urlscan.io logo urlscan.io
SecurityTrails logo

nccyou.com Open in urlscan Pro
141.193.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nccyou.com/
Effective URL: https://nccyou.com/
Submission: On October 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 87 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is nccyou.com.
TLS certificate: Issued by E6 on September 21st 2024. Valid for: 3 months.
This is the only time nccyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 141.193.213.11 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:26d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
1 2 142.250.184.196 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 157.240.0.6 32934 (FACEBOOK)
1 108.138.40.116 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 142.250.184.226 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
9 75.2.36.128 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
16 54.192.196.159 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 44.237.195.6 16509 (AMAZON-02)
87 24
28    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.nccyou.com
nccyou.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:26da:6a00:7:3d38:fd80:21 (United States)

ASN16509 (AMAZON-02, US)
d1lvyn09g7nf92.cloudfront.net
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
2    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net
js.adsrvr.org
1    2600:9000:223d:f000:b:527a:2d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
452392.tctm.xyz
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.google.de
1    2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.acsbapp.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
9    75.2.36.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: a90bf267a40ac35dc.awsglobalaccelerator.com
securemessage.nccyou.com
2    2600:9000:225b:7200:1a:3e6b:180:21 (United States)

ASN16509 (AMAZON-02, US)
d2kc9bbovjrjt2.cloudfront.net
16    54.192.196.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-196-159.muc50.r.cloudfront.net
doerd31l9oh9k.cloudfront.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    44.237.195.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-195-6.us-west-2.compute.amazonaws.com
cobrowse.eltropy.com
Apex Domain
Subdomains		 Transfer
37 nccyou.com
www.nccyou.com
nccyou.com
securemessage.nccyou.com
814 KB
21 cloudfront.net
d1lvyn09g7nf92.cloudfront.net
d2kc9bbovjrjt2.cloudfront.net
doerd31l9oh9k.cloudfront.net
1 MB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
315 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
24 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
127 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
574 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
73 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3740
cdn.acsbapp.com — Cisco Umbrella Rank: 3977
116 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 eltropy.com
cobrowse.eltropy.com — Cisco Umbrella Rank: 102687
709 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
3 KB
1 tctm.xyz
452392.tctm.xyz
15 KB
87 17
Domain Requested by
27 nccyou.com nccyou.com
16 doerd31l9oh9k.cloudfront.net securemessage.nccyou.com
9 securemessage.nccyou.com nccyou.com
doerd31l9oh9k.cloudfront.net
d1lvyn09g7nf92.cloudfront.net
4 www.googletagmanager.com nccyou.com
www.googletagmanager.com
3 d1lvyn09g7nf92.cloudfront.net nccyou.com
2 d2kc9bbovjrjt2.cloudfront.net securemessage.nccyou.com
2 www.facebook.com nccyou.com
2 www.google.de nccyou.com
2 connect.facebook.net nccyou.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com nccyou.com
1 cobrowse.eltropy.com d1lvyn09g7nf92.cloudfront.net
cobrowse.eltropy.com
1 insight.adsrvr.org js.adsrvr.org
1 code.jquery.com d1lvyn09g7nf92.cloudfront.net
1 googleads.g.doubleclick.net 1 redirects
1 cdn.acsbapp.com acsbapp.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 452392.tctm.xyz www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 acsbapp.com nccyou.com
1 www.nccyou.com 1 redirects
87 25
Subject Issuer Validity Valid
nccyou.com
E6		 2024-09-21 -
2024-12-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
acsbapp.com
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-07 -
2024-11-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.tctm.xyz
Amazon RSA 2048 M03		 2024-09-21 -
2025-10-20		 a year crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
securemessage.nccyou.com
Amazon RSA 2048 M03		 2024-09-10 -
2025-10-10		 a year crt.sh
cobrowse.eltropy.com
Amazon RSA 2048 M03		 2024-09-23 -
2025-10-22		 a year crt.sh

This page contains 5 frames:

Primary Page: https://nccyou.com/
Frame ID: DE85A7A8B1AB5311DAA56A93149D0110
Requests: 57 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnccyou.com
Frame ID: 074C5691E0F9350E256A1DDFDCE0441C
Requests: 1 HTTP requests in this frame

Frame: https://securemessage.nccyou.com/chat/loadBot
Frame ID: 9927B37F4FB89999179EC38BEB31E329
Requests: 11 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=f7qoy7f&ref=https%3A%2F%2Fnccyou.com%2F&upid=qpmvbqd&upv=1.1.0&paapi=1
Frame ID: 7CAA06B108DFC5835FE41F8434D64227
Requests: 1 HTTP requests in this frame

Frame: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Frame ID: 03C75F3137B1AFE0810B97AE9FD31011
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Northern Communities Credit Union | It's All About You!

Page URL History Show full URLs

  1. http://www.nccyou.com/ HTTP 307
    https://www.nccyou.com/ HTTP 301
    https://nccyou.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

95 %
HTTPS

52 %
IPv6

17
Domains

25
Subdomains

24
IPs

3
Countries

3377 kB
Transfer

12738 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nccyou.com/ HTTP 307
    https://www.nccyou.com/ HTTP 301
    https://nccyou.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8I-CuQYQ3bGd9rPK7ZtzEh0AYy1OnkQy_Opv1mbHpuGTESBJaH-ADfwUVCZbgA&pscrd=IhMI58jF6au0iQMVeouDBx0r9gLqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL25jY3lvdS5jb20vQldDaEVJOEktQ3VRWVF5c0NtcXBlazk5YXlBUklzQUV3UHB5YU94ZzUzSmdiWFF1b3JUT05DWGh3MzB1UVQ0QkFVeDhHYktzczhJcjdyWGc3NmtiMUJFNXc HTTP 302
  • https://www.google.com/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI58jF6au0iQMVeouDBx0r9gLqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL25jY3lvdS5jb20vQldDaEVJOEktQ3VRWVF5c0NtcXBlazk5YXlBUklzQUV3UHB5YU94ZzUzSmdiWFF1b3JUT05DWGh3MzB1UVQ0QkFVeDhHYktzczhJcjdyWGc3NmtiMUJFNXc&is_vtc=1&cid=CAQSGwCa7L7dwDaCs0NoAm8m9kHCKKU9KwdH3CzwiA&eitems=ChAI8I-CuQYQ3bGd9rPK7ZtzEh0AYy1Onir96bRR6aXoVI-RY4Yj3ZjGMYDDuKpjFg&random=173756141 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI58jF6au0iQMVeouDBx0r9gLqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL25jY3lvdS5jb20vQldDaEVJOEktQ3VRWVF5c0NtcXBlazk5YXlBUklzQUV3UHB5YU94ZzUzSmdiWFF1b3JUT05DWGh3MzB1UVQ0QkFVeDhHYktzczhJcjdyWGc3NmtiMUJFNXc&is_vtc=1&cid=CAQSGwCa7L7dwDaCs0NoAm8m9kHCKKU9KwdH3CzwiA&eitems=ChAI8I-CuQYQ3bGd9rPK7ZtzEh0AYy1Onir96bRR6aXoVI-RY4Yj3ZjGMYDDuKpjFg&random=173756141&ipr=y

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nccyou.com/
Redirect Chain
  • http://www.nccyou.com/
  • https://www.nccyou.com/
  • https://nccyou.com/
173 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
27e4bb159037285fdf7c7860b6eca0265a3edf656f3a932b58288aa2d90d9768

