www.bluefcu.com Open in urlscan Pro
2606:4700:4400::ac40:95cd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://marketing.bluefcu.com/
Effective URL:
https://www.bluefcu.com/?ao=1
Submission: On March 07 via automatic, source certstream-suspicious (March 7th 2023, 3:05:50 am UTC) — Scanned from DE

Summary HTTP 100 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 23 domains to perform 100 HTTP transactions. The main IP is 2606:4700:4400::ac40:95cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bluefcu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2022. Valid for: a year.

This is the only time www.bluefcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	207.189.124.20 207.189.124.20	13649 (ASN-VINS) (ASN-VINS)
6	2606:4700:440... 2606:4700:4400::ac40:95cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2600:9000:20e... 2600:9000:20eb:4600:7:415c:1200:21	16509 (AMAZON-02) (AMAZON-02)
1 1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	54.85.11.63 54.85.11.63	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:2156:4e00:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.189.105 13.224.189.105	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:6200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:8200:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.62 13.224.193.62	16509 (AMAZON-02) (AMAZON-02)
2	130.211.141.45 130.211.141.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	52.212.98.141 52.212.98.141	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223f:3400:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:233e:28a8:a312:7414	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.210.139.77 18.210.139.77	14618 (AMAZON-AES) (AMAZON-AES)
100	31

1 207.189.124.20 (McMinnville, United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: forpci90.actonsoftware.com

marketing.bluefcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:95cd (United States)

ASN13335 (CLOUDFLARENET, US)

www.bluefcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:20eb:4600:7:415c:1200:21 (United States)

ASN16509 (AMAZON-02, US)

d11sqswym832o8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.21 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.11.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-11-63.compute-1.amazonaws.com

arttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4e00:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-105.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:6200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8200:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-62.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.141.45 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.141.211.130.bc.googleusercontent.com

js.alpixtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alpixtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.98.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-98-141.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:3400:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:233e:28a8:a312:7414 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.139.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-139-77.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	cloudfront.net d11sqswym832o8.cloudfront.net	2 MB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	324 B
7	typekit.net p.typekit.net — Cisco Umbrella Rank: 568 use.typekit.net — Cisco Umbrella Rank: 440	184 KB
7	bluefcu.com 1 redirects marketing.bluefcu.com www.bluefcu.com	39 KB
5	salemove.com libs.salemove.com — Cisco Umbrella Rank: 21108 client-logger.salemove.com — Cisco Umbrella Rank: 15095	521 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	460 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6149	578 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2	769 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	475 B
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1431 insight.adsrvr.org — Cisco Umbrella Rank: 575	3 KB
3	adroll.com s.adroll.com — Cisco Umbrella Rank: 2488 d.adroll.com — Cisco Umbrella Rank: 1452	22 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 769 in.hotjar.com — Cisco Umbrella Rank: 1659	72 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	203 KB
2	alpixtrack.com js.alpixtrack.com — Cisco Umbrella Rank: 19683 alpixtrack.com — Cisco Umbrella Rank: 14919	5 KB
2	glia.com api.glia.com — Cisco Umbrella Rank: 16183	19 KB
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 10065 jelly-v6.mdhv.io — Cisco Umbrella Rank: 10534	453 B
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1684
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2188	259 B
1	oribi.io cdn.oribi.io — Cisco Umbrella Rank: 16626	602 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2106
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
1	arttrk.com arttrk.com — Cisco Umbrella Rank: 8480	131 B
100	23

	Domain	Requested by
29	d11sqswym832o8.cloudfront.net	www.bluefcu.com d11sqswym832o8.cloudfront.net
9	www.facebook.com	www.bluefcu.com
6	use.typekit.net	www.bluefcu.com
6	www.bluefcu.com	www.bluefcu.com static.cloudflareinsights.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bluefcu.com
5	connect.facebook.net	www.bluefcu.com connect.facebook.net
4	libs.salemove.com	api.glia.com libs.salemove.com
3	www.google.de	www.bluefcu.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	www.bluefcu.com www.googletagmanager.com
2	insight.adsrvr.org	js.adsrvr.org
2	www.google.com	www.bluefcu.com
2	s.adroll.com	www.bluefcu.com s.adroll.com
2	api.glia.com	www.bluefcu.com api.glia.com
2	script.crazyegg.com	www.bluefcu.com www.googletagmanager.com
1	client-logger.salemove.com	libs.salemove.com
1	d.adroll.com	s.adroll.com
1	alpixtrack.com	www.bluefcu.com
1	region1.analytics.google.com	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	js.alpixtrack.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.oribi.io	www.bluefcu.com
1	js.hs-scripts.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.bluefcu.com
1	static.cloudflareinsights.com	www.bluefcu.com
1	arttrk.com	www.bluefcu.com
1	jelly-v6.mdhv.io	www.bluefcu.com
1	jelly.mdhv.io	1 redirects
1	p.typekit.net	www.bluefcu.com
1	marketing.bluefcu.com	1 redirects
100	33

This site contains links to these domains. Also see Links.

Domain
online.bluefcu.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
apps.apple.com
play.google.com
co-opcreditunions.org
www.bluefoundation.blue
clickrain.com
www.bbb.org
www.ncua.gov
www.co-opfs.org
www.greatplacetowork.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-15` - `2023-08-15`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
*.glia.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-15`	2 months	crt.sh
*.hotjar.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-23`	9 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
oribi.io Amazon RSA 2048 M02	`2023-02-27` - `2023-06-17`	4 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
alpixtrack.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-21` - `2024-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.hotjar.io Amazon RSA 2048 M01	`2023-02-23` - `2023-08-16`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.bluefcu.com/?ao=1
Frame ID: 8FE66F43DAD521BB396E6E00F106AE2E
Requests: 96 HTTP requests in this frame

Frame: https://www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678147200
Frame ID: 67CF4F3CE527E7B7E57BE8299FA34376
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=bn8hn4i&ref=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&upid=vigto67&upv=1.1.0
Frame ID: B1DB623BE04DB58C5BEEFFBE1C908CED
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=afirqtd&ref=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&upid=nf9zby8&upv=1.1.0
Frame ID: C706A734B0B1FBBE2F9405AC71BF42E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

For You. For Life. | Blue

Page URL History Show full URLs

https://marketing.bluefcu.com/ HTTP 301
https://www.bluefcu.com/?ao=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Oribi (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.oribi\.io

Page Statistics

100
Requests

98 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

31
IPs

4
Countries

3241 kB
Transfer

7290 kB
Size

16
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://online.bluefcu.com/User/AccessSignup/Start
Title: Enroll Now

Search URL Search Domain Scan URL

URL: https://online.bluefcu.com/User/AccessSigninResetUsername/Start
Title: Username

Search URL Search Domain Scan URL

URL: https://online.bluefcu.com/User/AccessSigninResetPassword/Start
Title: Password

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bluefcu/

Search URL Search Domain Scan URL

URL: https://twitter.com/bluefcu

Search URL Search Domain Scan URL

URL: https://www.instagram.com/blue_fcu/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10653516/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/warrenfcu

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/developer/blue-federal-credit-union/id567824669

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=Blue+FCU

Search URL Search Domain Scan URL

URL: https://online.bluefcu.com/
Title: Log In »

Search URL Search Domain Scan URL

URL: https://co-opcreditunions.org/locator/?ref=co-opatm.org&amp;amp;amp;amp;sc=1
Title: ATM Locations »

Search URL Search Domain Scan URL

URL: https://www.bluefoundation.blue/
Title: Blue Foundation

Search URL Search Domain Scan URL

URL: https://clickrain.com/
Title: Site by

Search URL Search Domain Scan URL

URL: https://www.bbb.org/wyoming-and-northern-colorado/bbb-torch-awards-for-ethics/winners/

