hfsfcu.org Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hfsfcu.org/
Effective URL:
https://hfsfcu.org/
Submission: On October 18 via automatic, source certstream-suspicious (October 18th 2023, 8:30:25 pm UTC) — Scanned from DE

Summary HTTP 55 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 55 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is hfsfcu.org.
TLS certificate: Issued by E1 on October 18th 2023. Valid for: 3 months.

This is the only time hfsfcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	192.0.54.4 192.0.54.4	62659 (Q2HOLDINGS) (Q2HOLDINGS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:212... 2600:9000:2127:5c00:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	65.9.89.149 65.9.89.149	16509 (AMAZON-02) (AMAZON-02)
3	52.52.153.72 52.52.153.72	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:1f14:5db... 2600:1f14:5db:eb11:9a56:ad25:21d5:260a	16509 (AMAZON-02) (AMAZON-02)
55	20

17 141.193.213.10 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.hfsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hfsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hfsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.54.4 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:5c00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.89.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-89-149.prg50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.52.153.72 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-153-72.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f14:5db:eb11:9a56:ad25:21d5:260a (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	hfsfcu.org 2 redirects www.hfsfcu.org hfsfcu.org	802 KB
8	userway.org cdn.userway.org — Cisco Umbrella Rank: 4730 api.userway.org — Cisco Umbrella Rank: 4698	57 KB
4	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 665	531 B
4	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 17794 adservices.brandcdn.com — Cisco Umbrella Rank: 12322	5 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	247 B
3	google.de www.google.de — Cisco Umbrella Rank: 6147	669 B
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	812 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	242 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	84 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	32 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 17233	172 KB
55	14

	Domain	Requested by
17	hfsfcu.org	1 redirects hfsfcu.org ajax.googleapis.com
6	cdn.userway.org	hfsfcu.org cdn.userway.org cds-sdkcfg.onlineaccess1.com
4	insight.adsrvr.org	1 redirects hfsfcu.org d1eoo1tco6rr5e.cloudfront.net
3	www.facebook.com	hfsfcu.org
3	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
3	www.google.de	hfsfcu.org
3	www.googletagmanager.com	hfsfcu.org www.googletagmanager.com
2	api.userway.org	cds-sdkcfg.onlineaccess1.com
2	www.google.com	hfsfcu.org
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	hfsfcu.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tag.brandcdn.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	hfsfcu.org
1	fonts.googleapis.com	hfsfcu.org
1	cds-sdkcfg.onlineaccess1.com	hfsfcu.org
1	www.hfsfcu.org	1 redirects
55	20

This site contains links to these domains. Also see Links.

Domain
zogofinance.com
play.google.com
apps.apple.com
app.zogofinance.com
www.facebook.com
www.instagram.com
goo.gl
www.yelp.com
bloomcu.com
www.ncua.gov
www.hud.gov
secure.hfsfcu.org

Subject Issuer	Validity	Valid
hfsfcu.org E1	`2023-10-18` - `2024-01-16`	3 months	crt.sh
onlineaccess1.com GTS CA 1P5	`2023-09-15` - `2023-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://hfsfcu.org/
Frame ID: DA72217C56A508F6F05D643152F32201
Requests: 53 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe
Frame ID: 7869D2C90F1E11C96FE7D3B43B6F8AF4
Requests: 2 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=353258&cv_ck=ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850&m=hfsfcu.org&r=
Frame ID: B7F9904517B825DED12001934A35DC75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HFS Federal Credit Union: Where Caring Counts

Page URL History Show full URLs

https://www.hfsfcu.org/ HTTP 301
http://hfsfcu.org/ HTTP 301
https://hfsfcu.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

1418 kB
Transfer

3287 kB
Size

11
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://zogofinance.com/hfsfcu/
Title: Zogo

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hfsafederalcreditunion5209.mobile
Title: View

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id806337735
Title: View

Search URL Search Domain Scan URL

URL: https://app.zogofinance.com/?institution_code=HFSFCU
Title: ZOGO Financial Education Resource

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HFSFederalCreditUnion/
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hfsfcu/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://goo.gl/Mdv3Mc
Title: Review us on Google

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/hfs-federal-credit-union-hilo-2
Title: Follow us on Yelp

Search URL Search Domain Scan URL

URL: https://bloomcu.com/
Title: Website Design by BloomCU

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/Pages/default.aspx

Search URL Search Domain Scan URL

URL: https://www.hud.gov/program_offices/fair_housing_equal_opp

Search URL Search Domain Scan URL

URL: https://secure.hfsfcu.org/hfsfcu/uux.aspx#/login/resetPasswordUsername
Title: Forgot Your Password?