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8da5a13ab99c8ed9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 19:39:08 GMT
link
<https://nccyou.com/wp-json/>; rel="https://api.w.org/" <https://nccyou.com/wp-json/wp/v2/pages/7>; rel="alternate"; title="JSON"; type="application/json" <https://nccyou.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8da5a1338b50dbf0-FRA
content-type
text/html
date
Tue, 29 Oct 2024 19:39:07 GMT
location
https://nccyou.com/
server
cloudflare
caspers-leave-notice.css
nccyou.com/wp-content/plugins/Modified-caspers-leave-notice/ 		1 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/Modified-caspers-leave-notice/caspers-leave-notice.css?ver=6.6.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
514d1905038b4186fc184128e5d1b18c92285ed241bf5c2d7a718d15394ecf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"61297372-567"
age
103068
cf-ray
8da5a1413b348ed9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 27 Aug 2021 23:21:22 GMT
print.css
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/print.css?ver=6.6.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6523566ca135220ebcfa0513ac8c4ddd353327fd0e447ead8df831dd18f077

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-f9d"
age
103069
cf-ray
8da5a1413b368ed9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
gbst_styles.css
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		43 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/gbst_styles.css?ver=6.6.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b3bcce62585ce2a72f2c57c075a0ad2fde27f862ec60979364553fb36cc9c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-aafc"
age
103069
cf-ray
8da5a1413b3a8ed9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
front.min.css
nccyou.com/wp-content/plugins/popups-for-divi/styles/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6566667b-1c9f"
age
103069
cf-ray
8da5a1413b3b8ed9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 28 Nov 2023 22:15:23 GMT
css
fonts.googleapis.com/ 		7 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Prata:regular|Quicksand:300,regular,500,600,700&subset=cyrillic,cyrillic-ext,latin,vietnamese,latin-ext&display=swap
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14fb77f88feec2a964a63837759fab01b7a63a382a198a6ad72bc3971ec9f597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 19:39:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 19:39:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
nccyou.com/wp-content/themes/nccyou/ 		349 B
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/themes/nccyou/style.css?ver=4.27.2
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e1a3b689e3597e9aebb130109733831897d6bc282c0c4fc5f02650d99f4df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5dd482f7-15d"
age
103069
cf-ray
8da5a1419edddc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 20 Nov 2019 00:04:07 GMT
ie-compat.min.js
nccyou.com/wp-content/plugins/popups-for-divi/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6566667b-2712"
age
103069
cf-ray
8da5a1419edfdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 28 Nov 2023 22:15:23 GMT
css
fonts.googleapis.com/ 		2 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lobster&display=swap
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9164b8e6f8a93d1cd1dee79e13c279a0e625f9ba93395729c0147ba5323d0b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 19:39:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 19:39:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
et-divi-customizer-global.min.css
nccyou.com/wp-content/et-cache/global/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1728575019
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
001527ad4734dd2766ae112a8f8632ea5e81f031b8bc9144ce1206b99331e2c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6707f62b-3e98"
age
103069
cf-ray
8da5a1419ee4dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 10 Oct 2024 15:43:39 GMT
nccyou-logo-thumbnail1-150x150.jpg
nccyou.com/wp-content/uploads/2018/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2018/03/nccyou-logo-thumbnail1-150x150.jpg
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15699916ae072f84c05efe468a775fb32e8e2fd856b498d122437e585626dcb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5d6949f3-222a"
age
103021
cf-cache-status
HIT
cf-polished
origSize=8746
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
image/jpeg
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8da5a1419ee7dc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7743
server
cloudflare
NCCYou-Est-1928-150x150.jpg
nccyou.com/wp-content/uploads/2019/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2019/04/NCCYou-Est-1928-150x150.jpg
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e216bfa0652adb5fe88502f4da0370a7e1c90d5bcd3c160684822c628ca7723

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5d6949d0-9364"
age
103068
cf-cache-status
HIT
cf-polished
origSize=37732
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
image/jpeg
last-modified
Fri, 30 Aug 2019 16:07:44 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8da5a1419eeddc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
21321
server
cloudflare
website-header.jpg
nccyou.com/wp-content/uploads/2023/11/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2023/11/website-header.jpg
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc04fb3631725d37ffd650688fb72d131dd109af896167b764678060837a80a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"655e3145-4b2d6"
age
103069
cf-cache-status
HIT
cf-polished
origSize=307926
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
image/jpeg
last-modified
Wed, 22 Nov 2023 16:50:13 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8da5a1419eefdc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
249600
server
cloudflare
Legal.png
nccyou.com/wp-content/uploads/2022/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2022/01/Legal.png
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
717f423330460c0deeee32964f3d50081068c71992739202bfa6f543bfe1f424

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61f46310-1c3d"
age
103068
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7229
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
image/webp
content-disposition
inline; filename="Legal.webp"
vary
Accept
last-modified
Fri, 28 Jan 2022 21:41:36 GMT
cache-control
public, max-age=31536000
cf-ray
8da5a14279b3dc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3550
server
cloudflare
jquery.min.js
nccyou.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
age
103068
cf-ray
8da5a14279b9dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
jquery-migrate.min.js
nccyou.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6482bd64-3509"
age
103069
cf-ray
8da5a14279bcdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
caspers-leave-notice.js
nccyou.com/wp-content/plugins/Modified-caspers-leave-notice/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/Modified-caspers-leave-notice/caspers-leave-notice.js?ver=6.6.1
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d19f231cdc19129eadeb0f2c62f99d9df88e5f2ad532626a59a9cc38615f53f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"61297489-cec"
age
103069
cf-ray
8da5a14279bfdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 27 Aug 2021 23:26:01 GMT
clientlibrarymanager.min.js
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/clientlibrarymanager.min.js?ver=1.0.0
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d59b87aa357ad0cb27fbfaede39c7f82bca8fedbee587947ddcce5b276de424

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-1982"
age
103069
cf-ray
8da5a14279c3dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
loan-calculator-lib.js
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		562 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/loan-calculator-lib.js?ver=1.0.0
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d65bd6b44ea47c7cc3a8a2dbb288b0fb668f3e5f8abbdce7a795b19bba8325a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-8c90f"
age
103069
cf-ray
8da5a14279c6dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
config.js
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/config.js?ver=1.0.0
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99a695b338a76f9d6d37df113649ad56f0d1f69c513063f66f63b950a46b06f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-1100"
age
103021
cf-ray
8da5a14279ccdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
loan-calculator-app.js
nccyou.com/wp-content/plugins/loan-calculator/assets/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/loan-calculator/assets/loan-calculator-app.js?ver=1.0.0
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd34897818782f3f12c67a9e4c4bbed312bf9fef286f7389c345473cd32e1ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5d6949f3-1124b"
age
103068
cf-ray
8da5a14279cfdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
gtm4wp-form-move-tracker.js
nccyou.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/ 		1 KB
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66155e40-472"
age
103069
cf-ray
8da5a14279d7dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 09 Apr 2024 15:26:56 GMT
front.min.js
nccyou.com/wp-content/plugins/popups-for-divi/scripts/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6566667b-10394"
age
103069
cf-ray
8da5a14279d8dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 28 Nov 2023 22:15:23 GMT
scripts.min.js
nccyou.com/wp-content/themes/Divi/js/ 		268 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.2
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6707f620-42f9f"
age
103068
cf-ray
8da5a14279d9dc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 10 Oct 2024 15:43:28 GMT
common.js
nccyou.com/wp-content/themes/Divi/core/admin/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.2
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6707f620-53f"
age
103020
cf-ray
8da5a14279dbdc4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 10 Oct 2024 15:43:28 GMT
contact-widget-embed.js
d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/ 		65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:6a00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7254fc7b0ae8cbde49bbd6572e92c00f8b352337d3400ec7b4a78517720392