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/

Search URL Search Domain Scan URL

URL: https://www.co-opfs.org/Solutions/Engage/CO-OP-Shared-Branch

Search URL Search Domain Scan URL

URL: https://co-opcreditunions.org/locator/?ref=co-opatm.org&sc=1

Search URL Search Domain Scan URL

URL: https://www.greatplacetowork.com/certified-companies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://marketing.bluefcu.com/ HTTP 301
https://www.bluefcu.com/?ao=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://jelly.mdhv.io/v1/star.gif?pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&tx=8fde4ffa-597a-4f6f-b1f4-78d53f66e895

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bluefcu.com/
Redirect Chain

https://marketing.bluefcu.com/
https://www.bluefcu.com/?ao=1

105 KB
20 KB

736ms
677ms

Document
text/html

2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c2e89bb5d9d073b862fad8b988d23f456185ad117eac28d63bb44e93c6a3b6d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7a3f9e4d1c689bb0-FRA
content-encoding: gzip
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html
date: Tue, 07 Mar 2023 03:05:43 GMT
last-modified: Tue, 07 Mar 2023 00:04:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 5
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 07 Mar 2023 03:05:42 GMT
Location: https://www.bluefcu.com?ao=1
Strict-Transport-Security: max-age=16070400
Vary: Accept-Encoding
X-Cnection: close

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 128ms
27ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hje4bvb&ht=tk&f=36599.36600.36601.36602.36603.36604.36608&a=86724481&app=typekit&e=css
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 hje4bvb.css
use.typekit.net/ 5 KB
1 KB 256ms
150ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hje4bvb.css

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7d1ec5b60453db6a9d1faf0da10075c402d2dbf04664570413eaee768da10833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 842

GET
H2 410 7228.js
script.crazyegg.com/pages/scripts/0098/ 0
0 40ms
13ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0098/7228.js
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 16:10:11 GMT
server: cloudflare
age: 39333
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7a3f9e525fc43a9e-FRA
content-length: 0

GET
H2 200 logo.svg
d11sqswym832o8.cloudfront.net/assets/images/ 7 KB
3 KB 12ms
11ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/logo.svg?1676997483

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcfecb11f936b7e02caebb2f7a81404e10a1b23384b35fde5771e0d7af5d0c3d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 12:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 53876
x-cache: Hit from cloudfront
content-length: 2509
last-modified: Tue, 21 Feb 2023 16:38:03 GMT
server: cloudflare
etag: "1b96-5f5386751540b-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3a7afcccd13a68-FRA
x-amz-cf-id: 6C79FkAdG2hyyFNP3t2DQBhSHMIrBwHQ-nxJ3D4aiwdHXm8_GsMYHw==

GET
H2 200 Image-35495284_flare.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/ 1 KB
2 KB 445ms
440ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/Image-35495284_flare.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba017a875159c05463d0f87b23de04d1d7fc4cbc5c078d27eb909658f06a196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:45 GMT
x-amz-version-id: Z8Rl2Rk5jaU4PnyOPY1jFBO3gAoqc9pH
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "ef665106f35289a3d2b2775050feb480"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1475
x-amz-cf-id: 7OxAKy13cQSxpH7M62zg2gBevuB8wJWWZwEp9XycSzJw7tQHExknQg==

GET
H2 200 Woman-using-tablet-outside.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/ 4 KB
5 KB 17ms
12ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/Woman-using-tablet-outside.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 874109c75eee1ed866d3d51aad19b7dec91cfdbc9e08fdecc4fb029fceeb7036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: fmnpFDMAAhvj51H4Hv3nqHRgcYHUU_QD
date: Mon, 06 Mar 2023 12:07:49 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53876
etag: "ca3f921fee7ddfe02b046b5984b31e1e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4556
x-amz-cf-id: IxjxZsHjfoQUPwPFbRmf-yskYRFPofJm0SSkFag7oWf1fXEhRFDNOA==

GET
H2 200 Man-and-woman-in-car.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/ 4 KB
5 KB 26ms
21ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/Man-and-woman-in-car.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fc732581bd3ad9038a9d753a64889a56a24ee025b944f6aaf21f5ffc522cc18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 17Ch8xYNl6Wl3jhuqX9MXJ3cTcp_xF9F
date: Mon, 06 Mar 2023 12:07:49 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53876
etag: "1ac6666600ce56d67dcd1f0e4be3e20f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4600
x-amz-cf-id: wS86zFEfwDxr8A5jo7u3OGJS2dKUdp0h_xuvPTrrez3reNfXGKE5ZA==

GET
H2 200 Senior-Couple-Motorhome.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/ 2 KB
2 KB 17ms
13ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/Senior-Couple-Motorhome.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1adae42bb5067f2a188d8bae7cbb7bbdf6c5f9e776bf9e8218695e430198ba2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Hh.X0n_QvyJBM5Jv3a2y9WeEFM5YVMBM
date: Mon, 06 Mar 2023 12:07:49 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53876
etag: "7cfafc6ee5aeaba749c75a9aea36e8c7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1936
x-amz-cf-id: 381qtMseHxedokiGLeU4KpUY9Kel7hYjQ8QS9Y37fTwpak_gQURJdg==

GET
H2 200 woman-sitting-by-window-with-tablet-coffee-phone.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/ 4 KB
5 KB 26ms
22ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_46x53_crop_center-center_none/woman-sitting-by-window-with-tablet-coffee-phone.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a88d7c1462c5fcf4e12b4658dc85fbdc17af9e006cb2800ba0f4044571428dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: eIRQB1m1LnQ0dLL_Mia6FVfxtFmq5Sum
date: Mon, 06 Mar 2023 12:07:49 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53876
etag: "f41f60fc1798a0a12c288a981fd4cb14"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4457
x-amz-cf-id: 5t6LTZ9FZEX54xkNvkWOZ-nB_TAndmK87GDjlNu_F9yV63_j2g836w==

GET
H2 200 logo-vertical.svg
d11sqswym832o8.cloudfront.net/assets/images/ 7 KB
3 KB 19ms
15ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/logo-vertical.svg?1677519053

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cbc146f08c6796205430adca8aa232707e7f756a19503a743ff9b00f0c21524

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 15047
x-cache: Hit from cloudfront
content-length: 2610
last-modified: Mon, 27 Feb 2023 17:30:53 GMT
server: cloudflare
etag: "1bf8-5f5b1d74279a9-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3e2ef5ac8e366e-FRA
x-amz-cf-id: q9IZDR6LUXQFrmFVOPZoeo9pOaGXagrWl_Lcm4NC1otfOpvsA-Wz7Q==

GET
H2 200 map-pin-mobile.svg
d11sqswym832o8.cloudfront.net/assets/images/icons/ 939 B
1 KB 15ms
10ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/icons/map-pin-mobile.svg?1612882014

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0065f7aac27c013376b787dd9c92152664f922936648129c135f885c8320ad

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 22:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 15047
x-cache: Hit from cloudfront
content-length: 499
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "3ab-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3e2ef5eb009207-FRA
x-amz-cf-id: 5sAzOsU7N1yMI17LxeJ7UecIsXFVOOlXvD6cqRllfzFtKLyr0hk1eQ==

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&tx=8fde4ffa-597a-4f6f-b1f4-78d53f66e895

43 B
235 B

151ms
111ms

Image
image/gif

2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&tx=8fde4ffa-597a-4f6f-b1f4-78d53f66e895
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 88fc971dfeb29937b084c8e92bc8fa6f
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=eJTFkxrauYxoKKECOY5N8abpuwdc&src=mh&tx=8fde4ffa-597a-4f6f-b1f4-78d53f66e895
x-cloud-trace-context: a9f3b470dc63b04566c9552ed837901a
date: Tue, 07 Mar 2023 03:05:44 GMT
server: Google Frontend
content-length: 173
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK /
arttrk.com/pixel/ 43 B
131 B 431ms
101ms Image
image/gif 54.85.11.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arttrk.com/pixel/?ad_log=referer&action=lead&pixid=351f482e-f752-4e4c-a34a-d4ced76f841e
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-11-63.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 email-decode.min.js Show response
www.bluefcu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 8ms
8ms Script
application/javascript 2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefcu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Feb 2023 18:28:05 GMT
server: cloudflare
etag: W/"63fe47b5-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7a3f9e526f729bb0-FRA
expires: Thu, 09 Mar 2023 03:05:44 GMT

