www.secure.zionswiftonline.com Open in urlscan Pro
107.189.169.178  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.secure.zionswiftonline.com/	9 KB 4 KB	897ms 275ms	Document text/html	107.189.169.178 IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.189.169.178 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS usm1.noc41.com Software / Resource Hash 8f9d4123a626d25e2b6e9dc13f8cd8216d017375cc668e05509d54dbab2f401f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control max-age=0, must-revalidate, no-cache, no-store, private content-encoding br content-length 3106 content-type text/html; charset=UTF-8 date Mon, 12 Aug 2024 18:40:22 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache vary Accept-Encoding
GET H2	200	unpoly.min.js Show response unpkg.com/unpoly@2.7.1/	140 KB 57 KB	101ms 45ms	Script application/javascript	2606:4700::6811:f9cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/unpoly@2.7.1/unpoly.min.js Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab601751dd6cab2a016d67b7b00720bcc4e915971a5a9711d57b703efbfd3a14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:53 GMT content-encoding br via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 169524 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01J4YWG5FCKDEE5HNYQ1S4WDM0-fra server cloudflare etag "22e91-2JvB1PGNqhbkqiziAO3qawgsYQ8" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8b2295c09da165a3-FRA
GET H2	200	unpoly.min.css unpkg.com/unpoly@2.7.1/	3 KB 2 KB	99ms 44ms	Stylesheet text/css	2606:4700::6811:f9cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/unpoly@2.7.1/unpoly.min.css Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42f4326e35d790462b033f96a9ae560b30e77f2ce21c4621d674ac294b89d640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:53 GMT content-encoding br via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 654880 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01J4GDM7FX3X0K8QXERGPMCBAM-fra server cloudflare etag "b58-SpA6xc34giai56/DuIkr4RKu6XU" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8b2295c09d9e65a3-FRA
GET H2	200	app.6ec738fd.css www.secure.zionswiftonline.com/build/assets/	35 KB 7 KB	315ms 312ms	Stylesheet text/css	107.189.169.178 IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://www.secure.zionswiftonline.com/build/assets/app.6ec738fd.css Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.189.169.178 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS usm1.noc41.com Software / Resource Hash d4a94c3cd0620e87de524f90692f5b774400a11e125664b4220db0396426f33b Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:40:23 GMT content-encoding br last-modified Sat, 04 Nov 2023 22:07:40 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 6588 expires Mon, 19 Aug 2024 18:40:23 GMT
GET H2	200	app.37251356.js Show response www.secure.zionswiftonline.com/build/assets/	40 KB 15 KB	313ms 311ms	Script text/javascript	107.189.169.178 IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://www.secure.zionswiftonline.com/build/assets/app.37251356.js Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.189.169.178 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS usm1.noc41.com Software / Resource Hash 742dc4e8bbb215e47be2c3e24e38e2562768dd80b198131e3baf5730fba104cc Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:40:23 GMT content-encoding br last-modified Wed, 22 Mar 2023 07:39:32 GMT accept-ranges bytes content-length 14836 vary Accept-Encoding content-type text/javascript
GET H2	200	logo.png zionswiftonline.com/images/	81 KB 81 KB	1139ms 307ms	Image image/png	107.189.169.178 IOFLOOD
General Check archive.org Show headers Download Go to Show image Full URL https://zionswiftonline.com/images/logo.png Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.189.169.178 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS usm1.noc41.com Software / Resource Hash e503c56b196b7c6564210caa5aa44583edd0ca2a8103ab0185346cea22c658c8 Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:40:23 GMT last-modified Sun, 11 Feb 2024 09:06:49 GMT content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 82990 expires Mon, 19 Aug 2024 18:40:23 GMT
GET H2	200	livewire.js Show response www.secure.zionswiftonline.com/livewire/	156 KB 42 KB	353ms 352ms	Script application/javascript	107.189.169.178 IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://www.secure.zionswiftonline.com/livewire/livewire.js?id=de3fca26689cb5a39af4 Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.189.169.178 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS usm1.noc41.com Software / Resource Hash db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:40:23 GMT content-encoding br last-modified Mon, 08 Aug 2022 10:52:52 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000, public accept-ranges bytes expires Tue, 12 Aug 2025 18:40:23 GMT