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

x-amz-replication-status
FAILED
x-amz-version-id
E0_ukLv409kTpYmagQ7SxqAaGVBvBdTE
etag
"6e4407fa9c434e30136ea112f2032ac0"
via
1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
66391
x-amz-cf-id
XQau8gm4Tr1IPQcmeDKxzv65a-fQYcpDP70sCFw11xV_6B4KBVbohw==
date
Tue, 29 Oct 2024 19:39:10 GMT
content-type
text/javascript
last-modified
Sun, 29 Sep 2024 12:23:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		318 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94cedff9b8cb7474c39f9d31ebe8d5f1c979de668855d08bc3238dcdd2ab94c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 29 Oct 2024 19:39:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 29 Oct 2024 18:14:29 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111497
x-xss-protection
0
server
Google Tag Manager
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prata:regular|Quicksand:300,regular,500,600,700&subset=cyrillic,cyrillic-ext,latin,vietnamese,latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nccyou.com
Referer
https://fonts.googleapis.com/

Response headers

age
10492
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 16:44:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 16:44:16 GMT
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
28064
x-xss-protection
0
server
sffe
modules.woff
nccyou.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nccyou.com
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"6707f620-167b4"
age
97975
cf-ray
8da5a142dafadc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
92084
date
Tue, 29 Oct 2024 19:39:08 GMT
content-type
font/woff
last-modified
Thu, 10 Oct 2024 15:43:28 GMT
vary
Accept-Encoding
server
cloudflare
6xKhdSpbNNCT-sWPCm4.woff2
fonts.gstatic.com/s/prata/v20/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prata/v20/6xKhdSpbNNCT-sWPCm4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prata:regular|Quicksand:300,regular,500,600,700&subset=cyrillic,cyrillic-ext,latin,vietnamese,latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
f78bb4fead90ea6966383155118b67afbc0bdb0f870f4918944de11227d583e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nccyou.com
Referer
https://fonts.googleapis.com/