GET
H2 200 style.css
d11sqswym832o8.cloudfront.net/assets/dist/ 239 KB
31 KB 52ms
9ms Stylesheet
text/css 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79034e1b972efe9307b1b5ab227cba0cacbf7ca5dea0b620e0225bc442620f9d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 23922
x-cache: Hit from cloudfront
content-length: 30972
last-modified: Mon, 27 Feb 2023 17:30:53 GMT
server: cloudflare
etag: "3bad7-5f5b1d7426a09-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3d56469bebbc03-FRA
x-amz-cf-id: mquWiLmi7jxyO3GyjljeQAQjxx1FBY2iNfaU27noJJ930EOc1EwXGw==

GET
H2 200 async-css.js Show response
d11sqswym832o8.cloudfront.net/assets/js/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d11sqswym832o8.cloudfront.net/assets/js/async-css.js?1612882014

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a44663af01a51504dbc66d28ca87d87bec847f7f93ecc9a0c78a0e54eae46a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 03:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 84164
x-cache: Hit from cloudfront
content-length: 492
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "427-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3797873cff9a21-FRA
x-amz-cf-id: YBdL2ljIleknqp4ldnMFcih9FrcZzVC838azxixsscf1ow-KtU1tlA==

GET
H2 200 script.js Show response
d11sqswym832o8.cloudfront.net/assets/dist/ 305 KB
88 KB 11ms
11ms Script
application/javascript 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d11sqswym832o8.cloudfront.net/assets/dist/script.js?1669134211

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d5c326498253054904068eaaa243ff20bb93c85fc224c8dcadc3b59bf514abf

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 02:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2017
x-cache: Hit from cloudfront
last-modified: Tue, 22 Nov 2022 16:23:31 GMT
server: cloudflare
etag: "4c5c0-5ee1197be6f3d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3f6d141f886921-FRA
x-amz-cf-id: 5j1OQDxjxTBAHiHemaA88rnWvU-pThvrDSs7IWIq_BfZmBt5B6B9Tg==

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
9 KB 115ms
7ms Script
application/javascript 2600:9000:2156:4e00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Tue, 07 Mar 2023 02:58:17 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 19:29:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 451
x-amz-server-side-encryption: AES256
etag: "8fbf3720d25bde79ccad301ab0a57770"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8817
x-amz-cf-id: yMy9QJ6f0yAtZyHAkF45z_omscsqUGv5YvOtUmdi-_SEnRiOXtHmkw==

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 146ms
38ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.bluefcu.com/?ao=1
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a3f9e53ac2637c6-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
67 KB 161ms
53ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KCMTFTK

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e326c3b0935d76797ef007d9ad6d6a735fe5dcee83daffcb4c5de8d864a02b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Mar 2023 03:05:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 114ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Mar 2023 03:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OtY+NyPHb/MjDdf3o6UksBED+PLB8oeIiBFxGzfmBdirVwLxhEeNcqIljACQEnJFi3U0qtN7blxSumLLsEc77g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3211890.js Show response
static.hotjar.com/c/ 9 KB
4 KB 146ms
39ms Script
application/javascript 13.224.189.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3211890.js?sv=6

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-105.fra2.r.cloudfront.net

Software

Resource Hash

050532173d1f7a9c0d3ff1bcca142dac297f88697a0ec0fa7fd58004063a1775

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/6ef1fa62c0c0a370db2b40f36f0a8a58
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yn-6rQY3rtpav2PNGA8kcgSVM50cm3LboAwM7xCsL4AoMbf2oO5usw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
55 KB 183ms
76ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9BDP5&l=dl

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e38201a6e608c49cf156f8918a53d4c685285d0e9fa8bb5fdcc6ed190ac6ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 56017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Mar 2023 03:05:44 GMT

GET
H2 200 l
use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/ 36 KB
36 KB 112ms
32ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3bd84d/00000000000000003b9b0ee4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a3ea1c267de5a642f19bd2116cfe323c57ca43f3cc1da0d9e9f6dcfe143d3ee5

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
etag: "b277cd7c7bafa67136120009a2a8960d95cb675f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36676

GET
H2 200 l
use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/ 36 KB
36 KB 131ms
51ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e69b71/00000000000000003b9b0ee6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 91748f27371c19e07513591b4a8744f173b129c3e4dac690ab539a5cccf5d109

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
etag: "b24ceaf907bd43dca3139d51fc7f8f6f1c1d4f33"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36620

GET
H2 200 l
use.typekit.net/af/359d41/00000000000000003b9b0eea/27/ 36 KB
36 KB 114ms
35ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/359d41/00000000000000003b9b0eea/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9860e69f8b2311e4bf49d9c95d7f5e64a0d571e11294819f035a416b856e28b2

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
etag: "2d0a530caf015fc6f3e73559ee975f836e479656"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36916

GET
H2 200 optimust-regular.otf
d11sqswym832o8.cloudfront.net/assets/fonts/ 1 MB
634 KB 728ms
713ms Font
font/ttf 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d11sqswym832o8.cloudfront.net/assets/fonts/optimust-regular.otf

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09dd567c51da10b21e7cca3e86c9591155bfd1e5d30dfc30b573661e20e2d44c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
server-timing: cf-q-config;dur=7.0000005507609e-06
last-modified: Mon, 31 Oct 2022 19:02:21 GMT
server: cloudflare
etag: "10abac-5ec593f4aac0e-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7a3f9e534b242c1e-FRA
x-amz-cf-id: d-AHlxVyn7lEVaFZteJ-F2_owNUQGnwLwPPbAtIylrAD1oQz7iXg-w==

GET
H2 200 logo-mark-transparent.svg
d11sqswym832o8.cloudfront.net/assets/images/ 3 KB
2 KB 11ms
11ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/logo-mark-transparent.svg

Requested by

Host: d11sqswym832o8.cloudfront.net
URL: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93194d015707719657ea294384b20e99114c7059eec70949e125633d90cfd46

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 23:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 11439
x-cache: Hit from cloudfront
content-length: 1500
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "d35-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3e870ad9059be8-FRA
x-amz-cf-id: zx6xHHzrOFSJtcALQYsX96q3-dXiVbZnNAdqBGkH3Rig59InkNUDqA==

GET
H2 200 BlueLocations_2021.jpg
d11sqswym832o8.cloudfront.net/general-uploads/_50x40_crop_center-center_none/ 989 B
1 KB 10ms
10ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_50x40_crop_center-center_none/BlueLocations_2021.jpg
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7f87ad0e98499a32639bf39a1156eae59fc13d01d552a8a27ee484e9ca5aeaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: a3tgOi9DNfZpNBmmLHT4RDjiuhprHAEJ
date: Mon, 06 Mar 2023 15:33:11 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:38:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 41553
etag: "dc25617fe762cbf95737dd85606ebb5c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 989
x-amz-cf-id: ux5-nGzzssEQ3KjGKEBWvD9ki7IRszZIbdbOTamQ_lD7OG6TpRq4VA==

GET
H2 200 l
use.typekit.net/af/b15395/00000000000000003b9b0ee1/27/ 36 KB
36 KB 136ms
81ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b15395/00000000000000003b9b0ee1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 478304b8b1abfe8e42e324742cc4ccd012c4d7f4fa2b7f33d3bfb9470792ad41

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
etag: "c382b6d6f390ec65890f34de679634c6a72f3d85"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36704

