .hotjar.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' .fontawesome.com .jsdelivr.net; img-src 'self' .doubleclick.net data: images.ctfassets.net .bluekai.com .facebook.com .choozle.com .adsrvr.org .rlcdn.com .company-target.com .entitytag.co.uk .b1img.com .mookie1.com .taboola.com .truefitcorp.com trkn.us px.ads.linkedin.com .google-analytics.com .adsymptotic.com .google.com .jsdelivr.net; font-src 'self' .fontawesome.com use.fontawesome.com .jsdelivr.net; media-src 'self' player.vimeo.com .ctfassets.net vod-progressive.akamaized.net ; child-src 'self' outlook.office365.com .doubleclick.net .cloudfront.net vimeo.com bluefoundrybank.referralrock.com .nice-incontact.com .hotjar.com .adsrvr.org .secureline.com .g.doubleclick.net locations.bluefoundrybank.com player.vimeo.com .fls.doubleclick.net .google.com forms.microsoft.com forms.office.com .windows.net *.microsoftonline.com images.printable.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9488395.fls.doubleclick.net
ad.doubleclick.net
cdn.jsdelivr.net
code.jquery.com
home-c35.nice-incontact.com
images.ctfassets.net
ka-f.fontawesome.com
kit.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
trkn.us
www.bluefoundrybank.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
px.ads.linkedin.com
px4.ads.linkedin.com
static.cloudflareinsights.com
www.google.de
142.250.181.230
142.250.185.102
142.250.185.132
151.101.65.229
172.67.139.119
2.17.147.192
2001:4860:4802:34::36
2600:9000:235a:1200:12:94b3:c380:93a1
2606:4700:20::681a:173
2606:4700:4400::ac40:93bc
2620:1ec:21::14
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a99
2a04:4e42:200::485
2a04:4e42::649
44.238.231.3
009ff42f8acf66ec69c73ef8d3ee518477a1baa201dd4ff27ee9089b6536c72c
015ce7ca130b04907f55ba95c731b88e1c5e81b4cd9ba9a9144c7cbbd229e844
045abd7f1f8eeddac67cf7fd2067178f77056c3a4dcbada3e8577d903855811c
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
05870d75736fc5e346d2d1ce577218a6f7a9c83822c6c50b18a1ae7879f7e6f8
06baea430b3a81d68c399be883f8409cc7f01f37e5ac35f084b71ee540289435
0dba5ea32efe1c34d8b9632360fc11eebfd7c2e52e47154dd8214991e786442b
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
0df14bb39137f9e2adf5bcdb33b81df8adef73b682789d0d1aa94689b3d2e2c4
110681a508a57e955f222511d415753d582c61c9dcd2583d50ae83b1cdfa1575
12ec9433cbae467a964b1737394fe4998264dd705b9dbf624ab1c2ddd0c1654a
16d02265d8f681fba257d487b2b819ae29b4693aed380d8a85ec79cd8b0c6fe1
184ca94e411472b38d868d0f8f4b0a519fc4111d5f88d05fe0ee0a970a555c45
195f8020c0e8e016bef78e5b471c9094622b491bf8abfd8c5814892e3f81a148
1a39c023aa28f517bb9630f61c3a3fdc69ee241c64a7ccc0bcb1eab813d298ef
1b849fe1a3c4ef70d564fa0a6995f50855190bd7be2db071e4b74d0396502b46
1b9753e2701e296922bafeb8c13abb94a8a2502da47435722e0dd1c8bc961a87
210a79267a31661e6367470a216ce3d55399516e73c61218f7bdc23eb7d16252
248072d075656cb9d0a7b6a1287b84808da51262577e31f1e42481a2956fea73
2df80e28c49d2b190517d5b14a5d599028e5d7f7a55ddd3b86f0f9a420fac724
3227c1f0bd7127f9b7fd63630f1868bd5c865be599bf536355d63222b353c197
368798d45ea73d432a47c573fad998ab1ba15fe06db6f8adc22530b2a2c97cd2
3a482b3a0ffffe177348952dcc2487ba11a0434f01878334664b11eec947a64b
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4257ec833f1086c2a352b4869ee6f594ad2d15cf0b4850c552b248d1aae7f6e8
43be6197a4af24ad4bb7f97d7efc8afe663fa53801cffa90cfc0b13f0f860844
4461cd77932eca376c1e85f93859c2e54817ea57887a7be995391f35571bd5dd
45e6b0e738b016f79508c43692a2560a0626af776b98d15599a8cd3f9fd4c782
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
4d63d107df4ea532423c769663bc36072a7c3e280de05948d8f27cbf52bd90ee
