credo-foundation.org Open in urlscan Pro
192.185.146.142 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://credo-foundation.org/kaka/login/
Submission: On January 28 via manual (January 28th 2022, 6:35:57 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 20 domains to perform 86 HTTP transactions. The main IP is 192.185.146.142, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is credo-foundation.org.
TLS certificate: Issued by R3 on January 14th 2022. Valid for: 3 months.

This is the only time credo-foundation.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Mountain America Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 14	192.185.146.142 192.185.146.142	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	104.89.40.9 104.89.40.9	16625 (AKAMAI-AS) (AKAMAI-AS)
26	45.60.46.50 45.60.46.50	19551 (INCAPSULA) (INCAPSULA)
4	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e031	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	63.128.130.61 63.128.130.61	22013 (GUARD-DC1) (GUARD-DC1)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.0.173.134 142.0.173.134	7160 (NETDYNAMICS) (NETDYNAMICS)
1	52.239.236.68 52.239.236.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.182.141.63 52.182.141.63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.2.75 18.66.2.75	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.21 108.157.4.21	16509 (AMAZON-02) (AMAZON-02)
1	13.66.240.155 13.66.240.155	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
86	22

14 192.185.146.142 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-146-142.unifiedlayer.com

credo-foundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.40.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-40-9.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 45.60.46.50 (United States)

ASN19551 (INCAPSULA, US)

www.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oc-cdn-ocprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ocsdk-prod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.128.130.61 (United States)

ASN22013 (GUARD-DC1, US)
PTR: collector.fraudmap.net

collector.fraudmap.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.botframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comms.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.134 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

elq.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.236.68 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

webchatic3.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.182.141.63 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-75.txl50.r.cloudfront.net

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.21 (United States)

ASN16509 (AMAZON-02, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.66.240.155 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	macu.com 1 redirects www.macu.com — Cisco Umbrella Rank: 248301 elq.macu.com — Cisco Umbrella Rank: 609566	742 KB
16	azureedge.net oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 67595 ocsdk-prod.azureedge.net — Cisco Umbrella Rank: 78646	368 KB
14	credo-foundation.org 1 redirects credo-foundation.org	169 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 509 p.typekit.net — Cisco Umbrella Rank: 656	57 KB
3	audioeye.com ws.audioeye.com — Cisco Umbrella Rank: 3742 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3515	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	58 KB
2	microsoft.com browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 91	793 B
2	omnichannelengagementhub.com comms.omnichannelengagementhub.com — Cisco Umbrella Rank: 62708 217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com — Cisco Umbrella Rank: 628392	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	622 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	53 KB
1	windows.net webchatic3.blob.core.windows.net — Cisco Umbrella Rank: 86919	115 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 4321	38 KB
1	botframework.com cdn.botframework.com — Cisco Umbrella Rank: 23808	748 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6941	3 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 740	38 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	15 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 385	429 B
1	fraudmap.net collector.fraudmap.net — Cisco Umbrella Rank: 148136	269 B
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 5992
86	20

	Domain	Requested by
26	www.macu.com	credo-foundation.org www.macu.com
15	oc-cdn-ocprod.azureedge.net	credo-foundation.org oc-cdn-ocprod.azureedge.net
14	credo-foundation.org	1 redirects credo-foundation.org
4	use.typekit.net	credo-foundation.org use.typekit.net
3	connect.facebook.net	credo-foundation.org connect.facebook.net
2	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
2	browser.pipe.aria.microsoft.com	oc-cdn-ocprod.azureedge.net
2	elq.macu.com	1 redirects credo-foundation.org
2	www.facebook.com	credo-foundation.org
2	cdnjs.cloudflare.com	credo-foundation.org
2	code.jquery.com	credo-foundation.org
1	217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	ocsdk-prod.azureedge.net
1	ws.audioeye.com	credo-foundation.org
1	ocsdk-prod.azureedge.net	oc-cdn-ocprod.azureedge.net
1	comms.omnichannelengagementhub.com	oc-cdn-ocprod.azureedge.net
1	webchatic3.blob.core.windows.net	oc-cdn-ocprod.azureedge.net
1	js.monitor.azure.com	oc-cdn-ocprod.azureedge.net
1	cdn.botframework.com	oc-cdn-ocprod.azureedge.net
1	img.en25.com	credo-foundation.org
1	p.typekit.net	use.typekit.net
1	ajax.aspnetcdn.com	credo-foundation.org
1	stackpath.bootstrapcdn.com	credo-foundation.org
1	bat.bing.com	credo-foundation.org
1	collector.fraudmap.net	credo-foundation.org
1	cloud.typography.com	credo-foundation.org
86	25

This site contains links to these domains. Also see Links.