GET
H2 200 l
use.typekit.net/af/570b14/00000000000000003b9b0ee3/27/ 38 KB
38 KB 82ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/570b14/00000000000000003b9b0ee3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7cf76efe33d419340f8c12853d5aa494cb658946e6e109a1080ddab895c0cb94

Request headers

Referer: https://www.bluefcu.com/
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
server: nginx
etag: "e5b03c169ae033251c00eb1616e2a8dcfe3aa789"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39116

GET
H2 200 map-pin.svg
d11sqswym832o8.cloudfront.net/assets/images/icons/ 925 B
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/icons/map-pin.svg?1612882014

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa0fe1ecbf63211978af30efcbe186d4e3d8d99a5dd6f1c185c9d8bf9f0b8bd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 37974
x-cache: Hit from cloudfront
content-length: 486
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "39d-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3bff37bd413723-FRA
x-amz-cf-id: qJQ5oeVXE77O_wB8aARlMkXoyPSatRaC5K94j4GpxHaUgcDqn1oE3Q==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/VYJZTAAANVGYLCI6WHB4TD/ 65 KB
20 KB 653ms
606ms Script
text/javascript 2600:9000:20eb:6200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/VYJZTAAANVGYLCI6WHB4TD/roundtrip.js
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ffcecf35ac440a0d0a9d32086404dff1600024d7c97b2dd35af37c90deccc39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 03:05:45 GMT
X-Amz-Version-Id: PYdVWWuyvmevNfJCMvNQUB5VA20NRCAY
Content-Encoding: gzip
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Last-Modified: Tue, 07 Mar 2023 02:22:33 GMT
Server: AmazonS3
Etag: W/"c2e42dc00591b811779d5a3b2eda9542"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kEnOdc-XolIGDdhDRfV9GH-lw61pe4amtNwID982cdv_0DfnrHzT7Q==

GET
H2 200 invisible.js Show response
www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 67CF 27 KB
13 KB 12ms
11ms Script
application/javascript 2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678147200
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b232fae6b57addaf7b2b24d5b1a4195ba19d296238fe0037dece12423fd8d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a3f9e5438df9bb0-FRA

POST
H2 200 visitor_config Show response
api.glia.com/ 8 KB
10 KB 114ms
114ms XHR
application/json 2600:9000:2156:4e00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.bluefcu.com%2F&

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2dbbc39df831d5be52137a27024f8d742755c215869fe6d3265ddc6a22bb19e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 8519
access-control-max-age: 7200
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
content-type: application/json
access-control-allow-origin: https://www.bluefcu.com
access-control-expose-headers
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
vary: Origin
x-site-visitor-config: true
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: w1qE4wiuFoMERU7U8PQjNAu6-g-G-0LRQ9QqvQb68V-dtkB5kR30fQ==

GET
H2 200 1249999265385273 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1249999265385273?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8b348df0b15d6939d621e3751950ea29cd1249b73f41ddb5ca1bffacef52287

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Mar 2023 03:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: X2OA0F19dcjZWhkdPs3mOJvlIKryPoksXpphDMDY2uTjm3VbWtdVsqKkx5KtrD3tx/CCOUbdI6AgWLAA8CN2fg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.e238613e92953c03de32.js Show response
script.hotjar.com/ 264 KB
68 KB 44ms
7ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e238613e92953c03de32.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3211890.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

f0fcd9253a2ee5dd3c94dd76077f12b3fd0ea6f7fd2ba29c4c00392dcf0309ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 10:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 60517
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68629
last-modified: Mon, 06 Mar 2023 10:16:15 GMT
etag: "4cfc6687bd72612084887bca5406b51f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ocTcOHzUfuXVu5keG7FWUUzPVTAbt6X-7OfLosM4EU9Em78WOp00Yw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCMTFTK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Mar 2023 02:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3054
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Mar 2023 04:14:50 GMT

GET
H2 410 7228.js
script.crazyegg.com/pages/scripts/0098/ 0
0 12ms
12ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0098/7228.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCMTFTK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 16:10:11 GMT
server: cloudflare
age: 39333
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7a3f9e5498b03a9e-FRA
content-length: 0

GET
H2 404 6332883.js
js.hs-scripts.com/ 0
0 165ms
133ms Script
application/json 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6332883.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCMTFTK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 oribi.js Show response
cdn.oribi.io/Xy0xOTk4MTYxNTUz/ 338 B
602 B 348ms
7ms Script
application/javascript 2600:9000:223c:8200:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/Xy0xOTk4MTYxNTUz/oribi.js
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8200:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 09:45:01 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-P2
age: 62443
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
content-length: 338
x-amz-cf-id: hkDnjaLp98yhn0I80ZjUg1AzBpCnP3DSGitfwTUPOgt2h1qJMK3OIg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 338ms
7ms Script
application/x-javascript 13.224.193.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9BDP5&l=dl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-62.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 21:01:02 GMT
Content-Encoding: gzip
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 21883
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: AYeetYJz0Cd5NUht1O7JNja2ncCFN5o6e5wF1nhUfFNViSKhqYI5Rw==

GET
H/1.1 200
OK alphpixel.js Show response
js.alpixtrack.com/ 5 KB
5 KB 448ms
119ms Script
application/javascript 130.211.141.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.alpixtrack.com/alphpixel.js?cust=3434365-751-KUSA
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9BDP5&l=dl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.141.211.130.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 03:05:44 GMT
Last-Modified: Wed, 07 Jul 2021 09:31:25 GMT
Server: nginx/1.20.0
ETag: "60e5746d-1331"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4913
Expires: Wed, 08 Mar 2023 03:05:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
82 KB 56ms
53ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P70C3BCLB1&l=dl&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9BDP5&l=dl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f7b5f193e0134d85af4511e6eb01724a3329e63aae375723670ca935c651283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Mar 2023 03:05:44 GMT

GET
H2 200 pica.js
www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 67CF 7 KB
4 KB 14ms
11ms Other
application/javascript 2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2a6aafa6c40725f85c7427e5777a665c92b136af7c3431507413d382989fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a3f9e54b9329bb0-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
147 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=252546595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&ul=en-us&de=UTF-8&dt=For%20You.%20For%20Life.%20%7C%20Blue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=37504563&gjid=1288273027&cid=71524676.1678158344&tid=UA-22110146-1&_gid=449746673.1678158344&_r=1&_slc=1&gtm=45He3310n81KCMTFTK&z=1764033468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 330ms
21ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=437843247&gjid=836742083&_gid=449746673.1678158344&_u=YGDAgEABAAAAAGAAI~&z=2134664105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=252546595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&ul=en-us&de=UTF-8&dt=For%20You.%20For%20Life.%20%7C%20Blue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAACAAI~&jid=437843247&gjid=836742083&cid=71524676.1678158344&tid=UA-22110146-1&_gid=449746673.1678158344&gtm=45He3310n71W9BDP5&z=138118753

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 09:08:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64634
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3211890/ 148 B
323 B 301ms
37ms XHR
application/json 52.212.98.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3211890/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e238613e92953c03de32.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.98.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-98-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b8a169e23c2ba4328eed7c91773d6be70514ede65b80e4569fc95472aa26bd86

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 3211890 Show response
vc.hotjar.io/sessions/ 0
259 B 297ms
34ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3211890?s=0.25&r=0.05367095362234542
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e238613e92953c03de32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: TJ2d9FblMJxN1QW_0NipsdTjPeHGFYyLnMaqCYIdrnPYxjO1H8YZ6Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 281ms
22ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=37504563&gjid=1288273027&_gid=449746673.1678158344&_u=YEBAAEAAAAAAACAAI~&z=1206097938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrapper-79d4d3900.js Show response
libs.salemove.com/visitor/ 631 KB
165 KB 264ms
7ms Script
application/javascript 2600:9000:223f:3400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/bootstrapper-79d4d3900.js