56500ab0cde6f2d4378a2b105d7f48f729f23b0b5186c2ae3fc80ab57b1e43b6
56c03ced33ca68b073d6be135cc18431777d6ab11fdeb29095fd0556735aa68e
589bc6632113c57bc4c8dbfb7a7979d71dae97633b07eabe5050fa12f1b86c8f
5be390235a8d6800975f0b705effd5dde47591d49fadad9ddc64a67fd81cae3f
5c41bf9008c253aab868e94b850370ec99439f8b72fd697688ef4f1b89681048
5ceeed80eb2257d6346f548146f612fa89c6f5446866b009814b0571c9c3c38d
6399b4edd0a5e17e931d3811b8890d0f5c44c9f7fcf3310b3549cf9f2e793356
6a4c561087a6ce2b6cef0a6581d05a3171d186135ac9bcec83ec8ddd5278d110
6d48929bf5eae1cd3dd011d61a9f97a8767a0d6a877d7ee7231882fe3cf5a94a
6e39596719ef5e13daa92530dc5564481aac1b3d78fe842f63c1d93a82e87c3e
73aac3eeabbf05af02fbdb8282c56977d9df2725136fe89eb255ac72d7e76a6d
75acad01b36502fbc73925d7740cd061c31c7201990334ded2ee93337657b64b
75ef261853b2511e807fdc1b0cb84dd9e21df10e18952266601f83dd62c0783e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863a26a6eb167488799e45278750c317099f451d0ad6919a847311d5277d5c8e
864c8436ba54bf60b2122c1f930f1434f162d7205433dbf952d06f99e2064ffe
88e2e73929870a6885fd04b1c355dbe78d2941cdf96811a355016503518fba6d
8a82af501618f7450a51b11f12398f6782de351b63f4cf8a96a98ad3b11c7c87
8def913dfd4e94c48508a3e034449afd9d048e9cbe2445740d70b8190d41f7d0
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
958c183adfbc6221fd2de4f08711de89669b1794b93c162598bd8cdd3b8023db
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
9b06360079c96c94368de474f9aa20c533c42116a98150cdbfe6106ce7207894
9c40cfff97e5940990e1827fa519e0b6edfd1a33c0fa5a7a85a307d79f4473d0
9dd3a27c2c6fc4b4950e623aef18602c7efba0b7c83f552a833b8a9c3f0df0f2
a6ed1712bf06fe8cfc326b50a015b504f6b59cfd2872db1de6d0b31c5ec65baf
a85a485b04bb99ac0a085b66a983faa7de70891ee02122897fed66bf80dfa3e4
ae4698d6ed0a206feb219b7f21421f2b60def8137be6da1653e77df4c0e48421
b0c05ff30d9cfcf9598a7b36b7d6c3766a47ad02b69fbad7ff7db37e34e13e3a
b16212b03028deecb46dfe367e3df643539393acaeac71116e5fccaa5515c4e2
b41ce39fce657cc393a1565607ac2b9d59312f24df331fddcdd635017ac7a748
b42d27be53d15d2e2cd4575896c054737b7f46fc914bc6fe44b06b6cd35b2285
c4df51b5dbef0cc8ae3bb5eee348b24f4e13fa9efe831ba9f365f65726968084
ce2444aab0454ae108d870dd2ac7f540d01364e46353ad914047b26bceac644e
d2a1a7f7a430be5a1407b579ff976d25f7f8d2067e410fb4f9703dc28207813f
d922a106e9768edceec2499160b0ceffdd073834684835470eeb87241383627b
dc8e0ca108e3f9ea902cf9c1fcbbab4060108c7037aa86e903891f04c89c48e9
de0c4a566ca1c7a493e87e0a8877e24df83918d9a265a3a10c04d6072ba0baeb
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5943670768bbb1c5ff0499875f65eafaddaee19b99f12daaa0071af7360ea5
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ecc4945b4f5172499053c493a5eaa585d6ec760c8500b3c2225fa76845540954
eddc071cf14ec2d9141aef93053966e85dc66f46044ebe6a91f7c83384c5a748
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f451e9406287825318e878c098bf82e3d1d236a119c6db5aa6b959f5e281e1b2
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f5b61ed1955f0d860e171daeb19b71b35bfd5f2f9e6bbb9f846217052f457473

www.bluefoundrybank.com Open in urlscan Pro 2606:4700:20::681a:173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

91 %HTTPS

63 %IPv6

16 Domains

22 Subdomains

20 IPs

4 Countries

6738 kBTransfer

9306 kBSize

14 Cookies

22 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bluefoundrybank.com Open in urlscan Pro
2606:4700:20::681a:173 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

91 %
HTTPS

63 %
IPv6

16
Domains

22
Subdomains

20
IPs

4
Countries

6738 kB
Transfer

9306 kB
Size

14
Cookies

104 HTTP transactions
0 data transactions