GET H2	200	css2 fonts.googleapis.com/	68 KB 3 KB	80ms 30ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/build/assets/app.6ec738fd.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 12 Aug 2024 18:38:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 12 Aug 2024 18:10:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 12 Aug 2024 18:38:53 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	78ms 20ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 16:29:10 GMT x-content-type-options nosniff age 439783 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Aug 2025 16:29:10 GMT
GET H2	200	1hmavio38 Show response embed.tawk.to/65c82f740ff6374032cbabeb/	2 KB 984 B	441ms 368ms	Script application/x-javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Requested by Host: www.secure.zionswiftonline.com URL: https://www.secure.zionswiftonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9af75822d04c4cd44b1aa92442c82aa2e18960b5eb72211ace5ff636f3293de Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:54 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload cf-cache-status MISS server cloudflare etag W/"stable-v4-66909c6d5c9" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=7200, s-maxage=3600 cf-ray 8b2295c34b213614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-main.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	121 B 182 B	365ms 363ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-main.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:55 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare content-encoding br etag W/"da5bb1dc647470204df0e49f5afac2de" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c85a073614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-vendor.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	81 KB 32 KB	249ms 248ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-vendor.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:55 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare cf-cache-status MISS etag W/"3b341e35b39f6195793ecaf5db7c1d63" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c86a093614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-vendors.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	212 KB 71 KB	256ms 255ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-vendors.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:55 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare cf-cache-status MISS etag W/"77a40166698f808a0942865537165b0f" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c86a0a3614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-common.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	222 KB 62 KB	151ms 150ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:54 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare cf-cache-status MISS etag W/"69549fdedf7a66967bca1cff84df561e" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c86a0d3614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-runtime.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	2 KB 1 KB	149ms 148ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:54 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare cf-cache-status MISS etag W/"dca0ffe47071fb33643cea7919ce6e58" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c86a0e3614-FRA alt-svc h3=":443"; ma=86400
GET H2	200	twk-app.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/js/	151 B 290 B	149ms 148ms	Script application/javascript	2606:4700:10::ac43:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-app.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65c82f740ff6374032cbabeb/1hmavio38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ Origin https://www.secure.zionswiftonline.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:54 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare content-encoding br etag W/"e736e189edb5d0d9d5b8e7f23dd9114a" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295c86a103614-FRA alt-svc h3=":443"; ma=86400
GET		sunLogo.png buffalotrustonline.com/img/core-img/	0 0
GET H3	200	widget-settings Show response va.tawk.to/v1/	3 KB 1 KB	228ms 164ms	Fetch application/json	172.67.15.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/widget-settings?propertyId=65c82f740ff6374032cbabeb&widgetId=1hmavio38&sv=null Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8eabb7a489c28f216f7a439891f63787779471ee33573d1ca66691b44b80a42d Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:55 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload cf-cache-status MISS alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-tlbf server cloudflare etag W/"2-2-0" access-control-max-age 3600 access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * cache-control public, max-age=7200, s-maxage=1800 vary Accept-Encoding cf-ray 8b2295cb7f573a6e-FRA access-control-allow-headers content-type,x-tawk-token