Response headers

age
9924
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 16:53:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 16:53:44 GMT
last-modified
Thu, 24 Aug 2023 20:58:34 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19196
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fnccyou.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1843061319.1730230749&auid=619424844.1730230749&npa=1&gtm=45He4as0v812695675za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101925629&tft=1730230749029&tfd=2925&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers
js
www.googletagmanager.com/gtag/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4FEP4CWN00&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ecbb5ad1dbe885d8926203636cdbb21a6dde9f51463f797b83e43b77dcc1878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 19:39:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110325
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
age
540
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		281 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11283404955&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3ac208ac7f0f83a4c412a0faac04adc1b77fc4f5d4cc6e56a88bc661f3d266e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 29 Oct 2024 19:39:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 29 Oct 2024 18:14:29 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98907
x-xss-protection
0
server
Google Tag Manager
app.js
acsbapp.com/apps/app/dist/js/ 		381 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ca903becf077bb91fe8b7d18e62b6ca078ce408e0279778dda3f859e693d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=v14fXQ==, md5=BxneyGvNOCI2NREBXHDoxQ==
cf-cache-status
REVALIDATED
etag
W/"0719dec86bcd3822363511015c70e8c5"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Wed, 29 Oct 2025 19:39:09 GMT
x-goog-stored-content-length
390508
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Oct 2024 15:47:33 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0Aye3joRKnoo2UI9zV4e1dN3vxltyZlWIm6MaNAwxieZlMKQZbJWhXkkoeaBGwwn4nTyiHEq4FDw
cache-control
public, max-age=300, must-revalidate
x-goog-storage-class
STANDARD
cf-ray
8da5a1463fc64db4-FRA
access-control-allow-origin
*
x-goog-generation
1730216853766384
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1Gtslwxh' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1Gtslwxh' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4453, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Z5hRJMAfG3hKiPvVZouynFJsmaL6R9qnel52iA4srizcZ01Y9UIsuJtmCdFP2cYIBsVeQQhnYzOvKqv3eN4RkQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
up_loader.1.1.0.js
js.adsrvr.org/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-40-116.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9418fabfb9e44d2e317c49c500d1f19c42ce6c8cf5b48197f78da3fa6015077b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"22ee89684eccfa7a3bff28d78c22ff4b"
Age
27141
Connection
keep-alive
Via
1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
hh139h0wPT1rvMDlT16oF4esz-OlEWxXjTx1VWewF7qcHWIfItxgxg==
Date
Tue, 29 Oct 2024 12:06:49 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 24 Oct 2024 21:26:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P2
x-amz-server-side-encryption
AES256
t.js
452392.tctm.xyz/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://452392.tctm.xyz/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:f000:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
61994cdb365e5ddcb8f43f2967e52c087bf1d5d1cdf5194786e54299bd560a4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
etag
W/672139dd0006e728442b3c9c-452392
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
N1i74TU5-b7I_9C7fNA6cYAgIxlTlktU_uLRMwX50B9UKckI2VenUw==
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/x-javascript
last-modified
Tue, 29 Oct 2024 19:39:09 GMT
server
ctm
x-amz-cf-pop
FRA56-P3
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 074C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnccyou.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9TNQ57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
51887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 05:14:22 GMT
expires
Wed, 29 Oct 2025 05:14:22 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
WincentiveLogo_COLOR_R.jpg
nccyou.com/wp-content/uploads/2024/07/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2024/07/WincentiveLogo_COLOR_R.jpg
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5eef4d152a4d8763987fbdd7e7baef76986f5757084171385add031c51781a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"668578dd-8c7e"
cf-cache-status
HIT
cf-ray
8da5a145cc72dc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=35966
content-length
34034
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
image/jpeg
last-modified
Wed, 03 Jul 2024 16:14:21 GMT
vary
Accept-Encoding
server
cloudflare
Transparent-FLi-Logo-in-Circle.png
nccyou.com/wp-content/uploads/2023/11/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nccyou.com/wp-content/uploads/2023/11/Transparent-FLi-Logo-in-Circle.png
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ff9ec21916e9004f597c2b7ac4451073e51f7dafb684c4586032c9e4e7a42f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"655e5eab-11c6a"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=72810
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
image/webp
content-disposition
inline; filename="Transparent-FLi-Logo-in-Circle.webp"
vary
Accept
last-modified
Wed, 22 Nov 2023 20:03:55 GMT
cache-control
public, max-age=31536000
cf-ray
8da5a145cc78dc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
43976
server
cloudflare
collect
www.google-analytics.com/j/ 		3 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2128685027&t=pageview&_s=1&dl=https%3A%2F%2Fnccyou.com%2F&ul=de-de&de=UTF-8&dt=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1835255229&gjid=1659756514&cid=1215177655.1730230749&tid=UA-145833692-1&_gid=1197913956.1730230749&_r=1&_slc=1&gtm=45He4as0n81W9TNQ57v812695675za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101925629&npa=1&z=342755283
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nccyou.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:09 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://nccyou.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
/
www.googleadservices.com/pagead/conversion/11283404955/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11283404955/?random=1730230749277&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11283404955&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6d048300ef39b739c9edbbec1efc98d8530c20f7aa4c89cb7f6b6a8e8ff86d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2680
date
Tue, 29 Oct 2024 19:39:09 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
306225831036325
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/306225831036325?v=2.9.174&r=stable&domain=nccyou.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f4cc23fc9c1cae0cae8673ec89fb555b7af959a7de5e7ad729e7849f898b3fd9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0zwNvhTD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0zwNvhTD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=69, mss=1232, tbw=68504, tp=65, tpl=0, uplat=151, ullat=0
pragma
public
x-fb-debug
GV6EWTEv+kISK0eOda3rSkU4tZsIc4d7PA5nMnla+XvasPv+hCtNTLpLaNh9145802ChX2tDkXDuzoc3dz1Zxg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4FEP4CWN00&gtm=45je4as0v878932256z8812695675za200zb812695675&_p=1730230748547&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&cid=1215177655.1730230749&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730230749&sct=1&seg=0&dl=https%3A%2F%2Fnccyou.com%2F&dt=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&en=page_view&_fv=1&_ss=1&tfd=3254
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FEP4CWN00&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nccyou.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
550 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4FEP4CWN00&cid=1215177655.1730230749&gtm=45je4as0v878932256z8812695675za200zb812695675&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FEP4CWN00&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nccyou.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4FEP4CWN00&cid=1215177655.1730230749&gtm=45je4as0v878932256z8812695675za200zb812695675&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=1043146773
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 19:39:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
config.json
cdn.acsbapp.com/config/nccyou.com/ 		164 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/nccyou.com/config.json?page=%2F
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173c78d630b5f3ff58fa48e021069fcdcb942406120e80a5dc8b5a41b37757e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=wkObzg==, md5=gZGnF4dCn0J1pzOsuuA3PQ==
cf-cache-status
REVALIDATED
etag
W/"8191a71787429f4275a733acbae0373d"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Wed, 29 Oct 2025 19:39:09 GMT
x-goog-stored-content-length
164
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/json
last-modified
Tue, 20 Feb 2024 14:58:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2F_pF9PdjDr6YXxazo4kX5q-7-JIsWPPXOMtY3vKPBHLHBP13pPzfQIhX4uF1TEhiLMcQGCZ_bYQ
cache-control
public, max-age=300, must-revalidate
x-goog-storage-class
STANDARD
cf-ray
8da5a14a3f2f361b-FRA
access-control-allow-origin
*
x-goog-generation
1708441112709110
server
cloudflare
/
www.google.de/pagead/1p-conversion/11283404955/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2...
  • https://www.google.com/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&...
  • https://www.google.de/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI58jF6au0iQMVeouDBx0r9gLqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL25jY3lvdS5jb20vQldDaEVJOEktQ3VRWVF5c0NtcXBlazk5YXlBUklzQUV3UHB5YU94ZzUzSmdiWFF1b3JUT05DWGh3MzB1UVQ0QkFVeDhHYktzczhJcjdyWGc3NmtiMUJFNXc&is_vtc=1&cid=CAQSGwCa7L7dwDaCs0NoAm8m9kHCKKU9KwdH3CzwiA&eitems=ChAI8I-CuQYQ3bGd9rPK7ZtzEh0AYy1Onir96bRR6aXoVI-RY4Yj3ZjGMYDDuKpjFg&random=173756141&ipr=y
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H3
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 19:39:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/11283404955/?random=630469730&cv=11&fst=1730230749277&bg=ffffff&guid=ON&async=1&gtm=45be4as0z8812695675za201zb812695675&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fnccyou.com%2F&label=p0bwCNTUzo8ZEJuxrIQq&hn=www.googleadservices.com&frm=0&tiba=Northern%20Communities%20Credit%20Union%20%7C%20It%27s%20All%20About%20You!&value=0&npa=1&pscdl=noapi&auid=619424844.1730230749&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI58jF6au0iQMVeouDBx0r9gLqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL25jY3lvdS5jb20vQldDaEVJOEktQ3VRWVF5c0NtcXBlazk5YXlBUklzQUV3UHB5YU94ZzUzSmdiWFF1b3JUT05DWGh3MzB1UVQ0QkFVeDhHYktzczhJcjdyWGc3NmtiMUJFNXc&is_vtc=1&cid=CAQSGwCa7L7dwDaCs0NoAm8m9kHCKKU9KwdH3CzwiA&eitems=ChAI8I-CuQYQ3bGd9rPK7ZtzEh0AYy1Onir96bRR6aXoVI-RY4Yj3ZjGMYDDuKpjFg&random=173756141&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 19:39:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=306225831036325&ev=PageView&dl=https%3A%2F%2Fnccyou.com&rl=&if=false&ts=1730230749798&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12316&fbp=fb.1.1730230749794.448360831298409634&pm=1&hrl=fb34fa&ler=empty&cdl=API_unavailable&it=1730230749303&coo=false&cs_cc=1&rqm=GET
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2909, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=306225831036325&ev=PageView&dl=https%3A%2F%2Fnccyou.com&rl=&if=false&ts=1730230749798&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12316&fbp=fb.1.1730230749794.448360831298409634&pm=1&hrl=fb34fa&ler=empty&cdl=API_unavailable&it=1730230749303&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: nccyou.com
URL: https://nccyou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431284483149424576"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
29GGMe3tg8vQYOyOyU0lm5N+t3FSNIYIzSQz8oiHt0WFA0l6NamP+OBitO5sLf7IhE7IPN8O5bkIqkUxHqx/Kg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431284483149424576", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3226, tp=-1, tpl=-1, uplat=177, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
4182206
x-cache
HIT, HIT
date
Tue, 29 Oct 2024 19:39:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
8, 660857
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230059-FRA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730230750.833017,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
loadBot
securemessage.nccyou.com/chat/ Frame 9927 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/chat/loadBot
Requested by
Host: nccyou.com
URL: https://nccyou.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
fa9150610e03a902daa8798f9e890aebaa23d43fb723441054aee801d0298b21
Security Headers
Name Value
Content-Security-Policy default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://nccyou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
2562
content-security-policy
default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html
date
Tue, 29 Oct 2024 19:39:10 GMT
etag
"67148e99-a02"
last-modified
Sun, 20 Oct 2024 05:01:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-permitted-cross-domain-policies
none
es6-shim.min.js
d2kc9bbovjrjt2.cloudfront.net/cdn/ Frame 9927 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2kc9bbovjrjt2.cloudfront.net/cdn/es6-shim.min.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7200:1a:3e6b:180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
content-encoding
gzip
etag
W/"a95b94cf6b62062b328f415eff920b95"
age
66439
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
C-Kf6LhsjI3gVnuZ0_FcRiMzVxkNqDkyxQtH9qknR750viBtWkrl7w==
date
Tue, 29 Oct 2024 01:11:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 08 Dec 2021 16:27:06 GMT
access-control-allow-headers
Range
via
1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
server
AmazonS3
ABCDiatype-Bold.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Bold.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1307fbc32a62b66eb55afcc457c776759cbbef880fee985fc411f03a53ad5a73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
p6n0Tc7r0wEfMmBNZniK6iv3yS2JNMXI
etag
"62347265ffc8d5bbfa1ab1f0237081fe"
age
38986
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
spjYjimCCQYX9TWOQ8OwQUCPvzMFbwzpO1PwF08oyfIxWyk6ZMUtkg==
date
Tue, 29 Oct 2024 08:49:25 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:56 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
36284
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-BoldItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-BoldItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9702ed6207153ea3b79048a51c0475edb6c9c690c9606a4da360e4e65eb32aba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
TzJZJR3VlreA2QEgEUmHqIYZ8NDQq42s
etag
"9e17597dd4da4bae980ecbef031bd8e4"
age
63298
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
3E0aRz6Syfkf-IQycbu3qyKyqsFxNpR75P7LcvRrMG0lJvFpldkHyQ==
date
Tue, 29 Oct 2024 02:04:13 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:49 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
37648
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-Medium.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Medium.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca11cf9ca00fd5a1e8ed8a901d790bf273e188bfa76d5cc57f6aeebb2d5a42a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
b2Ry6_xBTV0g9DZQoNx4HbovoYRjXObc
etag
"453362635b339393678d9a3ce1345a51"
age
47565
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
SmZ0oAd_-TeaU7qq0IjEZEbBEuf9wp6UYEu0MX8VK82K0rTdX8Thuw==
date
Tue, 29 Oct 2024 06:26:26 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:27:01 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
37132
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-MediumItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-MediumItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd02ffc054bdb74d7dd3af75fb890816bc85720099a01244730da7a3be97aab9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
B4Kreqj0F121.fs2YNFtUTQm1eiQQ3Fb
etag
"151847173fa97d2904d66477d6c7e0f6"
age
54047
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
7QrVYKvHkjrP0tROXc8-cS7DbjrBmwe9NKi00vHsWJxR10aTRfblcg==
date
Tue, 29 Oct 2024 04:38:24 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:51 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
38868
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-Regular.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Regular.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ffe7cae057c83d8b2cf00f4b3a6a895ea79f87703772ab5f3a7364887da1c40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
dRj2IfRkb_gzvWdiCgOACtTkkXxsQTiw
etag
"233ff3d5c1ae46bf97b9e45ca201d061"
age
38119
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
HhvbP9ROXY60Ug-N5o7hkCy6QV88VAemEj2wHvxHn2coB8G66WDzgQ==
date
Tue, 29 Oct 2024 09:03:52 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:54 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
34196
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-RegularItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 9927 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-RegularItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa72994170d22039355983406708efe607928c967f7209abb57d5496b6a6d04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
BufFa3sxJDDPPHe2Wn.wYZ5HH8oZCOpc
etag
"7b038158704a5c3f432bf27f238ac214"
age
54047
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
zz5kDgx01xNxGEAEa9rij27dTOEpA8J57ECReTW4YgjNgfPiN0UlNA==
date
Tue, 29 Oct 2024 04:38:24 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:48 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
35956
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor.d4240f10169ae61ddf4c.js
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame 9927 		3 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2fdb2a0e300269240b48d23443a2574a528c41fafa51b2b2854dd15258e2065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/