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:3400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec4550b1cd78bb41d17494f8c0ce1b453e992965a955429635b079434ce4e6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:09:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 655001
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 Feb 2023 09:13:43 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:1d61ed01420225404a0f1aaaf72cb548
etag: W/"1d61ed01420225404a0f1aaaf72cb548"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: vk-Pbckazq9qzwx1oSo7IA7jRX6jUv9e4t-i76FZBUnf1jhvDorL3Q==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 217ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P70C3BCLB1&gtm=45je3360h2&_p=252546595&_gaz=1&cid=71524676.1678158344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678158344&sct=1&seg=0&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&dt=For%20You.%20For%20Life.%20%7C%20Blue&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P70C3BCLB1&l=dl&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 224ms
22ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P70C3BCLB1&cid=71524676.1678158344&gtm=45je3360h2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P70C3BCLB1&l=dl&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluefcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 219ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P70C3BCLB1&cid=71524676.1678158344&gtm=45je3360h2&aip=1&z=694257777

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 7a3f9e4d1c689bb0 Show response
www.bluefcu.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 67CF 2 B
329 B 29ms
28ms XHR
text/plain 2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluefcu.com/cdn-cgi/challenge-platform/h/b/cv/result/7a3f9e4d1c689bb0
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678147200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Mar 2023 03:05:44 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7a3f9e573ada9bb0-FRA
content-type: text/plain; charset=UTF-8

GET
H3 200 587118258488493 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/587118258488493?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa1a42baca912a769d8bab59b0956fad989b1470c4dd95a80d6b904c04756e38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Mar 2023 03:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TXLeKbMW7HnsLcwy27ddczUSQ/zWt7MFjgjmTJkiqYcoBp2BVr2a3BtW98jSVYkhSXQS/oGDSj7PZI9o2HIAlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1249999265385273&ev=PageView&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158344845&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 44ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=437843247&_u=YGDAgEABAAAAAGAAI~&z=420805808

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=437843247&_u=YGDAgEABAAAAAGAAI~&z=420805808

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 26ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=37504563&_u=YEBAAEAAAAAAACAAI~&z=1247723650

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22110146-1&cid=71524676.1678158344&jid=37504563&_u=YEBAAEAAAAAAACAAI~&z=1247723650

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 03:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 legacy_webcomponents-79d4d3900.js Show response
libs.salemove.com/visitor/ 39 KB
13 KB 9ms
7ms Script
application/javascript 2600:9000:223f:3400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/legacy_webcomponents-79d4d3900.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-79d4d3900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:3400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0b75a70f57e8f5e10267c98f06b76da4e53279d0be31f44a2f8120f0e18b024

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:31:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 581648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 Feb 2023 09:13:44 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:ba8664537c10da905fe00053b587dfc3
etag: W/"ba8664537c10da905fe00053b587dfc3"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: cspMGJNb8bZJGy5OIPbk4GXybA39_Fha0cOitdsGKDtDUmtIPThawA==

GET
H2 200 visitor-app.b0b6ae02.min.js Show response
libs.salemove.com/ 803 KB
229 KB 7ms
7ms Script
application/javascript 2600:9000:223f:3400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.b0b6ae02.min.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-79d4d3900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:3400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5616c08c6c77b14e4868900e5aba982fe84b50891769e5cbe0af915320ecf7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:35:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 628207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 14:00:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c74cd792a6a2928186107e4774d26ef7
etag: W/"c74cd792a6a2928186107e4774d26ef7"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: HRJbkxyzGoGOqfIThNrSDOB_-ZfX7u8ugI6cOxgj84BjVfEcrNibqA==

GET
H2 200 visitor-app.b0b6ae02.default.css
libs.salemove.com/ 314 KB
114 KB 24ms
24ms Stylesheet
text/css 2600:9000:223f:3400:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.b0b6ae02.default.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-79d4d3900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:3400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56d7de59f027b6eb8c72251c4bac41fd2e55de0c54f4ab070f679113cc1a4266

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:35:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 628207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 14:00:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c34639cfa312323583ca427a7a952da7
etag: W/"c34639cfa312323583ca427a7a952da7"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: dOcD70Z9Rn8fcErrFpimSOKEQFKQx-qHpD8xJexXXzfbO14d24Rygg==

GET
H3 200 1679860845440096 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1679860845440096?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c54a668945927ce5e7ee3a481881b728a75e7345b304fa1055c2ed88e9727914

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Lz6LAkmhplEkB9rdzWPXTJYd9k8lH0Y2NykmWqxfD6SKUOtGanwW31hZwJeN4zR3ysPD5Y/2i10VV2CmRve6TQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587118258488493&ev=PageView&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158344954&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&tm=1&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK ord=1678158345001
alpixtrack.com/ad/ 35 B
271 B 405ms
115ms Image
image/gif 130.211.141.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alpixtrack.com/ad/ord=1678158345001?prd=web&cust=3434365-751-KUSA&event_type=visit&version=0.1.2&utm_source=unk&utm_mdm=unk&url=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&title=For%20You.%20For%20Life.%20%7C%20Blue&sess_status=st&sess=1678158605328&ref=
Requested by: Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.141.45 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.141.211.130.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 03:05:45 GMT
Server: nginx/1.20.0
ETag: "560c609e-23"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9

Request headers

Referer
Origin: https://www.bluefcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H3 200 1760812397395101 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1760812397395101?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abbcb2550bdc3194be2f1a200d7df5724bcf94817e48b3be425d90506863ded3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QgPVjEzgqq/kArkP0Dm6dO4dhXPPt/pOVjbrk3zWO40Il+AOFBs9UAd5BHVONZ+E/BU62iyFE0tETkHwwpGJPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587118258488493&ev=PageView&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345183&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1679860845440096&ev=PageView&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345185&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=62&cs_est=true&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1249999265385273&ev=ViewContent&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345186&cd[value]=3.5&cd[currency]=USD&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587118258488493&ev=ViewContent&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345186&cd[value]=3.5&cd[currency]=USD&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1679860845440096&ev=ViewContent&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345187&cd[value]=3.5&cd[currency]=USD&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=62&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/VYJZTAAANVGYLCI6WHB4TD/ 38 B
794 B 14ms
13ms Script
application/javascript 2600:9000:20eb:6200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/VYJZTAAANVGYLCI6WHB4TD/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/VYJZTAAANVGYLCI6WHB4TD/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

X-Amz-Version-Id: DEsEQ54yaMccBpXOGMDAiJy5cwD2Qz3B
Date: Mon, 06 Mar 2023 13:51:26 GMT
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Age: 47660
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38
Last-Modified: Thu, 02 Mar 2023 00:15:49 GMT
Server: AmazonS3
Etag: "f5a64db38c4218cefe3f9d7531faf9a1"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 80lwHcMUvp2lYKzPkgNfl894amdRHQ9MammIjUEMO25G3oU8msAxIA==

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1760812397395101&ev=ViewContent&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345271&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&cs_est=true&est_source=682363832281212&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 11ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1760812397395101&ev=PageView&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&rl=&if=false&ts=1678158345271&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678158344844.1148640835&it=1678158344382&coo=false&rqm=GET

Requested by

Host: www.bluefcu.com
URL: https://www.bluefcu.com/?ao=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Mar 2023 03:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 VYJZTAAANVGYLCI6WHB4TD Show response
d.adroll.com/consent/check/ 463 B
556 B 144ms
36ms Script
application/javascript 2a05:d018:cc3:fe05:233e:28a8:a312:7414
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/VYJZTAAANVGYLCI6WHB4TD?pv=84004926827.28235&arrfrr=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&_s=108a372c16617e65131b8784156fa696&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/VYJZTAAANVGYLCI6WHB4TD/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:233e:28a8:a312:7414 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 0750e83b0c29c463b422d3d38110eac0790cb2c550817da81476207049af840b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:45 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 white-previous-arrow.svg
d11sqswym832o8.cloudfront.net/assets/images/icons/ 1 KB
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/icons/white-previous-arrow.svg