Search URL Search Domain Scan URL

URL: https://secure.hfsfcu.org/hfsfcu/uux.aspx#/login
Title: Log in from HFS Online Banking

Search URL Search Domain Scan URL

URL: https://secure.hfsfcu.org/hfsfcu/sdk/AutoEnrollmentE2E
Title: Enrollment

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hfsfcu.org/ HTTP 301
http://hfsfcu.org/ HTTP 301
https://hfsfcu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://insight.adsrvr.org/tags/owlo7yg/xao3rbj/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hfsfcu.org/
Redirect Chain

https://www.hfsfcu.org/
http://hfsfcu.org/
https://hfsfcu.org/

72 KB
15 KB

611ms
588ms

Document
text/html

141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

9040aa80dd40cb7b9959ecf0105bd802580aa58fcf6b5ae50f3a7ab90ae67d89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 818389cc79641c8b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 18 Oct 2023 20:30:17 GMT
last-modified: Wed, 18 Oct 2023 20:26:29 GMT
link: <https://hfsfcu.org/wp-json/>; rel="https://api.w.org/" <https://hfsfcu.org/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://hfsfcu.org/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 27
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-pingback
x-powered-by: WP Engine

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 818389ca68385c50-FRA
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 18 Oct 2023 20:30:17 GMT
Location: https://hfsfcu.org/
Server: cloudflare
alt-svc: h3=":443"; ma=86400

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 302 KB
172 KB 204ms
172ms Script
application/javascript 192.0.54.4
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9006b2b871de1db042ca317641de07d0a2bfec184fd75749c5e3799ee23f110a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:17 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 818389d06bd99061-FRA
expires: 0

GET
H2 200 client.min.js Show response
hfsfcu.org/wp-content/themes/hfs-theme/personalization/vendor/ 45 KB
16 KB 596ms
594ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/personalization/vendor/client.min.js?v=1
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd0395b5110ea158ba9779c015f31587021e5e5a84e9b9460b08f82fa1c775f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:03 GMT
server: cloudflare
etag: W/"63e55573-b30d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d03eb81c8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600&display=swap

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed79d50f92e50abe9a3f934a97ad463c0f9e7cb09210f70a6933f19f1c2f1b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Oct 2023 20:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 20:09:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Oct 2023 20:30:17 GMT

GET
H2 200 wpo-minify-header-1a25119c.min.css
hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/ 222 KB
35 KB 601ms
599ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef4989d093bcbd7dc8612fe69f141a86267ee0a55c9133796283a0f04ff5bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 20:08:25 GMT
server: cloudflare
etag: W/"65303b39-37765"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d03ebb1c8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 86 KB
31 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30768
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:38:45 GMT

GET
H3 200 app-icon-new.svg
hfsfcu.org/wp-content/themes/hfs-theme/images/ 40 KB
30 KB 600ms
599ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/images/app-icon-new.svg
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe707b16f07b3dedb1cf29133925be0f553841fb7102dbbd62507b7464fa812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:17 GMT
server: cloudflare
etag: W/"63e55581-9ec5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d40b549193-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 smartAppBanner.js Show response
hfsfcu.org/wp-content/themes/hfs-theme/personalization/ 3 KB
1 KB 592ms
591ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/personalization/smartAppBanner.js?v=1.0.3
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81f71061ee42cebb8d05d54287be427f0f73be79719cf337de5ca3bd83390adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:03 GMT
server: cloudflare
etag: W/"63e55573-b24"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d40b559193-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wpo-minify-footer-846612d3.min.css
hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/ 216 B
176 B 629ms
628ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-footer-846612d3.min.css
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76344c393b988d9ac44a1463d50858f963f6c0db04f44ec826d9e0b8c9f6d656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 20:08:25 GMT
server: cloudflare
etag: W/"65303b39-d8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d03ebc1c8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wpo-minify-footer-a8ea2151.min.js Show response
hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/ 485 KB
124 KB 879ms
878ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-footer-a8ea2151.min.js
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361b6320759185c0d78e5b0da3847684b9b4d88c4ffd5f8e9d422ba05a850939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 20:08:59 GMT
server: cloudflare
etag: W/"65303b5b-795fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d03ebe1c8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
58 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDQ4MMH