Domain
o.macu.com
www.macu.com
secure.macu.com
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
www.linkedin.com
www.ncua.gov
portal.hud.gov

Subject Issuer	Validity	Valid
*.credo-foundation.org R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2021-05-27` - `2022-06-01`	a year	crt.sh
www.macu.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-05` - `2022-05-10`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 06	`2021-12-28` - `2022-12-23`	a year	crt.sh
*.fraudmap.net Thawte TLS RSA CA G1	`2020-03-09` - `2022-04-17`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06	`2021-12-27` - `2022-12-22`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-11-16` - `2022-11-16`	a year	crt.sh
comms.omnichannelengagementhub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-09-08`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2021-12-12` - `2022-12-07`	a year	crt.sh
*.audioeye.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-14`	a year	crt.sh
*.omnichannelengagementhub.com Microsoft RSA TLS CA 01	`2021-12-04` - `2022-12-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://credo-foundation.org/kaka/login/
Frame ID: 9C938E6725FA180BBCF3A5813EE783C2
Requests: 67 HTTP requests in this frame

Frame: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Frame ID: AD40E3AED27A348CE37832320E6CF5D6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mountain America Credit Union in Utah & the West

Page URL History Show full URLs

https://credo-foundation.org/kaka/login HTTP 301
https://credo-foundation.org/kaka/login/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AudioEye (Accessibility) Expand

Overall confidence: 100%
Detected patterns

audioeye\.com/ae\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

25
Subdomains

22
IPs

3
Countries

2451 kB
Transfer

6855 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://o.macu.com/Registration
Title: Register

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotUsername
Title: ID

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotPassword
Title: Password

Search URL Search Domain Scan URL

URL: https://www.macu.com/accounts/checking/mystyle-checking?icid=topsearches-checking
Title: MyStyle Rewards Checking

Search URL Search Domain Scan URL

URL: https://www.macu.com/loans/vehicle-loans/auto?icid=topsearches-auto
Title: Low-rate Auto Loans

Search URL Search Domain Scan URL

URL: https://secure.macu.com/account-opening?productId=52
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MountainAmerica/
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mountainamerica
Title: Follow us on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mountainamericacu/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/MountainAmerica?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mountain-america-credit-union/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/Pages/default.aspx
Title: Go to the National Credit Union Administration Federally insured by NCUA

Search URL Search Domain Scan URL

URL: http://portal.hud.gov/hudportal/HUD
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://secure.macu.com/#/account-opening
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.macu.com/about-us/contact-us/help-center
Title: Check out our FAQs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://credo-foundation.org/kaka/login HTTP 301
https://credo-foundation.org/kaka/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&firstPartyCookieDomain=elq.macu.com HTTP 302
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&elq1pcGUID=A02E2F5E59634955929C769B50E612D0

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
credo-foundation.org/kaka/login/
Redirect Chain

https://credo-foundation.org/kaka/login
https://credo-foundation.org/kaka/login/

156 KB
48 KB

146ms
146ms

Document
text/html

192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash: 462ad337f40eb6c7902d076d2ec0ff32ec6609f3a6aa783a8581208b03116c59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Fri, 10 Dec 2021 21:42:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
date: Fri, 28 Jan 2022 18:35:48 GMT
server: Apache

Redirect headers

location: https://credo-foundation.org/kaka/login/
content-length: 248
content-type: text/html; charset=iso-8859-1
date: Fri, 28 Jan 2022 18:35:47 GMT
server: Apache

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/689828/7556792/css/ 0
0 1095ms
962ms Stylesheet
text/html 104.89.40.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/689828/7556792/css/fonts.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.89.40.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-40-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 font-awesome.min.css
www.macu.com/MACU/Stylesheets/ 30 KB
9 KB 721ms
581ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/font-awesome.min.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 14-53314528-53309777 2VNN RT(1643394948046 0) q(0 0 0 0) r(6 6)
cache-control: max-age=80702, public
content-length: 8332
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 jquery.smartbanner.css
www.macu.com/MACU/Stylesheets/ 5 KB
2 KB 765ms
625ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/jquery.smartbanner.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 14-53314529-53314530 2VNN RT(1643394948047 0) q(0 0 0 2) r(1 6)
cache-control: max-age=80702, public
content-length: 1766
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 main.6748b61948611561aebb.css
www.macu.com/dist/module/ 198 KB
32 KB 723ms
584ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 14-53314531-53313880 2VNN RT(1643394948051 0) q(0 0 0 3) r(6 6)
cache-control: max-age=80702, public
content-length: 32719
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 cvd1zmo.css
use.typekit.net/ 3 KB
926 B 273ms
134ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cvd1zmo.css

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

52ea6ddb89b42de720bdd54cd5ae9fc21e71f2e7c4ef51dfb3dc5bada31b5813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 28 Jan 2022 18:35:48 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 694

GET
H2 200 LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ 2 KB
1 KB 149ms
9ms Stylesheet
text/css 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetFrame.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: br
x-azure-ref-originshield: 0tDX0YQAAAABcx3PmYbh9Q71JPFpoxIVuQU1TMDRFREdFMTkxMAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: T6+Ch2oZZGwEGnAXQDcCfw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BCF7CB0
x-azure-ref: 0hDf0YQAAAAA3NhdWYCrjQbo9BjDA+iQKRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a9b067f8-a01e-00b7-2f1b-13bdf4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 style.css
credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/ 830 B
417 B 232ms
231ms Stylesheet
text/css 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/style.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash: 60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Sun, 21 Nov 2021 00:02:56 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 355

GET
H2 200 font-awesome.min.css
credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/ 30 KB
7 KB 234ms
234ms Stylesheet
text/css 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/font-awesome.min.css
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash: b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Sat, 04 Dec 2021 18:42:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7118