Response headers

content-encoding
br
etag
W/"9a3d72c44fa0be7513fdb27642b53a53"
x-amz-version-id
8h9NV9hBgRXXIvFvluUHItnlDSsRlv2i
age
59603
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Sv-ZkgVwY3bVSdvE7PjuGp4faGQ-_zRs4akEeuq99_-B5iYmMWRuLg==
date
Tue, 29 Oct 2024 03:05:48 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Wed, 23 Oct 2024 17:55:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 545b825053a09d387ff136b5f64f0862.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.7b726bb3bc421cfdecb1.js
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame 9927 		518 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.7b726bb3bc421cfdecb1.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/loadBot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
570a73e55a9861df7efe18670f08d296621fb78b0c4456a89f02284245858eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/

Response headers

content-encoding
br
etag
W/"cb36953d558393a4eace0a5f1cc1affd"
x-amz-version-id
HkuGWhFUcsdSGYt15VqtoQgY9CsfPFPk
age
60576
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
VghHcAqv1lDcaXjFe0bX6-AaBk3zgpMHzC9BvFDtYi0ZAMSG8C0heA==
date
Tue, 29 Oct 2024 02:49:35 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Sun, 20 Oct 2024 05:01:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 545b825053a09d387ff136b5f64f0862.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
config
securemessage.nccyou.com/messages/service/skillBasedRouting/widget/ Frame 9927 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/skillBasedRouting/widget/config
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.7b726bb3bc421cfdecb1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
be830380fcfbdf0423d65e96ea11541ed2a7a72a3f9db0017efe487a06050928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/chat/loadBot

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
9
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-eltropy-revision
1.5.4
date
Tue, 29 Oct 2024 19:39:10 GMT
content-type
application/json; charset=utf-8
server
envoy
up
insight.adsrvr.org/track/ Frame 7CAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=f7qoy7f&ref=https%3A%2F%2Fnccyou.com%2F&upid=qpmvbqd&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://nccyou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Tue, 29 Oct 2024 19:39:10 GMT
server
Kestrel
cropped-eagleimg-32x32.png
nccyou.com/wp-content/uploads/2018/04/ 		664 B
921 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nccyou.com/wp-content/uploads/2018/04/cropped-eagleimg-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7b0e5a0e55ebc1c8e87b0010599a730e0b977ecf4e090c64ce768ac5f6f107

