Submitted URL: http://www.bsfcu.com/
Effective URL: https://www.fcfcu.com/ballstate
Submission: On November 15 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 83 HTTP transactions. The main IP is 63.145.156.20, located in United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is www.fcfcu.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 11th 2022. Valid for: a year.
This is the only time www.fcfcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
16 63.145.156.20 209 (CENTURYLI...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.157.1.118 16509 (AMAZON-02)
1 3 66.155.71.150 13768 (COGECO-PEER1)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.155.71.179 13768 (COGECO-PEER1)
9 2600:9000:225... 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
6 13.226.153.103 16509 (AMAZON-02)
7 65.9.66.50 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.20.78.240 14618 (AMAZON-AES)
1 52.88.123.202 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
83 23
Apex Domain
Subdomains
Transfer
16 fcfcu.com
www.fcfcu.com
1003 KB
14 interface.ai
fcfcu-widget.interface.ai
assets.interface.ai — Cisco Umbrella Rank: 292963
fcfcu-connect.interface.ai
926 KB
12 typekit.net
use.typekit.net — Cisco Umbrella Rank: 435
p.typekit.net — Cisco Umbrella Rank: 564
250 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
102 KB
9 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3728
135 KB
5 gstatic.com
fonts.gstatic.com
70 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3148
clickserv.sitescout.com — Cisco Umbrella Rank: 20877
267 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1393
insight.adsrvr.org — Cisco Umbrella Rank: 573
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
1 basis.net
pixel-a.basis.net — Cisco Umbrella Rank: 18412
65 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5922
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2887
266 B
1 dmpxs.com
bob.dmpxs.com — Cisco Umbrella Rank: 9183
369 B
1 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 5225
243 B
1 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 5779
229 B
1 bsfcu.com
www.bsfcu.com
705 B
83 19
Domain Requested by
16 www.fcfcu.com www.fcfcu.com
11 use.typekit.net www.fcfcu.com
10 www.googletagmanager.com www.fcfcu.com
9 images.ctfassets.net www.fcfcu.com
7 assets.interface.ai www.fcfcu.com
fcfcu-widget.interface.ai
6 fcfcu-widget.interface.ai www.fcfcu.com
fcfcu-widget.interface.ai
5 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com fcfcu-widget.interface.ai
www.fcfcu.com
2 insight.adsrvr.org www.fcfcu.com
js.adsrvr.org
2 pixel.sitescout.com www.fcfcu.com
2 www.google-analytics.com www.fcfcu.com
www.google-analytics.com
1 p.typekit.net www.fcfcu.com
1 pixel-a.basis.net 1 redirects
1 www.google.de www.fcfcu.com
1 www.google.com www.fcfcu.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fcfcu-connect.interface.ai fcfcu-widget.interface.ai
1 api.ipify.org fcfcu-widget.interface.ai
1 bob.dmpxs.com www.fcfcu.com
1 clickserv.sitescout.com www.fcfcu.com
1 pubads.g.doubleclick.net www.fcfcu.com
1 js.adsrvr.org www.googletagmanager.com
1 action.media6degrees.com www.fcfcu.com
1 action.dstillery.com 1 redirects
1 www.bsfcu.com 1 redirects
83 25
Subject Issuer Validity Valid
*.fcfcu.com
Thawte RSA CA 2018
2022-07-11 -
2023-07-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
images.ctfassets.net
Amazon
2022-02-17 -
2023-03-18
a year crt.sh
*.dmpxs.com
Amazon
2021-12-23 -
2023-01-21
a year crt.sh
interface.ai
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
www.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
www.google.de
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.fcfcu.com/ballstate
Frame ID: B7D684BD7363E203FCA9DDE51C3F9711
Requests: 78 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 2D8C7A9D4B079D54262BA5CDB20FA7F0
Requests: 1 HTTP requests in this frame

Frame: https://fcfcu-widget.interface.ai/widget/index.html
Frame ID: 95E47715831297C93B05035A4DF98FF2
Requests: 10 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 2939E69F97FB2F417443B1DA2E2D1C19
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=cq327qt&ref=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&upid=5ren5rh&upv=1.1.0
Frame ID: E0CC6129362D71A2F0C050AED6041E43
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BallState - Financial CenterArrow Icon

Page URL History Show full URLs

  1. http://www.bsfcu.com/ HTTP 301
    https://www.fcfcu.com/ballstate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