GET
H2 200 icon-security-padlock.svg
www.macu.com/media/Icons/ 2 KB
1 KB 593ms
591ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-security-padlock.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:11 GMT
x-cdn: Imperva
etag: "6ca188bdb2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314713-53313877 2VNN RT(1643394949013 0) q(0 0 0 1) r(5 5)
cache-control: max-age=80701, public
content-length: 633
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 icon-map-location.svg
www.macu.com/media/Icons/ 1 KB
1 KB 1015ms
1014ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-map-location.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:01 GMT
x-cdn: Imperva
etag: "36132e85db2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314714-53313679 2VNN RT(1643394949014 0) q(0 0 0 3) r(10 10)
cache-control: max-age=80701, public
content-length: 646
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 icon-market-prediction.svg
www.macu.com/media/Icons/ 2 KB
1 KB 1014ms
1013ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-market-prediction.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:02 GMT
x-cdn: Imperva
etag: "9ab4bc85db2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314715-53313882 2VNN RT(1643394949019 0) q(0 0 0 0) r(10 10)
cache-control: max-age=80701, public
content-length: 707
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 icon-account.svg
www.macu.com/media/Icons/ 2 KB
1 KB 173ms
172ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-account.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "7f45ab7edb2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314716-53314530 2NYN RT(1643394949020 0) q(0 0 0 2) r(1 1) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-budget-accounting.svg
www.macu.com/media/Icons/ 4 KB
1 KB 174ms
173ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-budget-accounting.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:52 GMT
x-cdn: Imperva
etag: "df1cec7fdb2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314717-53313880 2VNN RT(1643394949024 0) q(0 0 0 1) r(1 1)
cache-control: max-age=80702, public
content-length: 910
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 icon-fraud-detection.svg
www.macu.com/media/Icons/ 2 KB
1 KB 1013ms
1012ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-fraud-detection.svg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:54 GMT
x-cdn: Imperva
etag: "207efd80db2d51:0"
content-type: image/svg+xml
x-iinfo: 14-53314718-53314719 2VNN RT(1643394949026 0) q(0 0 0 0) r(0 10)
cache-control: max-age=80701, public
content-length: 735
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 search_icon_white.png
www.macu.com/MACU/Images/ 1 KB
2 KB 322ms
322ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/search_icon_white.png
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 14-53314720-53313880 2VNN RT(1643394949028 0) q(0 1 1 0) r(3 3)
cache-control: max-age=80702, public
content-length: 1333
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 404 tippy.all.min.js
credo-foundation.org/MACU/Scripts/Lib/ 0
0 137ms
136ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/MACU/Scripts/Lib/tippy.all.min.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:48 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 404 main.bundle.6748b61948611561aebb.js
credo-foundation.org/dist/module/ 0
0 132ms
132ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/dist/module/main.bundle.6748b61948611561aebb.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://credo-foundation.org/kaka/login/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H/1.1 200
OK validate.js Show response
collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/ 0
269 B 717ms
159ms Script
application/javascript 63.128.130.61
GUARD-DC1

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/validate.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.128.130.61 , United States, ASN22013 (GUARD-DC1, US),

Reverse DNS

collector.fraudmap.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 18:35:49 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Keep-Alive: timeout=5, max=70
Content-Length: 0
X-XSS-Protection: 1

GET
H2 404 skipto.js
credo-foundation.org/MACU/Scripts/Lib/ 0
0 142ms
142ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/MACU/Scripts/Lib/skipto.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ 10 KB
2 KB 11ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 0xvbzYQAAAAAtt3FsfsEAQpYRO5D4KabsQU1TMDRFREdFMTkxNgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: thkHRtTmATEZlK21AHK9Yg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFF6B508EE
x-azure-ref: 0hTf0YQAAAAAc7TTlkUdPSJ7ZjLffm/+/RlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6689c540-801e-0106-7117-135dec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 204 0
bat.bing.com/action/ 0
429 B 257ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4014792&tm=gtm002&Ver=2&mid=42ad0409-03c2-46af-b38d-c937e7fbe5f1&sid=d02e7e60550311ecb91869c28ee55430&vid=d02f0200550311ec8a902f0fefbfce0e&vids=0&pi=0&lg=en-US&sw=1366&sh=768&sc=24&tl=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&kw=home&p=https%3A%2F%2Fwww.macu.com%2F&r=&lt=4738&evt=pageLoad&msclkid=N&sv=1&rn=903490
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 18:35:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02FAD47E220446A6BBA6317ED3CE0522 Ref B: FRAEDGE1219 Ref C: 2022-01-28T18:35:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loading.gif
credo-foundation.org/kaka/login/cmss/script/custom/fonts/images/img/ 38 KB
38 KB 137ms
136ms Image
image/gif 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credo-foundation.org/kaka/login/cmss/script/custom/fonts/images/img/loading.gif
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Sat, 11 Aug 2018 18:03:52 GMT
server: Apache
accept-ranges: bytes
content-length: 38636
content-type: image/gif

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 253ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1643394949.dop028.ml1.t,1643394949.cds211.ml1.hn,1643394949.cds202.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 254ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://credo-foundation.org/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1643394949.dop028.ml1.t,1643394949.cds216.ml1.hn,1643394949.cds003.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 281ms
56ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://credo-foundation.org/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1383435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjEEqeR%2B6FiuEG9fBEMwVVgGuncMzQR1xX5edat0hXRaA8o1IzO%2FlXl3AlpytEscsHy7vw1UK71eikXreDsLeQHjYYy33zgYnDO%2FDzT6npE654Pyw7VmdZqlOYNldfZ%2F4WxQP54kg5sDNeT%2FpwLVXGtz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d4c52a21ec90f6a-MXP
expires: Wed, 18 Jan 2023 18:35:49 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 306ms
81ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://credo-foundation.org/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: bf7753ab1b20ac0d67354e8bb54f9569
cf-ray: 6d4c52a21b4c0e22-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
38 KB 232ms
9ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10776101
x-cache: HIT
content-length: 38892
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/8E87)
etag: "af301a17b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 273ms
48ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 144278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SX0EqoSIM2Pnj%2FwxDUrlPWUQXNlHZ1rYjnYwxzclsuNj1qC9aQTTQ%2BSiFPF7nAfWVtWnK2OMHsSUN545EcOlsbspqADJBO9qUPGJSNXEYbGbOWNOhcn470YnH7hqNdz4nOHa2NUxF2MsKa1R%2BBIZQtMl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d4c52a23c46599b-MXP
expires: Wed, 18 Jan 2023 18:35:49 GMT