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

781797b1bcfe317160325b6b8345927073cbcab535c8253b4c2d44bbb627a5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 59112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 20:30:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
91 KB 59ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5BV9LV

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d32b0e310297e4e86061f1e574ed3dc8cc813ee8f521f4c415b2d9f517e4040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93120
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:41:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 20:30:18 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 66ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8aa7455ffe6f187f7a61e447e28c9fb6a44a5d20559f11b60f61e241590ca40b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:18 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 121
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 2250
x-accel-date: 1697658768
x-77-nzt: AcO1ryc3NzfvyggAAA
x-accel-expires: @1697662368
x-77-age: 2250
last-modified: Wed, 18 Oct 2023 16:23:09 GMT
server: CDN77-Turbo
etag: W/"f0e9257bee340abf3e0ac1b4f9cac465"
x-77-nzt-ray: 25b02131aae0c5705a40306569e96912
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: dj6XYuOyckCJXwEC0Q_C3lDw-wz_DHHI-tVXJL39F9sD97d2ZEZWiQ==

GET
H3 200 logo-white.svg
hfsfcu.org/wp-content/themes/hfs-theme/images/logo-new/svg/ 9 KB
3 KB 608ms
607ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/images/logo-new/svg/logo-white.svg
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29beba6763d4eb51d268952aafa81d3876f291236ef5f3c12c809e97d9325cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:09 GMT
server: cloudflare
etag: W/"63e55579-22c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d41b5f9193-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hfs_mark_white_transparent.svg
hfsfcu.org/wp-content/themes/hfs-theme/images/logo-new/ 3 KB
1 KB 589ms
588ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/images/logo-new/hfs_mark_white_transparent.svg?v=1.1
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f000888f00b0021d0cd6e7676399c28eab8dcefb51b3992ae5d6855c96db57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:09 GMT
server: cloudflare
etag: W/"63e55579-ab3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818389d41b649193-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 icomoon.ttf
hfsfcu.org/wp-content/themes/hfs-theme/fonts/fonts/ 34 KB
34 KB 595ms
595ms Font
application/octet-stream 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/fonts/fonts/icomoon.ttf
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917e1395dc3dd986fcdc5b1e2b5f7625af410c58318ac9eb6d2cc0ecc59f3800

Request headers

Referer: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Origin: https://hfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:26 GMT
server: cloudflare
etag: "63e5558a-8908"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 818389d41b6e9193-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35080

GET
H3 200 gotcha-standup.woff
hfsfcu.org/wp-content/themes/hfs-theme/fonts/fonts/gotcha-standup/ 205 KB
205 KB 729ms
729ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hfsfcu.org/wp-content/themes/hfs-theme/fonts/fonts/gotcha-standup/gotcha-standup.woff
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e5fd977d19dfdef2d8edb91ac094f733c63ade03c104ee15f19acd67333569

Request headers

Referer: https://hfsfcu.org/wp-content/cache/wpo-minify/1697659695/assets/wpo-minify-header-1a25119c.min.css
Origin: https://hfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 20:20:26 GMT
server: cloudflare
etag: "63e5558a-33520"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 818389d42b719193-FRA
alt-svc: h3=":443"; ma=86400
content-length: 210208