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5d6949f3-45b"
age
103067
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1115
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:39:10 GMT
content-type
image/webp
content-disposition
inline; filename="cropped-eagleimg-32x32.webp"
vary
Accept
last-modified
Fri, 30 Aug 2019 16:08:19 GMT
cache-control
public, max-age=31536000
cf-ray
8da5a150fe6edc4b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
664
server
cloudflare
v1
securemessage.nccyou.com/messages/service/cobrowse/config/ 		61 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/cobrowse/config/v1
Requested by
Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
5a04980e5411ea6cf08102a6b70305e94b0687c65c0132323444b2849af7cabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
1
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-eltropy-revision
1.5.4
access-control-allow-origin
https://nccyou.com
content-length
61
date
Tue, 29 Oct 2024 19:39:11 GMT
content-type
application/json; charset=utf-8
server
envoy
/
securemessage.nccyou.com/chat/ Frame 03C7 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Requested by
Host: nccyou.com
URL: https://nccyou.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
fa9150610e03a902daa8798f9e890aebaa23d43fb723441054aee801d0298b21
Security Headers
Name Value
Content-Security-Policy default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://nccyou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
2562
content-security-policy
default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html
date
Tue, 29 Oct 2024 19:39:11 GMT
etag
"67148e99-a02"
last-modified
Sun, 20 Oct 2024 05:01:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-permitted-cross-domain-policies
none
widgetIcon.png
d1lvyn09g7nf92.cloudfront.net/Northern-Communities-CU-310369767/sbr/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1lvyn09g7nf92.cloudfront.net/Northern-Communities-CU-310369767/sbr/widgetIcon.png?Expires=1730232550&Signature=CnZqVcZUhAVNaL1WpAKQyfGpU7MZk6y18mdABuz7imx-6WVHc5Q49XclswI22Y779wmt72nHtEZx5WPtjXIajNGKERyA28OSYRtI7xbxfyudcMO29h3nb7zPK9QbcNn125aJSlodN4MbQegk3-9Nkoo8hK9wR4nHL5bE3p7M~Ax0J3lN~X8k0vlyXAHGyC8ReX592DZJjiFUWfzlCHMciqeF~FaB1fr07UAOSQwxn24866~jjxDbp8PywTGis5ep6IV4UzAZqU74VOqo2PW7HUmcm~VR5bb3QE1y3845IIKLzZKhj9uGVpqH2KpudLDjTBJD6vpSWoYW-IquJn9reQ__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:6a00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab81798a81615701f8d4c837d9010d50f4ec4a893ee959ae0834299fb92023e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
x-amz-version-id
TbYwd4L7DCMXO_Vga6PoRVg39eRnWcAZ
etag
"431a7104dd028f004cf916fbdef7defa"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
6vcPyKlE4UjeZbULue_1LoptSZMsl2Sa8uuADK67eNeSFhI-zTzIPA==
date
Tue, 29 Oct 2024 19:39:12 GMT
content-type
image/png
last-modified
Tue, 21 Nov 2023 17:53:54 GMT
access-control-allow-headers
Range
x-amz-replication-status
FAILED
via
1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
35492
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
botAvatar.jpg
d1lvyn09g7nf92.cloudfront.net/Northern-Communities-CU-310369767/sbr/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1lvyn09g7nf92.cloudfront.net/Northern-Communities-CU-310369767/sbr/botAvatar.jpg?Expires=1730232550&Signature=AVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6~AQ~zmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc~L71pH8~Pjyr-zOZoW9jNTODwsx1oWDSxO~Pt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8~lcCN523NNyWFLwyttXgqB0nmnuBI~w__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:6a00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d07a16b94ccac1e1f3c2827069f8d557a080c38a23226437e4225ebb680deb9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
x-amz-version-id
9Fne8pjsxULOebrnaPG6y038r4PJuGX1
etag
"4b5115befa4a9399b17ac24e576a893e"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
xmSbkAQacC0eoT-ylqZ65hJHUrMfVGfynehuN1ir4DX7FORpq7ekPg==
date
Tue, 29 Oct 2024 19:39:12 GMT
content-type
image/jpeg
last-modified
Thu, 02 Nov 2023 13:31:27 GMT
access-control-allow-headers
Range
x-amz-replication-status
FAILED
via
1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
132164
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
es6-shim.min.js
d2kc9bbovjrjt2.cloudfront.net/cdn/ Frame 03C7 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d2kc9bbovjrjt2.cloudfront.net/cdn/es6-shim.min.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7200:1a:3e6b:180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
content-encoding
gzip
etag
W/"a95b94cf6b62062b328f415eff920b95"
age
66439
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
C-Kf6LhsjI3gVnuZ0_FcRiMzVxkNqDkyxQtH9qknR750viBtWkrl7w==
date
Tue, 29 Oct 2024 01:11:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 08 Dec 2021 16:27:06 GMT
access-control-allow-headers
Range
via
1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
server
AmazonS3
ABCDiatype-Bold.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		35 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Bold.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
p6n0Tc7r0wEfMmBNZniK6iv3yS2JNMXI
etag
"62347265ffc8d5bbfa1ab1f0237081fe"
age
38986
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
spjYjimCCQYX9TWOQ8OwQUCPvzMFbwzpO1PwF08oyfIxWyk6ZMUtkg==
date
Tue, 29 Oct 2024 08:49:25 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:56 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
36284
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-BoldItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		37 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-BoldItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
TzJZJR3VlreA2QEgEUmHqIYZ8NDQq42s
etag
"9e17597dd4da4bae980ecbef031bd8e4"
age
63298
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
3E0aRz6Syfkf-IQycbu3qyKyqsFxNpR75P7LcvRrMG0lJvFpldkHyQ==
date
Tue, 29 Oct 2024 02:04:13 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:49 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
37648
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-Medium.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		36 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Medium.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
b2Ry6_xBTV0g9DZQoNx4HbovoYRjXObc
etag
"453362635b339393678d9a3ce1345a51"
age
47565
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
SmZ0oAd_-TeaU7qq0IjEZEbBEuf9wp6UYEu0MX8VK82K0rTdX8Thuw==
date
Tue, 29 Oct 2024 06:26:26 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:27:01 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
37132
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-MediumItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		38 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-MediumItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
B4Kreqj0F121.fs2YNFtUTQm1eiQQ3Fb
etag
"151847173fa97d2904d66477d6c7e0f6"
age
54047
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
7QrVYKvHkjrP0tROXc8-cS7DbjrBmwe9NKi00vHsWJxR10aTRfblcg==
date
Tue, 29 Oct 2024 04:38:24 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:51 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
38868
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-Regular.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		33 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Regular.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
dRj2IfRkb_gzvWdiCgOACtTkkXxsQTiw
etag
"233ff3d5c1ae46bf97b9e45ca201d061"
age
38119
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
HhvbP9ROXY60Ug-N5o7hkCy6QV88VAemEj2wHvxHn2coB8G66WDzgQ==
date
Tue, 29 Oct 2024 09:03:52 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:54 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
34196
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ABCDiatype-RegularItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame 03C7 		35 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-RegularItalic.woff2
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securemessage.nccyou.com
Referer
https://securemessage.nccyou.com/

Response headers

access-control-max-age
3000
x-amz-version-id
BufFa3sxJDDPPHe2Wn.wYZ5HH8oZCOpc
etag
"7b038158704a5c3f432bf27f238ac214"
age
54047
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
zz5kDgx01xNxGEAEa9rij27dTOEpA8J57ECReTW4YgjNgfPiN0UlNA==
date
Tue, 29 Oct 2024 04:38:24 GMT
content-type
binary/octet-stream
vary
Accept-Encoding
last-modified
Wed, 15 Feb 2023 08:26:48 GMT
via
1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
35956
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor.d4240f10169ae61ddf4c.js
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame 03C7 		3 MB
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2fdb2a0e300269240b48d23443a2574a528c41fafa51b2b2854dd15258e2065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

If-None-Match
W/"9a3d72c44fa0be7513fdb27642b53a53"
Referer
https://securemessage.nccyou.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
Wed, 23 Oct 2024 17:55:29 GMT

Response headers

x-amz-version-id
8h9NV9hBgRXXIvFvluUHItnlDSsRlv2i
etag
W/"9a3d72c44fa0be7513fdb27642b53a53"
age
59604
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
BE0MvNqmMMoy1WZYRmWiMkF2i-9TrxO2gFprWI2YaU-tNRS9seJQgg==
date
Tue, 29 Oct 2024 19:39:11 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 545b825053a09d387ff136b5f64f0862.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.7b726bb3bc421cfdecb1.js
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame 03C7 		518 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.7b726bb3bc421cfdecb1.js
Requested by
Host: securemessage.nccyou.com
URL: https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.196.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-196-159.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
570a73e55a9861df7efe18670f08d296621fb78b0c4456a89f02284245858eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securemessage.nccyou.com/

Response headers

content-encoding
br
etag
W/"cb36953d558393a4eace0a5f1cc1affd"
x-amz-version-id
HkuGWhFUcsdSGYt15VqtoQgY9CsfPFPk
age
60576
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
VghHcAqv1lDcaXjFe0bX6-AaBk3zgpMHzC9BvFDtYi0ZAMSG8C0heA==
date
Tue, 29 Oct 2024 02:49:35 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Sun, 20 Oct 2024 05:01:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 545b825053a09d387ff136b5f64f0862.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ac0483d5-a807-4f43-92c3-c38ebe2c7535
https://securemessage.nccyou.com/ Frame 		0
0
get
securemessage.nccyou.com/messages/service/domain/settings/ Frame 03C7 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/domain/settings/get
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With
XMLHttpRequest
Accept-Language
en-US
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Elt-Session-Token
null

Response headers

referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
0
date
Tue, 29 Oct 2024 19:39:11 GMT
x-permitted-cross-domain-policies
none
server
envoy
x-content-type-options
nosniff
config
securemessage.nccyou.com/messages/service/skillBasedRouting/widget/ Frame 03C7 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/skillBasedRouting/widget/config
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
1dc0bbf73e5b02b7d632222fc4f96d104e0497012bccabd20b8cb79a1b724607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With
XMLHttpRequest
Accept-Language
en-US
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Elt-Session-Token
null