GET
H2 404 actions.js
credo-foundation.org/kaka/login/js/ 0
0 141ms
139ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/js/actions.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 244ms
21ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cvd1zmo&ht=tk&f=39680.39685.39687&a=1540528&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 header_logo.svg
www.macu.com/MACU/Images/ 10 KB
4 KB 595ms
595ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/header_logo.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314782-53314783 2VNN RT(1643394949266 0) q(0 0 0 0) r(0 6)
cache-control: max-age=80701, public
content-length: 3737
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 l
use.typekit.net/af/a3a085/00000000000000007735ba73/30/ 16 KB
17 KB 56ms
15ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3a085/00000000000000007735ba73/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
server: nginx
etag: "c8312ec3794d199c4baa21fae3f300f4162a37ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16816

GET
H2 200 fontawesome-webfont.woff2
credo-foundation.org/kaka/login/module/media/Script/lib/Fonts/ 75 KB
76 KB 140ms
139ms Font
font/woff2 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/module/media/Script/lib/Fonts/fontawesome-webfont.woff2
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://credo-foundation.org/kaka/login/cms/media/fonts/stylesheet/css/font-awesome.min.css
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Sat, 04 Dec 2021 14:52:26 GMT
server: Apache
accept-ranges: bytes
content-length: 77160
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/a741c0/00000000000000007735ba66/30/ 19 KB
19 KB 45ms
24ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a741c0/00000000000000007735ba66/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
server: nginx
etag: "519cefc842ab7db6e740a26a5e2b3c236659ca6b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684

GET
H2 200 info-icon.png
www.macu.com/MACU/Images/ 1 KB
2 KB 1510ms
1509ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/info-icon.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 14-53314795-53314807 2VNN RT(1643394949300 0) q(0 1 1 1) r(1 16)
cache-control: max-age=80700, public
content-length: 1150
expires: Sat, 29 Jan 2022 17:00:50 GMT

GET
H2 200 2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
www.macu.com/media/3-column-images/ 94 KB
94 KB 455ms
455ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Wed, 20 Oct 2021 18:04:34 GMT
x-cdn: Imperva
etag: "2ead30f0dcc5d71:0"
content-type: image/jpeg
x-iinfo: 14-53314796-53314915 2VNN RT(1643394949302 0) q(0 2 3 0) r(3 4)
cache-control: max-age=80702, public
content-length: 96057
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
www.macu.com/media/3-column-images/ 86 KB
86 KB 619ms
618ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c2d951ac225265014369abca6a2ffc3fa712decafc497e2b717ccefb225328e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Fri, 23 Jul 2021 19:51:14 GMT
x-cdn: Imperva
etag: "c7e9718fc7fd71:0"
content-type: image/jpeg
x-iinfo: 14-53314797-53313877 2VNN RT(1643394949303 0) q(0 4 4 2) r(6 6)
cache-control: max-age=80702, public
content-length: 87666
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 3colflex-value-analyzer-2020-V1TSP-457x644.jpg
www.macu.com/media/3-column-images/ 93 KB
94 KB 709ms
708ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/3colflex-value-analyzer-2020-V1TSP-457x644.jpg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Wed, 15 Jul 2020 21:28:54 GMT
x-cdn: Imperva
etag: "fefdcaf0ee5ad61:0"
content-type: image/jpeg
x-iinfo: 14-53314798-53314978 2VNN RT(1643394949304 0) q(0 5 5 1) r(5 7)
cache-control: max-age=80702, public
content-length: 95317
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 social-icon-facebook.svg
www.macu.com/MACU/Images/ 656 B
932 B 789ms
787ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-facebook.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314799-53313877 2VNN RT(1643394949306 0) q(0 6 6 0) r(7 7)
cache-control: max-age=80701, public
content-length: 452
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 200 social-icon-youtube.svg
www.macu.com/MACU/Images/ 1 KB
1 KB 852ms
850ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-youtube.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314800-53314783 2VNN RT(1643394949308 0) q(0 7 7 0) r(8 8)
cache-control: max-age=80702, public
content-length: 745
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 social-icon-instagram.svg
www.macu.com/MACU/Images/ 2 KB
2 KB 873ms
872ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-instagram.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314801-53314978 2VNN RT(1643394949309 0) q(0 7 7 1) r(8 8)
cache-control: max-age=80702, public
content-length: 1078
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 social-icon-twitter.svg
www.macu.com/MACU/Images/ 995 B
1 KB 865ms
865ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-twitter.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314802-53313882 2VNN RT(1643394949311 0) q(0 7 7 0) r(8 8)
cache-control: max-age=80702, public
content-length: 613
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 social-icon-linkedin.svg
www.macu.com/MACU/Images/ 796 B
989 B 865ms
864ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-linkedin.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314803-53313679 2VNN RT(1643394949312 0) q(0 7 7 1) r(8 8)
cache-control: max-age=80702, public
content-length: 511
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 ncua_logo.png
www.macu.com/MACU/Images/ 2 KB
2 KB 930ms
930ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/ncua_logo.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 14-53314804-53313877 2VNN RT(1643394949314 0) q(0 7 7 1) r(9 9)
cache-control: max-age=80702, public
content-length: 1989
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 icon-equal-housing.svg
www.macu.com/MACU/Images/ 640 B
888 B 1003ms
1003ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/icon-equal-housing.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314805-53315035 2VNN RT(1643394949316 0) q(0 8 8 0) r(9 9)
cache-control: max-age=80702, public
content-length: 409
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 footer_mountains.svg
www.macu.com/MACU/Images/ 2 KB
968 B 1101ms
1100ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/footer_mountains.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 14-53314806-53315039 2VNN RT(1643394949317 0) q(0 8 8 0) r(8 10)
cache-control: max-age=80702, public
content-length: 489
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 l
use.typekit.net/af/e7065f/00000000000000007735ba3f/30/ 20 KB
20 KB 28ms
27ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e7065f/00000000000000007735ba3f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
server: nginx
etag: "65381862afa1e35bdce2a257727d8a6c9625f357"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20480