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDQ4MMH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2325
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 18 Oct 2023 21:51:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/733939273/ 3 KB
2 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/733939273/?random=1697661018352&cv=11&fst=1697661018352&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhfsfcu.org%2F&hn=www.googleadservices.com&frm=0&tiba=HFS%20Federal%20Credit%20Union%3A%20Where%20Caring%20Counts&auid=452684172.1697661018&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5BV9LV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c68b719a2123fbfa9745afd565f3a2fbdbc002d6c89f751333ea31a921a6937a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 70ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Oct 2023 20:30:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: OfoYsrDCk7bMsDyiSj+A2NBDVmltqAHMP23N5Sjraqa66qS/tsF3bsqanXmLnAC1G7PKMuf6u/XfV85izGfb8g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 HFS_Federal_Credit_Union.js Show response
tag.brandcdn.com/autoscript/hfsfederalcreditunion_vfhwvmvrmxfwvfe9/ 1 KB
1 KB 122ms
32ms Script
text/javascript 2600:9000:2127:5c00:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/hfsfederalcreditunion_vfhwvmvrmxfwvfe9/HFS_Federal_Credit_Union.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5BV9LV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ee9f787183fe27713f758171a4cc84c9b9649f0be0328b17e5819eba200a926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 15:02:37 GMT
x-amz-version-id: dqkkrwFKFfyCVW_.61uEyNUPTXxKCvFG
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 23:53:15 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 19662
etag: "4066d416cfad74200969681c44dea174"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: jjNKMiRUakd1qczLTJOCeBOvqm_dAkb6KiLrEQFXp4Y-CCForjRKYQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
93 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4F9DJRXMGV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5BV9LV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e43502f36a04206d0f7b972c3a2ec8bb68502ab0312eef6a6991c01b714f376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 20:30:18 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 14ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1936414276&t=pageview&_s=1&dl=https%3A%2F%2Fhfsfcu.org%2F&ul=en-us&de=UTF-8&dt=HFS%20Federal%20Credit%20Union%3A%20Where%20Caring%20Counts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1138911770&gjid=1362205123&cid=1820634709.1697661018&tid=UA-12594007-1&_gid=1030923807.1697661018&_r=1&_slc=1&gtm=45He3ag0n81P5BV9LV&z=343606769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hfsfcu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 75ms
24ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12594007-1&cid=1820634709.1697661018&jid=1138911770&gjid=1362205123&_gid=1030923807.1697661018&_u=YEDAAEAAAAAAACAAI~&z=1922537920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 20:30:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hfsfcu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/733939273/ 42 B
455 B 47ms
20ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/733939273/?random=1697661018352&cv=11&fst=1697659200000&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhfsfcu.org%2F&frm=0&tiba=HFS%20Federal%20Credit%20Union%3A%20Where%20Caring%20Counts&fmt=3&is_vtc=1&random=1506191846&rmt_tld=0&ipr=y

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/733939273/ 42 B
455 B 48ms
21ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/733939273/?random=1697661018352&cv=11&fst=1697659200000&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhfsfcu.org%2F&frm=0&tiba=HFS%20Federal%20Credit%20Union%3A%20Where%20Caring%20Counts&fmt=3&is_vtc=1&random=1506191846&rmt_tld=1&ipr=y

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4F9DJRXMGV&gtm=45je3ag0&_p=1936414276&_gaz=1&cid=1820634709.1697661018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697661018&sct=1&seg=0&dl=https%3A%2F%2Fhfsfcu.org%2F&dt=HFS%20Federal%20Credit%20Union%3A%20Where%20Caring%20Counts&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4F9DJRXMGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hfsfcu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 23ms
23ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4F9DJRXMGV&cid=1820634709.1697661018&gtm=45je3ag0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4F9DJRXMGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hfsfcu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4F9DJRXMGV&cid=1820634709.1697661018&gtm=45je3ag0&aip=1&z=384458426

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
32ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12594007-1&cid=1820634709.1697661018&jid=1138911770&_u=YEDAAEAAAAAAACAAI~&z=86486861

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 41ms
41ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12594007-1&cid=1820634709.1697661018&jid=1138911770&_u=YEDAAEAAAAAAACAAI~&z=86486861

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 20:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 649312295792012 Show response
connect.facebook.net/signals/config/ 115 KB
31 KB 124ms
124ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649312295792012?v=2.9.134&r=stable&domain=hfsfcu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f6b927ee6272093610534aa8961f39db9c673f11cd3a9efa69c5a5153957daa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Oct 2023 20:30:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: frEO8tjOROhZe5dM2gId2GlIZJrByJYzOXPq9PndHtdrVJqKRDk/NFetiM+EXzqnuprhHgmElDoeBXo10JQJ1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/ Frame 7869
Redirect Chain

https://insight.adsrvr.org/tags/owlo7yg/xao3rbj/iframe
https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe

138 B
668 B

44ms
25ms

Document
text/html

65.9.89.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/hfsfederalcreditunion_vfhwvmvrmxfwvfe9/HFS_Federal_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.89.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-89-149.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7031aff95786397f007adaa5f5105e798ddb8f00d99799a1a0b1206a97e7948a

Request headers

Referer: https://hfsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 24140
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 18 Oct 2023 13:47:59 GMT
ETag: "4a0eb8013a033dc445fe2cff465e79c7"
Last-Modified: Sat, 01 Apr 2023 04:02:30 GMT
Server: AmazonS3
Via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: u7VwdAKdcDUk-IZGGPLK1Mhl3fKEM_kBN-6gElZrDLpzOEUlwtGJWQ==
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Wed, 18 Oct 2023 20:30:18 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 564ms
170ms Script
text/javascript 52.52.153.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/hfsfederalcreditunion_vfhwvmvrmxfwvfe9/HFS_Federal_Credit_Union.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.153.72 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-153-72.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 18:00:27 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "613-5f8ff265c97b6-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 745

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
148 B 96ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=owlo7yg&ct=0:xao3rbj&fmt=3
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 96ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=owlo7yg&ct=0:qg3do32&fmt=3
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 all Show response
hfsfcu.org/wp-json/persona/v1/ 202 KB
11 KB 595ms
594ms XHR
application/json 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hfsfcu.org/wp-json/persona/v1/all

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

f2175221d3d1100cc68d3ad0395ae3aca2eba9dfbd178bfaf568b5a9ee4b9ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://hfsfcu.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:19 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 10
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://hfsfcu.org/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-HTTP-Method-Override
cf-ray: 818389d60eed9193-FRA

GET
H3 200 imp Show response
hfsfcu.org/wp-json/persona/v1/ 23 B
443 B 622ms
622ms XHR
application/json 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hfsfcu.org/wp-json/persona/v1/imp?id=2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

105cd28525e2cb1457b26fc9041bc8972f62d409234a785ddb994da6d1dd86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://hfsfcu.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:19 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 4
alt-svc: h3=":443"; ma=86400
content-length: 23
server: cloudflare
allow: GET
vary: Accept-Encoding,Cookie
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
link: <https://hfsfcu.org/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-HTTP-Method-Override
cf-ray: 818389d60ef29193-FRA

GET
H3 200 Little-Girl-Fern-WEB-1439x985.jpg
hfsfcu.org/wp-content/uploads/2022/11/ 191 KB
191 KB 733ms
733ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/uploads/2022/11/Little-Girl-Fern-WEB-1439x985.jpg
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa1cc892f31dc93f6635528fe61afb4ddcc8b7c9ba27bfa061f74bc2b8f4020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:19 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 19:40:48 GMT
server: cloudflare
etag: "63768e40-2fb97"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 818389d64f359193-FRA
alt-svc: h3=":443"; ma=86400
content-length: 195479

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 7869 70 B
148 B 30ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=owlo7yg&ct=0:xao3rbj&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/owlo7yg/xao3rbj/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
BLOB 200
OK e36ddb48-ff2d-438c-a2cb-4491cf0a5fa1
https://hfsfcu.org/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hfsfcu.org/e36ddb48-ff2d-438c-a2cb-4491cf0a5fa1
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649312295792012&ev=PageView&dl=https%3A%2F%2Fhfsfcu.org&rl=&if=false&ts=1697661018757&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=28&fbp=fb.1.1697661018755.853156866&pm=1&hrl=271760&ler=empty&it=1697661018490&coo=false&cs_cc=1&cas=6390300181062352&rqm=GET

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Oct 2023 20:30:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649312295792012&ev=SubmitApplication&dl=https%3A%2F%2Fhfsfcu.org&rl=&if=false&ts=1697661018759&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=28&fbp=fb.1.1697661018755.853156866&pm=1&hrl=c20d71&ler=empty&it=1697661018490&coo=false&cs_cc=1&cas=6390300181062352&rqm=GET