Requested by

Host: d11sqswym832o8.cloudfront.net
URL: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de652f34f6615552893114b0c717f42f736ef66b12eaae27e2e3cbb285aa4b0b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 09:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 62438
x-cache: Hit from cloudfront
content-length: 649
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "556-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a39a9f71fb5bbd9-FRA
x-amz-cf-id: Av9BDs__4I_nRkBt2h-rwa0r4WaV9vrVUh8LMUUygEBR4e7L5KVdqw==

GET
H2 200 RateRiser_TermShare_March_HomepageHeroImage.png
d11sqswym832o8.cloudfront.net/general-uploads/_1480x430_crop_center-center_none/ 58 KB
58 KB 425ms
424ms Image
image/png 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_1480x430_crop_center-center_none/RateRiser_TermShare_March_HomepageHeroImage.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99d77a9762ea01183ed91531dc3468d417bfc48fc81d099a10daf8b431c0aff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: knDodJakAUXWjUKhJRS4PdGsfCyborug
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 23:53:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "ca25f27597ac100212a38ab63cec942b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 58967
x-amz-cf-id: gEOuoM9M2zxdCDuhObzhruN-eFOWHvIWN0Dyj_2WolBOJSn9zpYQMQ==

GET
H2 200 AcceleratedSavings_HomepageHeader.png
d11sqswym832o8.cloudfront.net/general-uploads/_1480x430_crop_center-center_none/ 475 KB
476 KB 13ms
12ms Image
image/png 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_1480x430_crop_center-center_none/AcceleratedSavings_HomepageHeader.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9032fc8eb2c9afdd9df85c07161f4de257e269d11b3caf2b46405bfc2c267cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 03:43:08 GMT
x-amz-version-id: uwyaOgLPOFnmIcA2thFaDiXUJq_NoN9K
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2022 15:21:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 84158
etag: "215a35bca2ebf99569831d1b16d3ec55"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486860
x-amz-cf-id: 3hclOqF9vakbjKB9iIuDCDF3EYCsPwKOI_faUf3wmTQ6lHsNYGuxbQ==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame B1DB 0
182 B 112ms
28ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=bn8hn4i&ref=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&upid=vigto67&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bluefcu.com/?ao=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 07 Mar 2023 03:05:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 blue-previous-arrow.svg
d11sqswym832o8.cloudfront.net/assets/images/icons/ 1 KB
1 KB 683ms
683ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d11sqswym832o8.cloudfront.net/assets/images/icons/blue-previous-arrow.svg

Requested by

Host: d11sqswym832o8.cloudfront.net
URL: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5266e0f56836982f770218eff176fdcdb016011cc8c2e72a38da391b9e3fc25

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d11sqswym832o8.cloudfront.net/assets/dist/style.css?1677519053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
server-timing: cf-q-config;dur=6.9999996412662e-06
content-length: 652
last-modified: Tue, 09 Feb 2021 14:46:54 GMT
server: cloudflare
etag: "556-5bae85b833d74-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7a3f9e5d18d19bac-FRA
x-amz-cf-id: OkwsASeWceRNuQXVexIp5Xvl2hBf4o6CV-nHgORPbCMk01vWXZnDDw==

GET
H2 200 RateRiser_TermShare_March_HomepageHeroImage.png
d11sqswym832o8.cloudfront.net/general-uploads/_100x29_crop_center-center_none/ 6 KB
6 KB 458ms
457ms Image
image/png 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_100x29_crop_center-center_none/RateRiser_TermShare_March_HomepageHeroImage.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ded1b0ded29d54b640bb5de05d5f6cb0f953bab59d0aa7f428ddc74ca167708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: x6o..aayb_v.Nxj5ZYXcwYdwoSRPngGb
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 23:53:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "3fdaf48f6020775b8b2fdd3197372e8d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 6179
x-amz-cf-id: P8yOP5srODiuNnxHKrwujTnB5SGtLe8UX2Nq2oWJjO-LsLhPDLGj0A==

GET
H2 200 AcceleratedSavings_HomepageHeader.png
d11sqswym832o8.cloudfront.net/general-uploads/_100x29_crop_center-center_none/ 4 KB
5 KB 408ms
406ms Image
image/png 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_100x29_crop_center-center_none/AcceleratedSavings_HomepageHeader.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4b46d8c0c2fe4e9d098783b7f77ac93ae189de201dab84c406544fa7062d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 7Xz.CFj.z7UXVK00l.nVcND3Wmn7USWz
date: Tue, 07 Mar 2023 03:05:47 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2022 15:21:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "1be64d76398e74f0202ae4b6b1380988"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4523
x-amz-cf-id: T957hVGV4Zoz_2yie9x4P6bLv7YEYreERtM9LBMWFJjt-CLpONMjig==

POST
H2 204 rum Show response
www.bluefcu.com/cdn-cgi/ 0
165 B 14ms
14ms XHR
text/plain 2606:4700:4400::ac40:95cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluefcu.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:95cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Mar 2023 03:05:45 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.bluefcu.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a3f9e5d0e909bb0-FRA

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C706 0
181 B 97ms
29ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=afirqtd&ref=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&upid=nf9zby8&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bluefcu.com/?ao=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 07 Mar 2023 03:05:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=252546595&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&ul=en-us&de=UTF-8&dt=For%20You.%20For%20Life.%20%7C%20Blue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=homepage%20interaction&ea=scroll%20depth&el=10&_u=aGDAAEABAAAAAGAAI~&jid=&gjid=&cid=71524676.1678158344&tid=UA-22110146-1&_gid=449746673.1678158344&gtm=45He3310n71W9BDP5&z=1571405372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 04:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=252546595&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&ul=en-us&de=UTF-8&dt=For%20You.%20For%20Life.%20%7C%20Blue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=homepage%20interaction&ea=scroll%20depth&el=25&_u=aGDAAEABAAAAAGAAI~&jid=&gjid=&cid=71524676.1678158344&tid=UA-22110146-1&_gid=449746673.1678158344&gtm=45He3310n71W9BDP5&z=1044554675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 04:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Image-35495284_flare.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/ 46 KB
47 KB 461ms
460ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/Image-35495284_flare.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d83ae1375ecc88bf30ddd041d6f1f03b27908e4b58585f4854f71d25f455234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: 2_jexUwDlroOYVpVs_MSSN_RQolGDn4D
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "28f3a99e4ffcb1dd1b5575aa000cf265"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47581
x-amz-cf-id: hbZvKs2oF0QrIoJBTmCScmWp8wjRa4P6c1sIxpwjG2F1MhLUdM1E2w==

GET
H2 200 Woman-using-tablet-outside.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/ 39 KB
39 KB 442ms
442ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/Woman-using-tablet-outside.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e041d47fb0b8f5c465a267bff3ee053d462d835e5b630d9761f727e6e4f27adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: kq9B_hZo7i77mN8PhVU14cgr6JRQE79m
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d6153e35520e45c4b43cae4b8a379400"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39524
x-amz-cf-id: uO3W4PrqVAobsuflpedJ4yNFEM-6phwICu80BrjuSYy20_29PFoFMQ==

GET
H2 200 Man-and-woman-in-car.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/ 46 KB
47 KB 13ms
12ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/Man-and-woman-in-car.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa3a0f9a23088fc0a5d3929652cf68e0ab0a78bc82f1b290a720e31114a46b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: oNpzuoEO.kJMp6viX0jhBgM.OgpIzRrr
date: Mon, 06 Mar 2023 10:24:09 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 60097
etag: "36d5877a28c0ea9b5d3d9cdfa5cdfdc1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47297
x-amz-cf-id: pIc-4NJj21fhO-3KEqgAjtlLmNt5cPmDVd2Crzp29Og2X879mrzlSQ==