GET
H2 200 2021_MyStyleCampaign_1821x630_AL.jpg
www.macu.com/media/hero-images/ 324 KB
325 KB 988ms
986ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/hero-images/2021_MyStyleCampaign_1821x630_AL.jpg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Tue, 19 Oct 2021 19:59:10 GMT
x-cdn: Imperva
etag: "832218c823c5d71:0"
content-type: image/jpeg
x-iinfo: 14-53314809-53313882 2VNN RT(1643394949330 0) q(0 8 8 0) r(10 10)
cache-control: max-age=80702, public
content-length: 331751
expires: Sat, 29 Jan 2022 17:00:52 GMT

GET
H2 200 mystyle-video-thumbnail-summer-2021-v1cc.jpg
www.macu.com/media/videos/ 73 KB
74 KB 1075ms
1074ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/videos/mystyle-video-thumbnail-summer-2021-v1cc.jpg
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2e71ed7493ee4502bf285424f72cdf8bcdecf30ff4d99515b10fb1af3cdd08d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
last-modified: Tue, 24 Aug 2021 17:05:33 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "24eef3fa99d71:0"
content-type: image/jpeg
x-iinfo: 14-53314810-53314973 2NNN RT(1643394949331 0) q(0 8 8 2) r(10 10) U1
accept-ranges: bytes
content-length: 74365
x-cdn: Imperva

GET
H2 200 play_button.png
www.macu.com/MACU/Images/ 559 B
1 KB 1108ms
1107ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/play_button.png
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 14-53314811-53309777 2VNN RT(1643394949334 0) q(0 9 9 0) r(10 10)
cache-control: max-age=80701, public
content-length: 559
expires: Sat, 29 Jan 2022 17:00:51 GMT

GET
H2 404 tippy.all.min.js
credo-foundation.org/MACU/Scripts/Lib/ 0
0 155ms
155ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/MACU/Scripts/Lib/tippy.all.min.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 404 main.bundle.6748b61948611561aebb.js
credo-foundation.org/dist/module/ 0
0 136ms
136ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/dist/module/main.bundle.6748b61948611561aebb.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://credo-foundation.org/kaka/login/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 404 skipto.js
credo-foundation.org/MACU/Scripts/Lib/ 0
0 134ms
133ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/MACU/Scripts/Lib/skipto.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/configs/ 4 KB
2 KB 28ms
12ms Fetch
application/json 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 0+Sb0YQAAAADzTu/ob/IZT48uVWpBynrkQU1TMDRFREdFMTkyMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFED267BBA
x-azure-ref: 0hjf0YQAAAABCS6nVi4QaQKv9PLWlCgmfRlJBRURHRTEwMTEANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58b56ee9-b01e-00ab-1617-13ef94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 9auvuCMxKzSG+p5KK6pGJlObLSk+KLPk2dzp3gYdoMbJ57pe0Nkc/DhQaqTLI+Nm5qJD3rdACXN+3jeySD4SCg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 28 Jan 2022 18:35:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chat.html Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/ Frame AD40 7 KB
2 KB 8ms
8ms Document
text/html 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/

Response headers

cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
content-type: text/html
content-encoding: br
content-md5: 4svHTbPebj5nFznb41LdVg==
last-modified: Sat, 15 Jan 2022 06:26:48 GMT
etag: 0x8D9D7F0029D3293
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 69cb26d2-001e-0137-4d23-13bcff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 05sLzYQAAAABOJRNnMA8iRp1y2ijRuAMQQU1TMDRFREdFMTkwOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
x-azure-ref: 0hjf0YQAAAADacYQWuNoITKVZKg0LLnedRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
date: Fri, 28 Jan 2022 18:35:49 GMT