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Oct 2023 20:30:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649312295792012&ev=Lead&dl=https%3A%2F%2Fhfsfcu.org&rl=&if=false&ts=1697661018760&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=28&fbp=fb.1.1697661018755.853156866&pm=1&hrl=ac6821&ler=empty&it=1697661018490&coo=false&cs_cc=1&cas=7120544171323775%2C6390300181062352&rqm=GET

Requested by

Host: hfsfcu.org
URL: https://hfsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Oct 2023 20:30:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 widget_app_base_1697646045946.js Show response
cdn.userway.org/widgetapp/2023-10-18-16-20-45/ 135 KB
40 KB 21ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-18-16-20-45/widget_app_base_1697646045946.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fe097b0d5f18747b6c06bf763b87fc47eda189ce526c04de8986badd9a7a3cd2

Request headers

Referer: https://hfsfcu.org/
Origin: https://hfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:18 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 13150
x-accel-date: 1697647868
x-77-nzt: AcO1ryc3Nzf/XjMAAA
x-accel-expires: @1723567868
x-77-age: 13150
last-modified: Wed, 18 Oct 2023 16:23:03 GMT
server: CDN77-Turbo
etag: W/"f742613376eef77b0fd92389d6c863e1"
x-77-nzt-ray: 25b021310eef17805a403065ebf63938
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: yz5PlxDQqYiot1ODOAE2t0uRgG3eHdqrdjO5LE2LdRLEUJO_6mibwQ==

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 uyd2M4jeAW Show response
api.userway.org/api/tunings/ 447 B
833 B 537ms
173ms XHR
application/json 2600:1f14:5db:eb11:9a56:ad25:21d5:260a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/uyd2M4jeAW
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:9a56:ad25:21d5:260a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 70a2767c75973fbf0030df48279a620f410bf927bbfad56051349b7f220e7dca

Request headers

Referer: https://hfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 Oct 2023 20:30:19 GMT
etag: W/"1bf-4/nW2PUTl3F8F4maDrM4bhIr3Pg"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrc0779ce40b08477
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 447
x-service-version: uw-pr

GET
H3 200 Web-Homepage-960x640.png
hfsfcu.org/wp-content/uploads/2023/10/ 38 KB
38 KB 590ms
590ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/uploads/2023/10/Web-Homepage-960x640.png
Requested by: Host: hfsfcu.org
URL: https://hfsfcu.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7619a6754c8512c255bbc1f01ea7148ddb4ca569bb2b5416f0ab78388c0eb175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:19 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 01:27:47 GMT
server: cloudflare
etag: "65289d13-9676"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 818389da9d7c9193-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38518

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-10-18-16-20-45/locales/ 500 B
934 B 7ms
7ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-18-16-20-45/locales/en-US.json
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:19 GMT
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 13119
x-accel-date: 1697647900
x-77-nzt: AcO1ryc3Nzf/PzMAAA
x-accel-expires: @1723567900
x-77-age: 13119
last-modified: Wed, 18 Oct 2023 16:23:03 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: 25b021310eef17805b403065ae589c26
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: BA0agx-JGGSsVco9M1TobGeGUvdQ5lk_xQuaDiVwEAMQFabTlu9taQ==

GET
H2 200 cv Show response
adservices.brandcdn.com/pixel/ Frame B7F9 4 KB
2 KB 170ms
170ms Document
text/html 52.52.153.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=353258&cv_ck=ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850&m=hfsfcu.org&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.153.72 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-153-72.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

Referer: https://hfsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Wed, 18 Oct 2023 20:30:19 GMT
etag: "1002-5f8ff265c97b6;5f8ff265c97b6
last-modified: Mon, 10 Apr 2023 18:00:27 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H3 200 HFS-4Q23-Share-Rate-blog-v1-960x628.jpg
hfsfcu.org/wp-content/uploads/2023/10/ 95 KB
95 KB 734ms
734ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hfsfcu.org/wp-content/uploads/2023/10/HFS-4Q23-Share-Rate-blog-v1-960x628.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ac7c8365546ceda7114aaa64ab994eb9a70a26398e643230d8305f07e6ebbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:20 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 18:48:34 GMT
server: cloudflare
etag: "651b1082-17a0a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 818389decc009193-FRA
alt-svc: h3=":443"; ma=86400
content-length: 96778

