urlscan.io logo urlscan.io
SecurityTrails logo

response.nfcu.org Open in urlscan Pro
199.204.164.215  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20...
Submission: On January 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 199.204.164.215, located in Stephens City, United States and belongs to NFCU-AS, US. The main domain is response.nfcu.org.
This is the only time response.nfcu.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

IP Address AS Autonomous System
2 199.204.164.215 14222 (NFCU-AS)
24 184.30.211.30 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 172.217.23.166 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 6
2    199.204.164.215 (Stephens City, United States)

ASN14222 (NFCU-AS, US)
PTR: response.nfcu.org
response.nfcu.org
media.nfcu.org
24    184.30.211.30 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-211-30.deploy.static.akamaitechnologies.com
www.navyfederal.org
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.217.23.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f166.1e100.net
5053096.fls.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
24 www.navyfederal.org response.nfcu.org
2 5053096.fls.doubleclick.net 1 redirects response.nfcu.org
1 fonts.gstatic.com response.nfcu.org
1 media.nfcu.org response.nfcu.org
1 cdnjs.cloudflare.com response.nfcu.org
1 fonts.googleapis.com response.nfcu.org
1 response.nfcu.org
30 7

This site contains links to these domains. Also see Links.

Domain
www.navyfederal.org
my.navyfederal.org
Subject Issuer Validity Valid
www.navyfederal.org
DigiCert SHA2 Extended Validation Server CA		 2020-01-10 -
2021-04-01		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Frame ID: F9CDB4FA9684628BABF7408188D447FE
Requests: 29 HTTP requests in this frame

Frame: https://5053096.fls.doubleclick.net/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]
Frame ID: FAF1148C661B6B6C62C343CE457BF2C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

537 kB
Transfer

809 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://5053096.fls.doubleclick.net/activityi;src=5053096;type=fe;cat=unive0;ord=[SessionID] HTTP 302
  • https://5053096.fls.doubleclick.net/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ftaf
response.nfcu.org/bin/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
HTTP/1.1
Server
199.204.164.215 Stephens City, United States, ASN14222 (NFCU-AS, US),
Reverse DNS
response.nfcu.org
Software
Apache Tomcat /
Resource Hash
b24fb785c6d6caf993a306858800ddd0a8848eaf66d81c3ad62b291820049d85

Request headers

Host
response.nfcu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Date
Wed, 29 Jan 2020 00:59:57 GMT
Server
Apache Tomcat
common.css
www.navyfederal.org/css/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/common.css
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ec81cd8d85af655073894a9b521461c2b994843e58a0b0545cd29dd23fa3169

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2017 15:12:27 GMT
server
Apache
etag
"ad7f-55fad611facc0-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
6903
expires
Fri, 12 Apr 2019 07:55:07 GMT
nfo.css
www.navyfederal.org/css/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/nfo.css
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b01e33d324987c6ae8a5bc64c9ea3e554128be1db3c9269ba24e42bfc4d06b85

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Fri, 20 Oct 2017 18:37:02 GMT
server
Apache
etag
"a142-55bfec23aaf80-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
9596
expires
Thu, 24 Jan 2019 12:01:41 GMT
nav-megamenu.css
www.navyfederal.org/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/nav-megamenu.css
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
211a32a9f987093a05ecb3f0321cd275970531e126e423fef9186e627439ffc2

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2017 15:51:46 GMT
server
Apache
etag
"18d4-5553a6cd64880-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
1668
expires
Wed, 12 Jun 2019 12:07:51 GMT
jquery-1.12.4.min.js
www.navyfederal.org/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/jquery-1.12.4.min.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:37 GMT
server
Apache
etag
"17b8e-55aaa9d817340-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
33766
expires
Sat, 19 Oct 2019 20:43:07 GMT
jquery-ui-1.10.3.custom.min.js
www.navyfederal.org/js/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/jquery-ui-1.10.3.custom.min.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
170eb086c7986b6163c34427e01bfcc67825a3f186b32a038b20511407fdade7

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:32 GMT
server
Apache
etag
"1090d-55aaa9d352800-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
20257
expires
Sun, 22 Sep 2019 12:13:58 GMT
jquery.ui.touch-punch.min.js
www.navyfederal.org/js/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/jquery.ui.touch-punch.min.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
97d7c31807ad638cb2813aa91f49db42f7f00176c11eb28680983fac8ae9aa76

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:32 GMT
server
Apache
etag
"4d9-55aaa9d352800-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
631
expires
Fri, 14 Jun 2019 02:05:40 GMT
jquery.getUrlParam.js
www.navyfederal.org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/jquery.getUrlParam.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d56269d468a7434670bb3253ff7c75f54b7131e49e9a98bb183f5717267139db