GET
H2 404 actions.js
credo-foundation.org/kaka/login/js/ 0
0 133ms
132ms Script
text/html 192.185.146.142
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://credo-foundation.org/kaka/login/js/actions.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.146.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-146-142.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/kaka/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:13:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ 78 KB
8 KB 10ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 05cLzYQAAAABLiHJ0iW6KQZilHQTe6ZqGQU1TMDRFREdFMTkxMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0hjf0YQAAAABZETfhSQnwTa30AS/8q1dYRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e5b0ced5-101e-00ef-522e-1365ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame AD40 78 KB
8 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 05cLzYQAAAABLiHJ0iW6KQZilHQTe6ZqGQU1TMDRFREdFMTkxMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0hjf0YQAAAABwdvHOCNvfSK/eT5crVawlRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e5b0ced5-101e-00ef-522e-1365ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: TK3f70RhZKFcQMiqSgm+h5GuZWrRa3sNM2VeyYDmhV5ZTDfVfHnQEDG7LLIf8uiYrIYOWVPI6BpcGEol+sYbGA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 28 Jan 2022 18:35:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 837421743000518 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 116ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/837421743000518?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c61013941dafa299b401f2ecaef12190565aec04f0344f48bbeed7fdb91ddbb0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pnauydj2QqeIb2F0lEgTdxvV+JkjP3nVKEDCXFPwlzDVLvVEbL2vgdRYistPAWE67494H2r1g+5p8aTwYdHLlg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 28 Jan 2022 18:35:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LiveChatWidgetLibs.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame AD40 412 KB
107 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 08n3zYQAAAABQg1eGMcl3SaeeWLE0iGvzQU1TMDRFREdFMTkwOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: AV3A5KYwCd4LKK8Bu2rBWw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0076158E0
x-azure-ref: 0hjf0YQAAAABO8MVI4XqeT591uMskjUUrRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2d65c38d-601e-010e-112e-1347e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatWidgetScripts.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame AD40 396 KB
69 KB 13ms
11ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 0BRL0YQAAAAC6hYYp12LITLPT8Q0GQrXDQU1TMDRFREdFMTgwOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: HJIf6V8EGajSQQtpPTfOQQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007E78C00
x-azure-ref: 0hjf0YQAAAAAe5BsBdtOuQI1G7UWhoDpZRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 55a875c3-401e-005b-1d10-13a965000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatWidgetAll.min.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ Frame AD40 53 KB
9 KB 9ms
9ms Stylesheet
text/css 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetAll.min.css
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: br
x-azure-ref-originshield: 06CX0YQAAAADlZQD+h1r6R71e8ZEdTu5kVFlPMDFFREdFMjMxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: WaCWuIabbLjYwdudjji8ZQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BBBA986
x-azure-ref: 0hjf0YQAAAAACNUVrt3Z1QJk0S4x3gJzERlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: aa00d827-101e-013b-1518-132bf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 jquery-3.4.1.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame AD40 104 KB
31 KB 11ms
11ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: br
x-azure-ref-originshield: 03yX0YQAAAADK3f6tILHzQ6xFZaYORLlFVFlPMDFFREdFMjQxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: iPDd3y2YhzkDBroYgeOIwg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00736CCC0
x-azure-ref: 0hjf0YQAAAACEyGpCWjdeTIKA/978MG7NRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 75d4b4ee-e01e-012f-6b6b-146398000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 65ms
22ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
Date: Fri, 28 Jan 2022 18:35:50 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "28352a696c0d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 28 Jan 2022 18:35:50 GMT

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/ Frame AD40 4 KB
2 KB 11ms
10ms XHR
application/json 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: br
x-azure-ref-originshield: 06SX0YQAAAAA1soiKZyQBQpokI2ajRxbmVFlPMDFFREdFMjQxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00238B342
x-azure-ref: 0hjf0YQAAAAColjxrSNX4SrjvC5d8InwKRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8430da8d-801e-0139-3f6b-14954f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 28ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=PageView&dl=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1643394950212&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.51&r=stable&ec=0&o=60&fbp=fb.1.1643394950211.385696257&it=1643394950075&coo=false&exp=p0&rqm=GET

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 28 Jan 2022 18:35:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 28ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=ViewContent&dl=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1643394950215&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.51&r=stable&ec=1&o=60&fbp=fb.1.1643394950211.385696257&it=1643394950075&coo=false&exp=p0&rqm=GET

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 28 Jan 2022 18:35:50 GMT

GET
H2 200 appinsights.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame AD40 5 KB
3 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: br
x-azure-ref-originshield: 0+6zzYQAAAAAsbX/ZJEYkSou3BUADVxRvQU1TMDRFREdFMTgwOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: ADbtFKqlrLgA2/6zjT1cnw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F006756E1E
x-azure-ref: 0hjf0YQAAAAAJXZ40Hrh/S6PYVv83Gd8PRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 209323de-c01e-00b1-7f1b-138e4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 webchat-es5.js Show response
cdn.botframework.com/botframework-webchat/4.9.2/ Frame AD40 3 MB
748 KB 58ms
9ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.botframework.com/botframework-webchat/4.9.2/webchat-es5.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8A) /
Resource Hash: 0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: gzip
content-md5: lAEA5uInanqd0I1LBpYUXA==
age: 13374
x-cache: HIT
content-length: 765604
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jul 2020 18:43:42 GMT
server: ECAcc (frc/8F8A)
etag: 0x8D829B82987C0B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 76f89227-001e-00e4-7856-14bbc1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 28 Jan 2022 22:35:50 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame AD40 119 KB
38 KB 82ms
28ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

Request headers

Referer: https://oc-cdn-ocprod.azureedge.net/
Origin: https://oc-cdn-ocprod.azureedge.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:49 GMT
content-encoding: br
x-azure-ref-originshield: 0UDH0YQAAAACWZnsaxaGCT6i2oZhnzkfFQU1TMDRFREdFMTgxMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5: eo/NA/cIfC8rvfmGvcVN1w==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.7.2.min.js
last-modified: Wed, 08 Dec 2021 18:03:24 GMT
x-ms-meta-aijssdkver: 2.7.2
etag: 0x8D9BA750718AE66
x-azure-ref: 0hjf0YQAAAADc6O0oiSf8SqsnDexXYW6+RlJBRURHRTEwMTYAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 335ac1b3-701e-002d-1770-145b06000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

svrGP
elq.macu.com/visitor/v200/
Redirect Chain

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&firstPartyCookieDomain=elq.macu.com
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&elq1pcGUID=A02E2F5E59634955929C769B50E612D0