GET
H2 200 cv_confirm.png
adservices.brandcdn.com/pixel/ Frame B7F9 68 B
555 B 171ms
170ms Image
image/png 52.52.153.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=353258&buid=ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850&m=hfsfcu.org&r=&oid=38677491
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=353258&cv_ck=ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850&m=hfsfcu.org&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.153.72 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-153-72.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adservices.brandcdn.com/pixel/cv?aid=353258&cv_ck=ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850&m=hfsfcu.org&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:20 GMT
last-modified: Mon, 10 Apr 2023 18:00:27 GMT
server: Apache/2.4.52 (Ubuntu)
accept-ranges: bytes
etag: "44-5f8ff265c97b6"
content-length: 68
content-type: image/png

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 24 KB
10 KB 8ms
8ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1697646045946
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-18-16-20-45/widget_app_base_1697646045946.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4915f753dfa55e0cb856ed220b0934a9c68345bbeabf1e69f55e99826fec49cd

Request headers

Referer: https://hfsfcu.org/
Origin: https://hfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:20 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 13129
x-accel-date: 1697647891
x-77-nzt: AcO1ryc3Nzf/STMAAA
x-accel-expires: @1723567891
x-77-age: 13129
last-modified: Wed, 18 Oct 2023 16:23:08 GMT
server: CDN77-Turbo
etag: W/"7a2c0aed8a3650b178a912f7b5753ae1"
x-77-nzt-ray: 25b021310eef17805c4030659f240409
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 4Dm-zHAeIxrj49fyrF5Joy9_S5rU1z24sT-OMVgu_E3EHsVEkIoUVw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 26ms
25ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:20 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 267
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 10842198
x-accel-date: 1686818822
x-77-nzt: AcO1ryc3Nzf/VnClAA
x-accel-expires: @1712738822
x-77-age: 10842198
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 25b02131aae0c5705c40306581f9e40a
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: OYrgg1mGpCclPfT9JdvTj881e2OmReFmnlYrhD7IDFA0s8OiCjuhag==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 18 Oct 2023 20:30:20 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 267
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 10842198
x-accel-date: 1686818822
x-77-nzt: AcO1ryc3Nzf/VnClAA
x-accel-expires: @1712738822
x-77-age: 10842198
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 25b02131aae0c5705c4030659c1eeb0a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: X-EqlF9-0PavF6HWAg7QdVhz-FWP8h_E6PtrPX_fuJKRBiQ7EytT_g==

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fhfsfcu.org%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 172ms
172ms Fetch
application/json 2600:1f14:5db:eb11:9a56:ad25:21d5:260a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fhfsfcu.org%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:9a56:ad25:21d5:260a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:30:25 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-809f5266

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlineaccess1.com/	1969-12-31 23:59:59	Name: __cfruid Value: b88728bcc1f2d52efa43c464c888d8c60c9f9af1-1697661017
.hfsfcu.org/	1970-01-20 17:43:57	Name: _gcl_au Value: 1.1.452684172.1697661018
.hfsfcu.org/	1970-01-20 15:35:47	Name: _gid Value: GA1.2.1030923807.1697661018
.hfsfcu.org/	1970-01-20 15:34:21	Name: _gat_UA-12594007-1 Value: 1
.doubleclick.net/	1970-01-20 15:34:21	Name: test_cookie Value: CheckForPermission
.hfsfcu.org/	1970-01-21 01:10:21	Name: _ga_4F9DJRXMGV Value: GS1.1.1697661018.1.0.1697661018.60.0.0
.hfsfcu.org/	1970-01-21 01:10:21	Name: _ga Value: GA1.1.1820634709.1697661018
.hfsfcu.org/	1970-01-20 17:43:57	Name: _fbp Value: fb.1.1697661018755.853156866
hfsfcu.org/	1970-01-21 00:19:57	Name: brandcdn_uid Value: ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850
adservices.brandcdn.com/	1970-01-21 00:19:57	Name: brandcdn_uid Value: ce2fa6cc-2c3e-4e2d-823f-5fc05aa3a850
adservices.brandcdn.com/	1970-01-20 15:44:25	Name: AWSALBCORS Value: pjfeZkURm5KWB9BPgXnCl2huscqApquF0w4jXZYkmAJWwtGcF13ds+GbbbVKf4TvgfLfkQHng5wpOgULex9jLCtC0tjG6ZmoXKhJ/4r53n1kYH4ydq5krY+muzug