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:30 GMT
server
Apache
etag
"7e8-55aaa9d16a380-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
842
expires
Wed, 25 Sep 2019 15:13:19 GMT
slider.js
www.navyfederal.org/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/slider.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fa77b552dbd4d8aa3b6f0aadde11664046bdf2e025ee829a1caa6af06d19115

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:32 GMT
server
Apache
etag
"4773-55aaa9d352800-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
5971
expires
Fri, 18 Oct 2019 23:08:29 GMT
ajx_inlineExpand.js
www.navyfederal.org/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/ajx_inlineExpand.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5142e8616c3045fe0806340a9231670f350448c2b94fe7c258943fdbd4176f0f

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:28 GMT
server
Apache
etag
"e7d-55aaa9cf81f00-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
1299
expires
Fri, 14 Jun 2019 02:05:40 GMT
nfo_aa.js
www.navyfederal.org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/nfo_aa.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dab3f49d0b5564d4541039642d658b88243e90e056c74772c1397facd9ad1a5d

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:31 GMT
server
Apache
etag
"9ee-55aaa9d25e5c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
1191
expires
Sun, 06 Jan 2019 17:42:54 GMT
facebox.js
www.navyfederal.org/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/facebox.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2140b43f2562ce0ff6329ae8174758e08dfac1776cb3bcf67381a0621332adfe

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:30 GMT
server
Apache
etag
"255c-55aaa9d16a380-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
2884
expires
Mon, 07 Jan 2019 11:39:57 GMT
tooltip.js
www.navyfederal.org/js/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/tooltip.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9dd1c407f2ac8d337a79fe6372fabb7d7bc91e1e63521f9c17fbe8d290affad6

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:48:31 GMT
server
Apache
etag
"87d-55aaa9d25e5c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
786
expires
Sat, 05 Oct 2019 02:58:00 GMT
chat-slide.js
www.navyfederal.org/js/ 		248 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/js/chat-slide.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4bc14a5644aabef9db55f5d4bbd9fc5dba1a618f2937517ad0fe1a223e577504

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 23 Oct 2018 15:15:55 GMT
server
Apache
etag
"f8-578e6d894e0c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
175
expires
Tue, 22 Jan 2019 13:29:19 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic,700italic
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e090cbdd67459b4d9456fb63d2392f975c2f423e0992695dfdce770233625c4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 29 Jan 2020 00:59:58 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 29 Jan 2020 00:59:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 29 Jan 2020 00:59:58 GMT
article-responsive.css
www.navyfederal.org/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/article-responsive.css
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ead01e102729ff2cfe7b0264f8230213b60f6d15d2454d3bca1e1ff86b8637e5

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Wed, 12 Jul 2017 21:06:23 GMT
server
Apache
etag
"319b-55425303731c0-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
3169
expires
Fri, 14 Jun 2019 02:05:40 GMT
styles.css
www.navyfederal.org/css/landing-styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/landing-styles/styles.css
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f395f2e8131eddcc88c1a28f5e5b4c843f45a96cad1dc295dcf193cbd5aaf145

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2017 18:00:46 GMT
server
Apache
etag
"21b3-55a57cddcaf80-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
1718
expires
Sun, 01 Dec 2019 22:09:17 GMT
modernizr-custom.js
www.navyfederal.org/css/landing-styles/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/css/landing-styles/js/modernizr-custom.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f682a34f54c9fdcf9c135bddb8d3e01b46321d6b7bed02f5c0250dd94eb0c4c1

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2016 21:45:52 GMT
server
Apache
etag
"1c7e-541eab23c4400-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
3193
expires
Fri, 14 Jun 2019 02:05:40 GMT
picturefill.js
cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.2/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.2/picturefill.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
badb5825dfa0693d6181b62162119b21e15ad722ba2519c4e93551657ae8a883
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
br
cf-cache-status
HIT
age
7753822
cf-ray
55c744398e95d6bd-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:25:57 GMT
server
cloudflare
etag
W/"5afd4aa5-ae8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 18 Jan 2021 00:59:58 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
nfculogo.png
www.navyfederal.org/images/structure/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/nfculogo.png
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2a027e4b13131ea02e1e3649014f512374680bb14748abfeb9d8704520d8cf5

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Mon, 20 Mar 2017 15:39:28 GMT
server
Apache
etag
"248c-54b2b55294c00"
content-type
image/png
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
9356
expires
Thu, 16 Jan 2020 11:27:44 GMT
bnr_referral_form.jpg
media.nfcu.org/navyfederal/onboarding/images/ 		325 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.nfcu.org/navyfederal/onboarding/images/bnr_referral_form.jpg
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
HTTP/1.1
Server
199.204.164.215 Stephens City, United States, ASN14222 (NFCU-AS, US),
Reverse DNS
response.nfcu.org
Software
Apache Tomcat /
Resource Hash
cb01d0a5b0a20bb68f70b5ae180df558d576ae658fb74780f946a823d62a73a6