49 B
497 B

906ms
906ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&elq1pcGUID=A02E2F5E59634955929C769B50E612D0

Requested by

Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/

Protocol

HTTP/1.1

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 18:35:51 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 18:35:50 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fcredo-foundation.org%2Fkaka%2Flogin%2F&ref2=elqNone&tzo=0&ms=259&optin=disabled&elq1pcGUID=A02E2F5E59634955929C769B50E612D0
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 344
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 purify.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame AD40 16 KB
7 KB 19ms
19ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/purify.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:50 GMT
content-encoding: br
x-azure-ref-originshield: 0HCf0YQAAAAAKHas/I4vjQpJcEmEz5HpmQU1TMDRFREdFMTgwNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: 98MT7M8SRWeA4QUys4utxQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0077B45AC
x-azure-ref: 0hjf0YQAAAADp3CAr+GMnQ439hnXdDYC2RlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: efe39666-601e-0153-3019-134d67000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK botframework-webchat-adapter-ic3.production.min.js Show response
webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/ Frame AD40 115 KB
115 KB 836ms
165ms Script
application/javascript 52.239.236.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/botframework-webchat-adapter-ic3.production.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.236.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 28 Jan 2022 18:35:50 GMT
Last-Modified: Sat, 14 Aug 2021 15:05:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uWzZutPFlN9rzjGW2y8JIQ==
ETag: 0x8D95F3500AFCFD0
Content-Type: application/javascript
x-ms-request-id: 22a6cfc9-401e-00ac-7b75-14c0bc000000
x-ms-version: 2009-09-19
Content-Length: 117440

GET
H2 200 SDK.min.js Show response
comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/ Frame AD40 24 KB
5 KB 265ms
35ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:51 GMT
content-encoding: br
last-modified: Sat, 02 Oct 2021 02:07:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WdlsYBmkBlaPY+FFlT//KA==
etag: 0x8D98549567E591B
x-azure-ref: 0hzf0YQAAAACpdlRdggr6RLxEaxYGoPRjRlJBRURHRTEwMDkAMzEzYmNhYWQtNTkyZS00ZDA4LWI1OTEtZjJjZTI1ZDc2ZjU3
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: 41e57d3f-001e-00b1-322c-134de1000000
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19
x-azure-ref-originshield: 078vzYQAAAACuRlNNXfGnR7ZBpjmvqDMCQU1TMDRFREdFMTgxNAAzMTNiY2FhZC01OTJlLTRkMDgtYjU5MS1mMmNlMjVkNzZmNTc=

GET
H2 200 chat-adapter-0.0.35-beta.1.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame AD40 444 KB
99 KB 51ms
50ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/chat-adapter-0.0.35-beta.1.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:51 GMT
content-encoding: br
x-azure-ref-originshield: 06wL0YQAAAAB3pMN0CaRCSJRPURdm4WUzQU1TMDRFREdFMTgxNAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: O+ExDonOjsci5GCZ/GHiZw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0070E3C1C
x-azure-ref: 0hzf0YQAAAADEKj0n/7aqRKDIAher6oJkRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 24e65f48-401e-0109-421d-132b80000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 SDK.min.js Show response
ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/ Frame AD40 78 KB
17 KB 489ms
13ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:52 GMT
content-encoding: br
x-azure-ref-originshield: 04q3zYQAAAACk81hRxQjpQqoERk+Ix9ZJQU1TMDRFREdFMTkyMQA5Nzk3MTdhNC1mNDg1LTRjOTUtYWQ2Yi1iOGFiMTViZmIzYTI=
content-md5: wgHqAXXLbwBtAnW5wGiHJg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 31 Aug 2021 20:29:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96CBE17F6BD2B
x-azure-ref: 0iDf0YQAAAABtzSRKe/LLRYHKKKB0JS3xRlJBRURHRTEwMDkAOTc5NzE3YTQtZjQ4NS00Yzk1LWFkNmItYjhhYjE1YmZiM2Ey
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 69f281be-301e-00e7-5c0e-14f126000000
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame AD40 0
397 B 684ms
136ms XHR
application/json 52.182.141.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1643394952228&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.141.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 18:35:51 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 607
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 ae.js Show response
ws.audioeye.com/ 1020 B
820 B 122ms
21ms Script
application/javascript 18.66.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: credo-foundation.org
URL: https://credo-foundation.org/kaka/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-75.txl50.r.cloudfront.net
Software: /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:09:06 GMT
via: 1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
age: 1607
etag: "c5f5d23dbd841fb0868078e4bfbbd713"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P1
content-encoding: gzip
x-amz-cf-id: hOWVHAVDPJcKXTbLHQwZItsr0IzW4exMdDSWx6U3YTzwusvXBOxSUg==

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
12 KB 582ms
539ms Script
application/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=credo-foundation.org
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://credo-foundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:35:53 GMT
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: "bd2f70577e43319f96c693e34b326375"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, private
content-encoding: gzip
x-amz-cf-id: dgIj1uXrr_5iQfJEhn87xEzUdI4kMZEyak5JDXlenF87jQbNZhC1RQ==