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript	warning	URL: https://hfsfcu.org/ Message: The resource https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservices.brandcdn.com
ajax.googleapis.com
api.userway.org
cdn.userway.org
cds-sdkcfg.onlineaccess1.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
hfsfcu.org
insight.adsrvr.org
region1.analytics.google.com
stats.g.doubleclick.net
tag.brandcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hfsfcu.org
141.193.213.10
141.193.213.11
192.0.54.4
2001:4860:4802:32::36
2600:1f14:5db:eb11:9a56:ad25:21d5:260a
2600:9000:2127:5c00:7:e536:8b00:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:400c:c09::9c
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.223.40.198
52.52.153.72
65.9.89.149
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
105cd28525e2cb1457b26fc9041bc8972f62d409234a785ddb994da6d1dd86f6
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
29beba6763d4eb51d268952aafa81d3876f291236ef5f3c12c809e97d9325cb8
361b6320759185c0d78e5b0da3847684b9b4d88c4ffd5f8e9d422ba05a850939
3f6b927ee6272093610534aa8961f39db9c673f11cd3a9efa69c5a5153957daa
4915f753dfa55e0cb856ed220b0934a9c68345bbeabf1e69f55e99826fec49cd
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
50f000888f00b0021d0cd6e7676399c28eab8dcefb51b3992ae5d6855c96db57
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe
6e43502f36a04206d0f7b972c3a2ec8bb68502ab0312eef6a6991c01b714f376
7031aff95786397f007adaa5f5105e798ddb8f00d99799a1a0b1206a97e7948a
70a2767c75973fbf0030df48279a620f410bf927bbfad56051349b7f220e7dca
7619a6754c8512c255bbc1f01ea7148ddb4ca569bb2b5416f0ab78388c0eb175
76344c393b988d9ac44a1463d50858f963f6c0db04f44ec826d9e0b8c9f6d656
781797b1bcfe317160325b6b8345927073cbcab535c8253b4c2d44bbb627a5ee
7ee9f787183fe27713f758171a4cc84c9b9649f0be0328b17e5819eba200a926
81f71061ee42cebb8d05d54287be427f0f73be79719cf337de5ca3bd83390adc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa7455ffe6f187f7a61e447e28c9fb6a44a5d20559f11b60f61e241590ca40b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9006b2b871de1db042ca317641de07d0a2bfec184fd75749c5e3799ee23f110a
9040aa80dd40cb7b9959ecf0105bd802580aa58fcf6b5ae50f3a7ab90ae67d89
917e1395dc3dd986fcdc5b1e2b5f7625af410c58318ac9eb6d2cc0ecc59f3800
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
baa1cc892f31dc93f6635528fe61afb4ddcc8b7c9ba27bfa061f74bc2b8f4020
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c68b719a2123fbfa9745afd565f3a2fbdbc002d6c89f751333ea31a921a6937a
cbe707b16f07b3dedb1cf29133925be0f553841fb7102dbbd62507b7464fa812
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d32b0e310297e4e86061f1e574ed3dc8cc813ee8f521f4c415b2d9f517e4040a
d6e5fd977d19dfdef2d8edb91ac094f733c63ade03c104ee15f19acd67333569
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed79d50f92e50abe9a3f934a97ad463c0f9e7cb09210f70a6933f19f1c2f1b56
eef4989d093bcbd7dc8612fe69f141a86267ee0a55c9133796283a0f04ff5bfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0395b5110ea158ba9779c015f31587021e5e5a84e9b9460b08f82fa1c775f
f2175221d3d1100cc68d3ad0395ae3aca2eba9dfbd178bfaf568b5a9ee4b9ab3
f5ac7c8365546ceda7114aaa64ab994eb9a70a26398e643230d8305f07e6ebbf
fe097b0d5f18747b6c06bf763b87fc47eda189ce526c04de8986badd9a7a3cd2

hfsfcu.org Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

70 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

1418 kBTransfer

3287 kBSize

11 Cookies

14 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hfsfcu.org Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

1418 kB
Transfer

3287 kB
Size

11
Cookies

55 HTTP transactions
2 data transactions