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 29 Jan 2020 00:59:58 GMT
Last-Modified
Wed, 10 Oct 2018 14:01:37 GMT
Server
Apache Tomcat
ETag
W/"332623-1539180097000"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
332623
footerlogo_lg.png
www.navyfederal.org/images/structure/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/footerlogo_lg.png
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fd2e7377926e0c4b8e14059621b92d95f14e5cf5b9b243cfa9cd20b151f12b75

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Tue, 01 Jul 2014 14:49:50 GMT
server
Apache
etag
"bbf-4fd22e33d3f80"
content-type
image/png
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
3007
expires
Tue, 10 Sep 2019 06:02:33 GMT
ncua-logo.png
www.navyfederal.org/images/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/icons/ncua-logo.png
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74cd77bdfc464e1dc69c120c5d3d5b6a226f07e71136ae9c93f5ef61bf57d164

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Sun, 02 Jun 2013 10:22:05 GMT
server
Apache
etag
"e3c-4de2938370d40"
content-type
image/png
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
3644
expires
Sun, 14 Apr 2019 12:57:17 GMT
EHLlogo.png
www.navyfederal.org/images/structure/ 		573 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/EHLlogo.png
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
334530d1ec896e40f14f0a5b2550c8a240178a97437a17da70eea4e59e668836

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Wed, 25 Sep 2013 14:10:49 GMT
server
Apache
etag
"23d-4e735d1facc40"
content-type
image/png
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
573
expires
Thu, 21 Mar 2019 18:52:21 GMT
jquery.matchHeight-min.js
www.navyfederal.org/financial-group/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.navyfederal.org/financial-group/js/jquery.matchHeight-min.js
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
469c03d376ea57e7f5ed6e2dd00c36451d8545e475a49e3ac82185286f149ec8

Request headers

Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
content-encoding
gzip
last-modified
Wed, 19 Jun 2019 09:27:30 GMT
server
Apache
etag
"a1a-58ba9d69e8480-gzip"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=21600
accept-ranges
bytes
content-length
1068
expires
Thu, 20 Jun 2019 08:52:35 GMT
activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]
5053096.fls.doubleclick.net/ Frame FAF1
Redirect Chain
  • https://5053096.fls.doubleclick.net/activityi;src=5053096;type=fe;cat=unive0;ord=[SessionID]?
  • https://5053096.fls.doubleclick.net/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5053096.fls.doubleclick.net/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]?
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5053096.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 Jan 2020 00:59:58 GMT
expires
Wed, 29 Jan 2020 00:59:58 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
1581
x-xss-protection
0
set-cookie
IDE=AHWqTUk8SZDLydFi4uBTh_MKqylVgwXdVMRpQbSnMKJwLBTmURKRuugo8km3h77U; expires=Mon, 22-Feb-2021 00:59:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 Jan 2020 00:59:58 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5053096.fls.doubleclick.net/activityi;dc_pre=CKLHruDNp-cCFQNx4AodRgYJ0Q;src=5053096;type=fe;cat=unive0;ord=[SessionID]?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Jan-2020 01:14:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
new_nfo_bg.jpg
www.navyfederal.org/images/structure/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/new_nfo_bg.jpg
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae2065b89872fb4d0d3df80e1ece9f5c1a63fc36de831600d1e74a7993b1dbde

Request headers

Referer
https://www.navyfederal.org/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Thu, 01 May 2014 14:58:15 GMT
server
Apache
etag
"9756-4f857e5050fc0"
content-type
image/jpeg
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
38742
expires
Thu, 16 Jan 2020 10:38:46 GMT
joinInfo_bg.png
www.navyfederal.org/images/structure/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/joinInfo_bg.png
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c41b77a374ec8e7f5ef0bac400d2d1afa2dfab43f8de93af353f0e5b29cf8b16

Request headers

Referer
https://www.navyfederal.org/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:58 GMT
last-modified
Thu, 01 May 2014 14:58:17 GMT
server
Apache
etag
"800-4f857e5239440"
content-type
image/png
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
2048
expires
Mon, 09 Sep 2019 14:03:56 GMT
footer_bg.jpg
www.navyfederal.org/images/structure/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.navyfederal.org/images/structure/footer_bg.jpg
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.211.30 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-211-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1617cecfba7eee4d4da3e8a91af63a81465cc755f5328a673c91b027ed3bfd13