GET
H2 200 logo-mark-white.svg
d11sqswym832o8.cloudfront.net/general-uploads/ 3 KB
4 KB 432ms
432ms Image
image/svg+xml 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/logo-mark-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8771a8cb25b1b4c46a6dfed0667a20e7699198dcd44b4f1e917213830e6076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: R6.ijQ51lkbyrn3m_3TO7xLFvFssl7yu
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:38:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "c38986a854ac6cb6f2b804ed28cfae21"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3294
x-amz-cf-id: 9PtfxoIzYzH9Gb42f_C4ewXHUGo8nmu-m7FCGR-RKvFduU0mbY6KnA==

GET
H2 200 BlueLocations_2021.jpg
d11sqswym832o8.cloudfront.net/general-uploads/_500x400_crop_center-center_none/ 39 KB
39 KB 424ms
424ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_500x400_crop_center-center_none/BlueLocations_2021.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31f59b009d6620305acf62b4996417e1d8f272558ac1e0a3fbca1495ee01631a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: hsGb9_AAxJqETufaOzaZqNA0rkAdLrUM
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:38:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "dcec07b240bcd001a92c43f15a116acc"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39766
x-amz-cf-id: HMoE6xAh-7eHcH0vGqjTYO2j8XC5r9cehByAPbwvBZB17a6Cb7IYZQ==

GET
H2 200 BlueLocations_2021.jpg
d11sqswym832o8.cloudfront.net/general-uploads/_500x400_crop_center-center_none/ 39 KB
39 KB 12ms
11ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/_500x400_crop_center-center_none/BlueLocations_2021.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31f59b009d6620305acf62b4996417e1d8f272558ac1e0a3fbca1495ee01631a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: hsGb9_AAxJqETufaOzaZqNA0rkAdLrUM
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:38:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "dcec07b240bcd001a92c43f15a116acc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39766
x-amz-cf-id: nHFn88w0uYemTLeq0BTSFVY5JFh7YhyPF6HQSIu61fsyYKrH4VDpjw==

GET
H2 200 Senior-Couple-Motorhome.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/ 48 KB
48 KB 420ms
419ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/Senior-Couple-Motorhome.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7b41492a68a9beb5f8f7a571a587a409f3595a8948c41e38709d5f42aeca56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: qI45B6h5H7fby.cbPsPI0NxtD1WG.qFe
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "6dbcf5ded74d3b988a12d441f93db5cc"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48863
x-amz-cf-id: mwzyty9T0wT-95VzycvFVT2tBqz-pFBj3s1DGKcqzs0PS865ziRYbQ==

GET
H2 200 woman-sitting-by-window-with-tablet-coffee-phone.jpg
d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/ 46 KB
47 KB 417ms
417ms Image
image/jpeg 2600:9000:20eb:4600:7:415c:1200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d11sqswym832o8.cloudfront.net/general-uploads/High-Res-Photos/_464x531_crop_center-center_none/woman-sitting-by-window-with-tablet-coffee-phone.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:7:415c:1200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f28ffc3869a9fb659adf89b37fb3b53156deb9407604b1f905eb61a6ebabc14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluefcu.com/?ao=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 03:05:47 GMT
x-amz-version-id: J_01bxS2M7dym4HPpvxxol5RZ5SsSybo
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 14:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "839bd560ded528509b7359f00c883366"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47548
x-amz-cf-id: G4ULiC6Jk_u0Ab3YORUtr8DWijpn4FiXPgs9yDaTw9zAEduNUhzv1w==

POST
H/1.1 204
No Content /
client-logger.salemove.com/ 0
0 451ms
100ms Fetch 18.210.139.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://client-logger.salemove.com/

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-79d4d3900.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.139.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-139-77.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bluefcu.com/?ao=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 03:05:48 GMT
server: envoy
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
x-envoy-upstream-service-time: 2

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P70C3BCLB1&gtm=45je3360h2&_p=252546595&cid=71524676.1678158344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1678158344&sct=1&seg=0&dl=https%3A%2F%2Fwww.bluefcu.com%2F%3Fao%3D1&dt=For%20You.%20For%20Life.%20%7C%20Blue&_s=2