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
15
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-eltropy-revision
1.5.4
date
Tue, 29 Oct 2024 19:39:11 GMT
content-type
application/json; charset=utf-8
server
envoy
data
securemessage.nccyou.com/messages/service/skillBasedRouting/widget/panels/ Frame 03C7 		4 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/skillBasedRouting/widget/panels/data?panelId=
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With
XMLHttpRequest
Accept-Language
en-US
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
0
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-eltropy-revision
1.5.4
content-length
4
date
Tue, 29 Oct 2024 19:39:11 GMT
content-type
application/json; charset=utf-8
server
envoy
CobrowseIO.js
cobrowse.eltropy.com/sdk-js/ 		708 KB
709 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobrowse.eltropy.com/sdk-js/CobrowseIO.js
Requested by
Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.195.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-195-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9e41b3d8925655d8e671b40eba027f300c8209e7ccaa7ee16debc9ca34199bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nccyou.com/

Response headers

cache-control
max-age=86400, public
etag
"66e20842-b0fa0"
x-content-type-options
nosniff
expires
Wed, 30 Oct 2024 19:39:11 GMT
accept-ranges
bytes
content-length
724896
date
Tue, 29 Oct 2024 19:39:11 GMT
x-xss-protection
0
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 21:14:42 GMT
server
nginx
truncated
/ Frame 03C7 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9982b73789701a08a6224982a0a49e80b6e8263ebcb6e28f1217157c02b9c774

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
channelList
securemessage.nccyou.com/messages/service/skillBasedRouting/widget/ Frame 03C7 		244 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/skillBasedRouting/widget/channelList?ccgId=1d08480c-7451-4109-b22c-45e44450d608
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
2999c81910aa8a80469d59042198b1aeb00c48ac9508a26f14c19e306d7f65ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With
XMLHttpRequest
Accept-Language
en-US
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Elt-Session-Token
null

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
9
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-eltropy-revision
1.5.4
content-length
244
date
Tue, 29 Oct 2024 19:39:11 GMT
content-type
application/json; charset=utf-8
server
envoy
channelList
securemessage.nccyou.com/messages/service/skillBasedRouting/widget/ Frame 03C7 		244 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securemessage.nccyou.com/messages/service/skillBasedRouting/widget/channelList?ccgId=1d08480c-7451-4109-b22c-45e44450d608
Requested by
Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.d4240f10169ae61ddf4c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.36.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a90bf267a40ac35dc.awsglobalaccelerator.com
Software
envoy /
Resource Hash
2999c81910aa8a80469d59042198b1aeb00c48ac9508a26f14c19e306d7f65ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://securemessage.nccyou.com/chat/?domain=https%3A%2F%2Fsecuremessage.nccyou.com&domainId=310369767&botName=Bridgette&engagementText=&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FNorthern-Communities-CU-310369767%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1730232550%2526Signature%253DAVsWsNkzXFEVzQejBCYSFRyiepwJNvbPgKZngMLhh6%7EAQ%7EzmPlnUDlXpKHiuyMFWETILcpayAw6RDEyU9Wgac-cmi2y2K564lItZTKrlruTDZj2BFhPlBnrsvZUB-oC7pfEZgM1pMljbijZ9nxdG8eJkqyB97uwZjgpUK0xFIzuJtnc8ffGlU2Qvuvql8gDKigzFUHSwZdc%7EL71pH8%7EPjyr-zOZoW9jNTODwsx1oWDSxO%7EPt3nPHBhJHJ3zNPHBMU1t3j3sXz3TOUaKB6GBp2qGDgo-GoLs0XdMk1JGcPKmdYpuWVpUtDH8%7ElcCN523NNyWFLwyttXgqB0nmnuBI%7Ew__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F93d4cb&textColor=%2F222&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=Hello%2C+I%27m+Bridgette.+NCCYou%27s+virtual+assistant.+How+can+I+help+you+today%3F&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With
XMLHttpRequest
Accept-Language
en-US
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
12
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-eltropy-revision
1.5.4
content-length
244
date
Tue, 29 Oct 2024 19:39:11 GMT
content-type
application/json; charset=utf-8
server
envoy
54e4eb09-73c6-4f0d-96a2-98155f8603ac
cobrowse.eltropy.com/api/1/devices/ 		0
0
54e4eb09-73c6-4f0d-96a2-98155f8603ac
cobrowse.eltropy.com/api/1/devices/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securemessage.nccyou.com
URL
blob:https://securemessage.nccyou.com/ac0483d5-a807-4f43-92c3-c38ebe2c7535
Domain
cobrowse.eltropy.com
URL
https://cobrowse.eltropy.com/api/1/devices/54e4eb09-73c6-4f0d-96a2-98155f8603ac
Domain
cobrowse.eltropy.com
URL
https://cobrowse.eltropy.com/api/1/devices/54e4eb09-73c6-4f0d-96a2-98155f8603ac

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| divimode_loader object| DiviAreaConfig object| DiviPopupData object| DiviPopup object| DiviArea string| gtm4wp_datalayer_name object| dataLayer function| jQuery function| $ object| Eltropy object| dataLayer_content object| et_animation_data object| et_link_options_data object| GraniteClientLibraryManager object| CQClientLibraryManager object| GraniteTiming function| S4 function| guid function| js_beautify function| setupConfig object| I18n object| Handlebars function| DP_jQuery_1730230748910 function| _ object| Backbone object| bnp function| Store object| ich object| Modernizr object| Highcharts object| HighchartsAdapter object| google_tag_manager object| google_tag_data object| HandlebarsTemplates object| divimode_front object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| onYouTubeIframeAPIReady function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| gaplugins object| gaGlobal object| gaData object| GooglebQhCsO object| __ctm object| __ctm_tracked_numbers object| __ctm_nodes_visible object| __ctm_nodes_clicked object| __ctm_queue object| __ctm_config function| ptTrackVistor function| ptTrackVisitor function| ptTrackEvent object| __ctmi object| __ctm_loaded object| __ctm_cvars function| pure_Promise object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| webpackChunkwidget object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| script string| domain string| botName string| botAvatar string| widgetIconUrl string| passBotAvatar string| primaryColor string| textColor string| tosUrl string| endButtonPrimaryColor string| passEndButtonPrimaryColor string| endButtonTextColor string| passEndButtonTextColor string| startButtonPrimaryColor string| passStartButtonPrimaryColor string| startButtonTextColor string| passStartButtonTextColor string| startButtonText string| standardWelcomeMessage string| feedbackMessage string| defaultBottomPosition string| defaultRightPosition string| bottomPosition string| rightPosition string| originalWidth string| originalHeight string| botImageSrc string| q2MobileStartButtonPrimaryColor string| q2MobileStartButtonTextColor string| q2MobileStartButtonText string| borderRadius string| height object| notifMessages boolean| isNotificationOpen string| passPrimaryColor string| passTextColor object| botConfig boolean| isCobrowseApiInitialized object| chatbotIconStyles string| passAutoIdleResponse string| passChatBotIdleTime string| passChatBotIdleTimeFormat string| passChatBotSessionClosureTime string| passChatBotSessionClosureTimeFormat number| CHATBOT_POSITION_TOLERANCE_LIMIT function| eltropyDirectConnect function| updateChatbotPositionSessionStorageValues function| eltropyAddCobrowseButton function| eltropyRemoveCobrowseButton function| switchToEltropyChat function| endEltropyChat function| et_pb_init_woo_custom_button_icon object| _uid2SdkListenerLock function| setupUid2Sdk string| waypointContextKey object| CobrowseIO string| iframeUrl object| webpackChunkCobrowseIO boolean| __cobrowse_io_loaded function| pure_addEventListener function| pure_removeEventListener