GET
H/1.1 200
OK 705610f5-72b1-469e-8935-4af156c9dcbb Show response
217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/ Frame AD40 12 KB
13 KB 1225ms
331ms XHR
application/json 13.66.240.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/705610f5-72b1-469e-8935-4af156c9dcbb?requestId=5c90c83b-70a4-495e-a11a-15dc10a91531&channelId=lcw

Requested by

Host: ocsdk-prod.azureedge.net
URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.66.240.155 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd

Security Headers

Name	Value
Content-Security-Policy	default-src "none"
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://oc-cdn-ocprod.azureedge.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src "none"
X-Content-Type-Options: nosniff
Correlation-Vector: ENApyIFLJEmB4nQoKokHlA.19
Date: Fri, 28 Jan 2022 18:35:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Cache-Control: no-store, must-revalidate, no-cache
Transaction-Id: a7895843-5f46-45e1-9f6f-59fb5aef9f17
Expires: Fri, 28 Jan 2022 18:35:53 GMT

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 29 B
424 B 82ms
38ms Script
text/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=credo-foundation.org&lang=en&cb=3a3e9de
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=credo-foundation.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

Request headers

Referer: https://credo-foundation.org/
Origin: https://credo-foundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 17:08:45 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
content-length: 49
via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-id: jOZ-ebb4fiO0IeSuvx23EYaM2GCopqeuYG_OfLBXLDisNQBaw2HTvA==

GET
H2 200 1033.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/ Frame AD40 13 KB
3 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/1033.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 18:35:53 GMT
content-encoding: br
x-azure-ref-originshield: 0APfzYQAAAAC65GOSE2A2RazzOUThkJ2RQU1TMDRFREdFMTkwOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: +rNdVFj8oJE5dM/EJCJOQA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F008A0D57F
x-azure-ref: 0iTf0YQAAAABFlDYGI/HsRZnldOm3mMduRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8d1763ef-e01e-014d-3d19-13a1bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame AD40 0
396 B 124ms
124ms XHR
application/json 52.182.141.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1643394954573&time-delta-to-apply-millis=607
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.141.63 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 18:35:53 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 60
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mountain America Credit Union (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 09:51:30	Name: MUID Value: 09FE994063A76EB01B88887A62756F1F
.credo-foundation.org/	1970-01-20 02:39:30	Name: _fbp Value: fb.1.1643394950211.385696257
.facebook.com/	1970-01-20 02:39:30	Name: fr Value: 0Ww4iSdrkcK2JnZgk..Bh9DeG...1.0.Bh9DeG.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://credo-foundation.org/MACU/Scripts/Lib/tippy.all.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/dist/module/main.bundle.6748b61948611561aebb.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloud.typography.com/689828/7556792/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://credo-foundation.org/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/kaka/login/js/actions.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/MACU/Scripts/Lib/tippy.all.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/dist/module/main.bundle.6748b61948611561aebb.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://credo-foundation.org/kaka/login/js/actions.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com
ajax.aspnetcdn.com
bat.bing.com
browser.pipe.aria.microsoft.com
cdn.botframework.com
cdnjs.cloudflare.com
cloud.typography.com
code.jquery.com
collector.fraudmap.net
comms.omnichannelengagementhub.com
connect.facebook.net
credo-foundation.org
elq.macu.com
img.en25.com
js.monitor.azure.com
oc-cdn-ocprod.azureedge.net
ocsdk-prod.azureedge.net
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
webchatic3.blob.core.windows.net
ws.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.macu.com
104.111.229.66
104.89.40.9
108.157.4.21
13.66.240.155
142.0.173.134
152.199.19.160
18.66.2.75
192.185.146.142
2001:4de0:ac18::1:a:1b
2606:4700::6810:135e
2606:4700::6812:bcf
2620:1ec:46::44
2620:1ec:bdf::44
2620:1ec:c11::200
2a02:26f0:6c00:2ae::19fd
2a02:26f0:f7::5c7b:e031
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
45.60.46.50
52.182.141.63
52.239.236.68
63.128.130.61
023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121
0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575
0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd
202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b
2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2
29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e71ed7493ee4502bf285424f72cdf8bcdecf30ff4d99515b10fb1af3cdd08d9
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916
3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0
3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47
3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff
462ad337f40eb6c7902d076d2ec0ff32ec6609f3a6aa783a8581208b03116c59
470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f
4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3
5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae
52ea6ddb89b42de720bdd54cd5ae9fc21e71f2e7c4ef51dfb3dc5bada31b5813
5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23
5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5
5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466
60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1
661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6
68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f
6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969
6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f
7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda
821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd
90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef
93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db
95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646
a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c
b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6
b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88
c2d951ac225265014369abca6a2ffc3fa712decafc497e2b717ccefb225328e3
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c61013941dafa299b401f2ecaef12190565aec04f0344f48bbeed7fdb91ddbb0
c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec
c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c
cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3
ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1
cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002
d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b
d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a
dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53
e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb
f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d
f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192
f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

credo-foundation.org Open in urlscan Pro 192.185.146.142 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

45 %IPv6

20 Domains

25 Subdomains

22 IPs

3 Countries

2451 kBTransfer

6855 kBSize

3 Cookies

15 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

credo-foundation.org Open in urlscan Pro
192.185.146.142 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

25
Subdomains

22
IPs

3
Countries

2451 kB
Transfer

6855 kB
Size

3
Cookies

86 HTTP transactions
0 data transactions