POST H3	400	start Show response va.tawk.to/v1/session/	64 B 351 B	205ms 175ms	Fetch application/json	172.67.15.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c83dfb92ba52b1be7ab6226fbf540d4797a3994436912f1270f25da43971ef11 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Mon, 12 Aug 2024 18:38:55 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 64 x-served-by visitor-application-preemptive-hh2m server cloudflare access-control-max-age 3600 access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://www.secure.zionswiftonline.com vary Accept-Encoding access-control-allow-credentials true cf-ray 8b2295cc99d76919-FRA access-control-allow-headers content-type,x-tawk-token
OPTIONS H3	200	start va.tawk.to/v1/session/	0 0	195ms 151ms	Preflight text/html	172.67.15.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.secure.zionswiftonline.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-tawk-token access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.secure.zionswiftonline.com access-control-max-age 3600 alt-svc h3=":443"; ma=86400 cache-control public, s-maxage=600, max-age=600 cf-cache-status DYNAMIC cf-ray 8b2295cb7f553a6e-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 12 Aug 2024 18:38:55 GMT server cloudflare strict-transport-security max-age=0; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-served-by visitor-application-preemptive-119x
GET H3	200	en.js Show response embed.tawk.to/_s/v4/app/66909c6d5c9/languages/	17 KB 5 KB	77ms 47ms	Script application/javascript	172.67.15.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/66909c6d5c9/languages/en.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.secure.zionswiftonline.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:38:55 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload cf-cache-status HIT age 138594 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Fri, 12 Jul 2024 03:01:26 GMT server cloudflare etag W/"2fea0481da1baa4eac07e95e0f9af8a1" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8b2295cca9e66919-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

buffalotrustonline.com

URL

https://buffalotrustonline.com/img/core-img/sunLogo.png

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| up object| upEventListeners object| Tawk_API object| Tawk_LoadStart object| Livewire object| livewire string| livewire_token function| deferLoadingAlpine object| Alpine string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.secure.zionswiftonline.com/	1970-01-20 22:44:55	Name: XSRF-TOKEN Value: eyJpdiI6InMxZWxrNEhjaEFWcDIzL21sM2FKSXc9PSIsInZhbHVlIjoiZGljUWtQdUVWOFFGdWhTSm5yTmJyWTk0S0YrQ1d0c0lCS0lDVWF5cHprSDhNanlwem9iRVdoWVNGMEhOancwb3kyczBUVjNvTHRyc2FoV1VXNEhLOVJ4dEVJOGdtd09ObVR1cWZSSTlyN2RXYmRNVzQ0bG51d1I0TXlySmNRWDAiLCJtYWMiOiJhZDQ2NmVhODJjNmRhYTc3MTZjMDkzYjM4MDVhMTgxZjA4MDcwZWJmOTczYWRlMzJjZDk3ZDVmNjAyYjBjNmUxIiwidGFnIjoiIn0%3D
			www.secure.zionswiftonline.com/	1970-01-20 22:44:55	Name: laravel_session Value: eyJpdiI6Ik1RYUZEY2t5UmwyeE56VUNJTjhobGc9PSIsInZhbHVlIjoibm1mdGw5NlRsWHJUMllxTkZ0cEFDbnJVck04MkQyWmFycW5oa2ZSdWNtbUVzdWpKYWJLSE8rK09ZSm4yQUc1K05oQ29naFdBMFJQWnNVVWcyOHVKNDN1dDVUV0JCMnNBdTkxWFhCSmhlZ2lYVTRYT3loMlJPaFdEMG50OSt3VjIiLCJtYWMiOiJkOTkzYzE4YTE4MDdhODkyY2QzMWQ0ZGE2NmZmOTBlZjk1MmIzOWY0MmFhMGJlOWE3YzMzMTFlZWYzZjUxMDc4IiwidGFnIjoiIn0%3D
			www.secure.zionswiftonline.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: RGpJpEMlxCvJdMBm7PY8n
			www.secure.zionswiftonline.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.secure.zionswiftonline.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://buffalotrustonline.com/img/core-img/sunLogo.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buffalotrustonline.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
unpkg.com
va.tawk.to
www.secure.zionswiftonline.com
zionswiftonline.com
buffalotrustonline.com
107.189.169.178
172.67.15.14
2606:4700:10::ac43:f0e
2606:4700::6811:f9cb
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19
42f4326e35d790462b033f96a9ae560b30e77f2ce21c4621d674ac294b89d640
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
742dc4e8bbb215e47be2c3e24e38e2562768dd80b198131e3baf5730fba104cc
8eabb7a489c28f216f7a439891f63787779471ee33573d1ca66691b44b80a42d
8f9d4123a626d25e2b6e9dc13f8cd8216d017375cc668e05509d54dbab2f401f
ab601751dd6cab2a016d67b7b00720bcc4e915971a5a9711d57b703efbfd3a14
c83dfb92ba52b1be7ab6226fbf540d4797a3994436912f1270f25da43971ef11
d4a94c3cd0620e87de524f90692f5b774400a11e125664b4220db0396426f33b
db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b
e503c56b196b7c6564210caa5aa44583edd0ca2a8103ab0185346cea22c658c8
e9af75822d04c4cd44b1aa92442c82aa2e18960b5eb72211ace5ff636f3293de