10 Cookies

Domain/Path Name / Value
.nccyou.com/ Name: _gcl_au
Value: 1.1.619424844.1730230749
452392.tctm.xyz/ Name: ct452392
Value: 672139dd0006e728442b3c9c
.nccyou.com/ Name: _gid
Value: GA1.2.1197913956.1730230749
.nccyou.com/ Name: _gat_UA-145833692-1
Value: 1
.nccyou.com/ Name: _ga_4FEP4CWN00
Value: GS1.1.1730230749.1.0.1730230749.60.0.0
.nccyou.com/ Name: _ga
Value: GA1.1.1215177655.1730230749
.nccyou.com/ Name: __ctmid
Value: 672139dd0006e728442b3c9c
nccyou.com/ Name: __ctmid
Value: 672139dd0006e728442b3c9c
.nccyou.com/ Name: _fbp
Value: fb.1.1730230749794.448360831298409634
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://securemessage.nccyou.com/messages/service/domain/settings/get
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

452392.tctm.xyz
acsbapp.com
cdn.acsbapp.com
cobrowse.eltropy.com
code.jquery.com
connect.facebook.net
d1lvyn09g7nf92.cloudfront.net
d2kc9bbovjrjt2.cloudfront.net
doerd31l9oh9k.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
nccyou.com
region1.analytics.google.com
securemessage.nccyou.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nccyou.com
cobrowse.eltropy.com
securemessage.nccyou.com
108.138.40.116
141.193.213.11
142.250.184.195
142.250.184.196
142.250.184.226
142.250.185.67
15.197.193.217
157.240.0.6
2001:4860:4802:34::36
2600:9000:223d:f000:b:527a:2d40:93a1
2600:9000:225b:7200:1a:3e6b:180:21
2600:9000:26da:6a00:7:3d38:fd80:21
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2a00:1450:4001:800::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c0d::9d
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::649
44.237.195.6
54.192.196.159
75.2.36.128
001527ad4734dd2766ae112a8f8632ea5e81f031b8bc9144ce1206b99331e2c6
1307fbc32a62b66eb55afcc457c776759cbbef880fee985fc411f03a53ad5a73
14fb77f88feec2a964a63837759fab01b7a63a382a198a6ad72bc3971ec9f597
15699916ae072f84c05efe468a775fb32e8e2fd856b498d122437e585626dcb4
173c78d630b5f3ff58fa48e021069fcdcb942406120e80a5dc8b5a41b37757e5
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dc0bbf73e5b02b7d632222fc4f96d104e0497012bccabd20b8cb79a1b724607
22b3bcce62585ce2a72f2c57c075a0ad2fde27f862ec60979364553fb36cc9c3
27e4bb159037285fdf7c7860b6eca0265a3edf656f3a932b58288aa2d90d9768
2999c81910aa8a80469d59042198b1aeb00c48ac9508a26f14c19e306d7f65ea
3ca11cf9ca00fd5a1e8ed8a901d790bf273e188bfa76d5cc57f6aeebb2d5a42a
3d59b87aa357ad0cb27fbfaede39c7f82bca8fedbee587947ddcce5b276de424
3d65bd6b44ea47c7cc3a8a2dbb288b0fb668f3e5f8abbdce7a795b19bba8325a
3ecbb5ad1dbe885d8926203636cdbb21a6dde9f51463f797b83e43b77dcc1878
3ffe7cae057c83d8b2cf00f4b3a6a895ea79f87703772ab5f3a7364887da1c40
4ab81798a81615701f8d4c837d9010d50f4ec4a893ee959ae0834299fb92023e
514d1905038b4186fc184128e5d1b18c92285ed241bf5c2d7a718d15394ecf8a
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
570a73e55a9861df7efe18670f08d296621fb78b0c4456a89f02284245858eab
5a04980e5411ea6cf08102a6b70305e94b0687c65c0132323444b2849af7cabc
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5d19f231cdc19129eadeb0f2c62f99d9df88e5f2ad532626a59a9cc38615f53f
5e216bfa0652adb5fe88502f4da0370a7e1c90d5bcd3c160684822c628ca7723
61994cdb365e5ddcb8f43f2967e52c087bf1d5d1cdf5194786e54299bd560a4b
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692
6d048300ef39b739c9edbbec1efc98d8530c20f7aa4c89cb7f6b6a8e8ff86d35
717f423330460c0deeee32964f3d50081068c71992739202bfa6f543bfe1f424
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
79e1a3b689e3597e9aebb130109733831897d6bc282c0c4fc5f02650d99f4df2
79ff9ec21916e9004f597c2b7ac4451073e51f7dafb684c4586032c9e4e7a42f
7a6523566ca135220ebcfa0513ac8c4ddd353327fd0e447ead8df831dd18f077
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9
8e7b0e5a0e55ebc1c8e87b0010599a730e0b977ecf4e090c64ce768ac5f6f107
9164b8e6f8a93d1cd1dee79e13c279a0e625f9ba93395729c0147ba5323d0b47
9418fabfb9e44d2e317c49c500d1f19c42ce6c8cf5b48197f78da3fa6015077b
94cedff9b8cb7474c39f9d31ebe8d5f1c979de668855d08bc3238dcdd2ab94c3
9702ed6207153ea3b79048a51c0475edb6c9c690c9606a4da360e4e65eb32aba
9982b73789701a08a6224982a0a49e80b6e8263ebcb6e28f1217157c02b9c774
9a7254fc7b0ae8cbde49bbd6572e92c00f8b352337d3400ec7b4a78517720392
9e41b3d8925655d8e671b40eba027f300c8209e7ccaa7ee16debc9ca34199bb3
a3ac208ac7f0f83a4c412a0faac04adc1b77fc4f5d4cc6e56a88bc661f3d266e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2fdb2a0e300269240b48d23443a2574a528c41fafa51b2b2854dd15258e2065
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976
b76ca903becf077bb91fe8b7d18e62b6ca078ce408e0279778dda3f859e693d8
b99a695b338a76f9d6d37df113649ad56f0d1f69c513063f66f63b950a46b06f
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878
be830380fcfbdf0423d65e96ea11541ed2a7a72a3f9db0017efe487a06050928
caa72994170d22039355983406708efe607928c967f7209abb57d5496b6a6d04
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdd34897818782f3f12c67a9e4c4bbed312bf9fef286f7389c345473cd32e1ec
d07a16b94ccac1e1f3c2827069f8d557a080c38a23226437e4225ebb680deb9c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5eef4d152a4d8763987fbdd7e7baef76986f5757084171385add031c51781a
f4cc23fc9c1cae0cae8673ec89fb555b7af959a7de5e7ad729e7849f898b3fd9
f78bb4fead90ea6966383155118b67afbc0bdb0f870f4918944de11227d583e7
fa9150610e03a902daa8798f9e890aebaa23d43fb723441054aee801d0298b21
fc04fb3631725d37ffd650688fb72d131dd109af896167b764678060837a80a0
fd02ffc054bdb74d7dd3af75fb890816bc85720099a01244730da7a3be97aab9
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e