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
marketing.bluefcu.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: CE5FBB5C7FD8622CF5F982A369B57899
www.bluefcu.com/	1969-12-31 23:59:59	Name: _6c2bf Value: https://172.17.0.4:443
.bluefcu.com/	1970-01-20 10:10:44	Name: _gid Value: GA1.2.449746673.1678158344
.bluefcu.com/	1970-01-20 10:09:18	Name: _gat_UA-22110146-1 Value: 1
.bluefcu.com/	1970-01-20 10:09:18	Name: _dc_gtm_UA-22110146-1 Value: 1
api.glia.com/	1970-01-20 18:54:54	Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzgxNTgzNDQsInZpc2l0b3JfaWQiOiI1ZjUzNGYxMi1kMzZiLTRhYTQtODllOS02OTVkYzg5NjBhYzEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI4NzgxYzFlOC1kZDY5LTRkZTItODU0Ny04MmE5ZDVjMmZkYTQifQ.2zn4r4GEqVb7nUbY2bLdL9yAumMjEleGcKH7A1ZCNxAblqfg6AhQBjaecE2z9ht69R8KJISB4hqXVCvIp_rnUQ
.bluefcu.com/	1970-01-20 18:54:54	Name: _hjSessionUser_3211890 Value: eyJpZCI6IjM4YTk2ZjI3LTU2ZjgtNWQ0Ni05OTkyLWZiY2I2OGYyNjE4OSIsImNyZWF0ZWQiOjE2NzgxNTgzNDQ0ODcsImV4aXN0aW5nIjpmYWxzZX0=
.bluefcu.com/	1970-01-20 10:09:20	Name: _hjFirstSeen Value: 1
.bluefcu.com/	1970-01-20 10:09:18	Name: _hjIncludedInSessionSample_3211890 Value: 0
.bluefcu.com/	1970-01-20 10:09:20	Name: _hjSession_3211890 Value: eyJpZCI6IjM2NWYyOGM1LWQzZWEtNGE2Zi1hMjhlLWIwMmYzZjFmOGNiZSIsImNyZWF0ZWQiOjE2NzgxNTgzNDQ0OTgsImluU2FtcGxlIjpmYWxzZX0=
www.bluefcu.com/	1970-01-20 10:09:18	Name: _hjIncludedInPageviewSample Value: 1
.bluefcu.com/	1970-01-20 10:09:20	Name: _hjAbsoluteSessionInProgress Value: 1
.bluefcu.com/	1970-01-20 12:18:54	Name: _fbp Value: fb.1.1678158344844.1148640835
.bluefcu.com/	1970-01-20 10:09:20	Name: __cf_bm Value: PAY1ElKt2FsA1Pb4nbeFBqtmyhOz4tCkaCsm3Y2r81A-1678158344-0-AX7sGUjSvqdQj4YNB9+uGr3wTlLplID1OWcmdQGDcET/KJisvD89VA8sn2XRvsoWzOixWeG3YawJes154QNmOoZ7PxbO0AT/eeaN2rRlMwftCURVwKBBooNY0YUaSb1b2Q==
.bluefcu.com/	1970-01-20 19:45:18	Name: _ga Value: GA1.2.71524676.1678158344
.bluefcu.com/	1970-01-20 19:45:18	Name: _ga_P70C3BCLB1 Value: GS1.1.1678158344.1.0.1678158345.59.0.0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0098/7228.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://script.crazyegg.com/pages/scripts/0098/7228.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://js.hs-scripts.com/6332883.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.googletagmanager.com/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action https://*.bluefcu.com".
security	error	URL: https://www.googletagmanager.com/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action https://*.bluefcu.com".
security	error	URL: https://www.googletagmanager.com/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action https://*.bluefcu.com".
security	error	URL: https://www.googletagmanager.com/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action https://*.bluefcu.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; form-action https://*.bluefcu.com; frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alpixtrack.com
api.glia.com
arttrk.com
cdn.oribi.io
client-logger.salemove.com
connect.facebook.net
d.adroll.com
d11sqswym832o8.cloudfront.net
in.hotjar.com
insight.adsrvr.org
jelly-v6.mdhv.io
jelly.mdhv.io
js.adsrvr.org
js.alpixtrack.com
js.hs-scripts.com
libs.salemove.com
marketing.bluefcu.com
p.typekit.net
region1.analytics.google.com
s.adroll.com
script.crazyegg.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
use.typekit.net
vc.hotjar.io
www.bluefcu.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
region1.analytics.google.com
13.224.189.105
13.224.189.26
13.224.193.62
130.211.141.45
15.197.193.217
18.210.139.77
18.66.112.15
2001:4860:4802:32::36
2001:4860:4802:36::15
207.189.124.20
216.239.36.21
2600:9000:20eb:4600:7:415c:1200:21
2600:9000:20eb:6200:6:9280:1080:93a1
2600:9000:2156:4e00:17:4c3f:1b80:93a1
2600:9000:223c:8200:13:c079:7880:93a1
2600:9000:223f:3400:0:99b9:cd80:93a1
2606:4700:4400::ac40:95cd
2606:4700::6810:3965
2606:4700::6811:d4cc
2606:4700::6813:9308
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:400c:c07::9c
2a00:1450:400d:806::2008
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:14a0
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe05:233e:28a8:a312:7414
52.212.98.141
54.85.11.63
050532173d1f7a9c0d3ff1bcca142dac297f88697a0ec0fa7fd58004063a1775
0750e83b0c29c463b422d3d38110eac0790cb2c550817da81476207049af840b
09dd567c51da10b21e7cca3e86c9591155bfd1e5d30dfc30b573661e20e2d44c
0cbc146f08c6796205430adca8aa232707e7f756a19503a743ff9b00f0c21524
0e38201a6e608c49cf156f8918a53d4c685285d0e9fa8bb5fdcc6ed190ac6ea8
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1adae42bb5067f2a188d8bae7cbb7bbdf6c5f9e776bf9e8218695e430198ba2e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d83ae1375ecc88bf30ddd041d6f1f03b27908e4b58585f4854f71d25f455234
1f28ffc3869a9fb659adf89b37fb3b53156deb9407604b1f905eb61a6ebabc14
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b1fa79351edf039f381c8d30f0d0861746042f076c8de57179d822b8d7eacd
2c0065f7aac27c013376b787dd9c92152664f922936648129c135f885c8320ad
2c2a6aafa6c40725f85c7427e5777a665c92b136af7c3431507413d382989fc2
2dbbc39df831d5be52137a27024f8d742755c215869fe6d3265ddc6a22bb19e4
31f59b009d6620305acf62b4996417e1d8f272558ac1e0a3fbca1495ee01631a
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3c2e89bb5d9d073b862fad8b988d23f456185ad117eac28d63bb44e93c6a3b6d
478304b8b1abfe8e42e324742cc4ccd012c4d7f4fa2b7f33d3bfb9470792ad41
4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391
4aa0fe1ecbf63211978af30efcbe186d4e3d8d99a5dd6f1c185c9d8bf9f0b8bd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7b5f193e0134d85af4511e6eb01724a3329e63aae375723670ca935c651283
5616c08c6c77b14e4868900e5aba982fe84b50891769e5cbe0af915320ecf7e2
56a44663af01a51504dbc66d28ca87d87bec847f7f93ecc9a0c78a0e54eae46a
56d7de59f027b6eb8c72251c4bac41fd2e55de0c54f4ab070f679113cc1a4266
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d5c326498253054904068eaaa243ff20bb93c85fc224c8dcadc3b59bf514abf
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b232fae6b57addaf7b2b24d5b1a4195ba19d296238fe0037dece12423fd8d0f
6fc732581bd3ad9038a9d753a64889a56a24ee025b944f6aaf21f5ffc522cc18
79034e1b972efe9307b1b5ab227cba0cacbf7ca5dea0b620e0225bc442620f9d
7cf76efe33d419340f8c12853d5aa494cb658946e6e109a1080ddab895c0cb94
7d1ec5b60453db6a9d1faf0da10075c402d2dbf04664570413eaee768da10833
7d8771a8cb25b1b4c46a6dfed0667a20e7699198dcd44b4f1e917213830e6076
7ffcecf35ac440a0d0a9d32086404dff1600024d7c97b2dd35af37c90deccc39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874109c75eee1ed866d3d51aad19b7dec91cfdbc9e08fdecc4fb029fceeb7036
8e326c3b0935d76797ef007d9ad6d6a735fe5dcee83daffcb4c5de8d864a02b2
91748f27371c19e07513591b4a8744f173b129c3e4dac690ab539a5cccf5d109
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9
9860e69f8b2311e4bf49d9c95d7f5e64a0d571e11294819f035a416b856e28b2
99d77a9762ea01183ed91531dc3468d417bfc48fc81d099a10daf8b431c0aff8
9a7b41492a68a9beb5f8f7a571a587a409f3595a8948c41e38709d5f42aeca56
9ded1b0ded29d54b640bb5de05d5f6cb0f953bab59d0aa7f428ddc74ca167708
a3ea1c267de5a642f19bd2116cfe323c57ca43f3cc1da0d9e9f6dcfe143d3ee5
a88d7c1462c5fcf4e12b4658dc85fbdc17af9e006cb2800ba0f4044571428dca
abbcb2550bdc3194be2f1a200d7df5724bcf94817e48b3be425d90506863ded3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7f87ad0e98499a32639bf39a1156eae59fc13d01d552a8a27ee484e9ca5aeaf
b8a169e23c2ba4328eed7c91773d6be70514ede65b80e4569fc95472aa26bd86
b93194d015707719657ea294384b20e99114c7059eec70949e125633d90cfd46
c0b75a70f57e8f5e10267c98f06b76da4e53279d0be31f44a2f8120f0e18b024
c54a668945927ce5e7ee3a481881b728a75e7345b304fa1055c2ed88e9727914
c8b348df0b15d6939d621e3751950ea29cd1249b73f41ddb5ca1bffacef52287
caa3a0f9a23088fc0a5d3929652cf68e0ab0a78bc82f1b290a720e31114a46b7
d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6
d4b46d8c0c2fe4e9d098783b7f77ac93ae189de201dab84c406544fa7062d6ed
de652f34f6615552893114b0c717f42f736ef66b12eaae27e2e3cbb285aa4b0b
e041d47fb0b8f5c465a267bff3ee053d462d835e5b630d9761f727e6e4f27adb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
e9032fc8eb2c9afdd9df85c07161f4de257e269d11b3caf2b46405bfc2c267cb
ec4550b1cd78bb41d17494f8c0ce1b453e992965a955429635b079434ce4e6fe
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fcd9253a2ee5dd3c94dd76077f12b3fd0ea6f7fd2ba29c4c00392dcf0309ec
f5266e0f56836982f770218eff176fdcdb016011cc8c2e72a38da391b9e3fc25
fa1a42baca912a769d8bab59b0956fad989b1470c4dd95a80d6b904c04756e38
fba017a875159c05463d0f87b23de04d1d7fc4cbc5c078d27eb909658f06a196
fcfecb11f936b7e02caebb2f7a81404e10a1b23384b35fde5771e0d7af5d0c3d

www.bluefcu.com Open in urlscan Pro 2606:4700:4400::ac40:95cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

66 %IPv6

23 Domains

33 Subdomains

31 IPs

4 Countries

3241 kBTransfer

7290 kBSize

16 Cookies

19 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bluefcu.com Open in urlscan Pro
2606:4700:4400::ac40:95cd Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

31
IPs

4
Countries

3241 kB
Transfer

7290 kB
Size

16
Cookies

100 HTTP transactions
1 data transactions