Request headers

Referer
https://www.navyfederal.org/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 29 Jan 2020 00:59:59 GMT
last-modified
Thu, 01 May 2014 14:58:19 GMT
server
Apache
etag
"46a0-4f857e54218c0"
content-type
image/jpeg
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-length
18080
expires
Sun, 28 Apr 2019 18:32:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: response.nfcu.org
URL: http://response.nfcu.org/bin/ftaf?id=7BDC4BC57616E56660FB2A8902071A9655D4898BCCC40632&firstname=Gary&fullname=Gary%20L%20Lampley&cmpid=em%7Cmbr%7Cmbrsp%7Crfl%7C%7C%7C01/27/2020%7C35694%7C%7Ccb1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic,700italic
Origin
http://response.nfcu.org

Response headers

date
Fri, 22 Nov 2019 03:57:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:07 GMT
server
sffe
age
5864534
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13108
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:57:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| nsSearchData object| nsCurrency string| enablepersist string| collapseprevious string| contractsymbol string| expandsymbol function| getElementbyClass function| sweeptoggle function| contractcontent function| expandcontent function| revivecontent function| revivestatus function| get_cookie function| getselectedItem function| saveswitchstate function| do_onload function| win function| selfinit boolean| isNN function| autoTab function| checkNumber function| showLogin object| tooltip function| getQueryVariable function| putVariables object| html5 object| Modernizr object| picturefillCFG function| picturefill function| ValidateLoginForm object| d number| yr object| jQuery112408697103148602845 string| uniqueidn object| ccollect object| statecollect

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUk8SZDLydFi4uBTh_MKqylVgwXdVMRpQbSnMKJwLBTmURKRuugo8km3h77U

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5053096.fls.doubleclick.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
media.nfcu.org
response.nfcu.org
www.navyfederal.org
172.217.23.166
184.30.211.30
199.204.164.215
2606:4700::6811:4104
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2003
1617cecfba7eee4d4da3e8a91af63a81465cc755f5328a673c91b027ed3bfd13
170eb086c7986b6163c34427e01bfcc67825a3f186b32a038b20511407fdade7
211a32a9f987093a05ecb3f0321cd275970531e126e423fef9186e627439ffc2
2140b43f2562ce0ff6329ae8174758e08dfac1776cb3bcf67381a0621332adfe
334530d1ec896e40f14f0a5b2550c8a240178a97437a17da70eea4e59e668836
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
469c03d376ea57e7f5ed6e2dd00c36451d8545e475a49e3ac82185286f149ec8
4bc14a5644aabef9db55f5d4bbd9fc5dba1a618f2937517ad0fe1a223e577504
5142e8616c3045fe0806340a9231670f350448c2b94fe7c258943fdbd4176f0f
5ec81cd8d85af655073894a9b521461c2b994843e58a0b0545cd29dd23fa3169
74cd77bdfc464e1dc69c120c5d3d5b6a226f07e71136ae9c93f5ef61bf57d164
7fa77b552dbd4d8aa3b6f0aadde11664046bdf2e025ee829a1caa6af06d19115
97d7c31807ad638cb2813aa91f49db42f7f00176c11eb28680983fac8ae9aa76
9dd1c407f2ac8d337a79fe6372fabb7d7bc91e1e63521f9c17fbe8d290affad6
ae2065b89872fb4d0d3df80e1ece9f5c1a63fc36de831600d1e74a7993b1dbde
b01e33d324987c6ae8a5bc64c9ea3e554128be1db3c9269ba24e42bfc4d06b85
b24fb785c6d6caf993a306858800ddd0a8848eaf66d81c3ad62b291820049d85
badb5825dfa0693d6181b62162119b21e15ad722ba2519c4e93551657ae8a883
c41b77a374ec8e7f5ef0bac400d2d1afa2dfab43f8de93af353f0e5b29cf8b16
cb01d0a5b0a20bb68f70b5ae180df558d576ae658fb74780f946a823d62a73a6
d56269d468a7434670bb3253ff7c75f54b7131e49e9a98bb183f5717267139db
dab3f49d0b5564d4541039642d658b88243e90e056c74772c1397facd9ad1a5d
e090cbdd67459b4d9456fb63d2392f975c2f423e0992695dfdce770233625c4c
ead01e102729ff2cfe7b0264f8230213b60f6d15d2454d3bca1e1ff86b8637e5
f2a027e4b13131ea02e1e3649014f512374680bb14748abfeb9d8704520d8cf5
f395f2e8131eddcc88c1a28f5e5b4c843f45a96cad1dc295dcf193cbd5aaf145
f682a34f54c9fdcf9c135bddb8d3e01b46321d6b7bed02f5c0250dd94eb0c4c1
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fd2e7377926e0c4b8e14059621b92d95f14e5cf5b9b243cfa9cd20b151f12b75