83
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

2513 kB
Transfer

6005 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bsfcu.com/ HTTP 301
    https://www.fcfcu.com/ballstate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 61
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ballstate
www.fcfcu.com/
Redirect Chain
  • http://www.bsfcu.com/
  • https://www.fcfcu.com/ballstate
226 KB
60 KB
Document
General
Full URL
https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
9f62c8b792c5d565f26344bdf7d115450d223cc9f511e9add7c0a37095d78878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 15 Nov 2022 07:02:42 GMT
etag
W/"63732660-3862e"
last-modified
Tue, 15 Nov 2022 05:40:48 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-farmhand
api-srv1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
76a61f6fed4d9bd7-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 15 Nov 2022 07:02:41 GMT
Expires
Tue, 15 Nov 2022 08:02:41 GMT
Location
https://www.fcfcu.com/ballstate
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgQNTQxX%2BDYHKC5Z5UXFPobiIp%2FfX1D%2Bm48m2%2Fq6Dj989el%2FKz97KB%2B1GZZX%2FeLnaA84zg3sXdbg91uGOfb8KSEoGnnF7dOj1wCbP5xbjpQp8GHl29FXd4v6lkRNDYt11MTNIeSvb8tz0XsI"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
component---src-layouts-index-js-d3e0241575038feeb9bf.js
www.fcfcu.com/
14 KB
6 KB
Script
General
Full URL
https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
2fb259fbbbcd67dc02df4738c5cac93f4bc10f87a2913181094fcba6bd92785f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-378c"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
component---src-templates-page-js-4c2c1074d3b2137cbca7.js
www.fcfcu.com/
4 KB
2 KB
Script
General
Full URL
https://www.fcfcu.com/component---src-templates-page-js-4c2c1074d3b2137cbca7.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
d1f386fe3484dbae5c08c33356ffc8b68be5e84d6501e2c5a6e618c1b271b723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-fce"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
path---index-176496cf1f6aebffad15.js
www.fcfcu.com/
215 KB
35 KB
Script
General
Full URL
https://www.fcfcu.com/path---index-176496cf1f6aebffad15.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
b965549f386ba1e9715081eb28b4ad395bfe8d9c779fa5029b28c51cb38b751f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-35cca"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
app-c1f92cf5a287d2511da9.js
www.fcfcu.com/
502 KB
67 KB
Script
General
Full URL
https://www.fcfcu.com/app-c1f92cf5a287d2511da9.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
30a93163b157e1ced41b4a3aaf67150da7b5ecc8a3f13a2bd8255e9c163e604a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-7d63a"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
commons-d2ae2c4263222d3da4bc.js
www.fcfcu.com/
2 MB
605 KB
Script
General
Full URL
https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5a799d3987c520e33754099c5d663d8d089e7f434e69354b35e9eafe29963d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-1ed9c0"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/
161 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NT9T682
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f22613d6c78c484b8832fc6a988b2c278ad0a268bb94680207f11e1e4d50d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61259
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Nov 2022 07:02:42 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 15 Nov 2022 05:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5873
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 15 Nov 2022 07:24:49 GMT
gtm.js
www.googletagmanager.com/
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WH86XH7
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f78180284f44e7595cd1b337923d28f44dc3feb77bd4b0a0cc8344270f1d346a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41934
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Nov 2022 07:02:42 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0688617859a58bb3c37b54371b910e0007228802df93fc3de3729bb045ec232

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
5 B
243 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Server
2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
76a61f75d8e8bb35-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1027173&ns=4040&nc=FinancialCenter_RT&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin
*
date
Tue, 15 Nov 2022 07:02:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76a61f734c07bb35-FRA
content-type
text/html; charset=iso-8859-1
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH86XH7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 15 Nov 2022 03:31:54 GMT
Content-Encoding
gzip
Via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
21316
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
AbegsBejjx8o11icxNIot6-kqTAaASu4XhL5GGNQsx2lUqf2Hv0pfw==
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2D8C
0
0
Document
General
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.fcfcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 15 Nov 2022 07:02:42 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1
a
www.googletagmanager.com/
0
59 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&dl=www.fcfcu.com%2Fballstate&tdp=GTM-WH86XH7;30268454;0;0;0&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/
0
128 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&dl=www.fcfcu.com%2Fballstate&tdp=GTM-WH86XH7;30268454;0;0;0&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:42 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
49 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activity;xsp=4634367;ord='+%20a%20+'
pubads.g.doubleclick.net/
42 B
635 B
Image
General
Full URL
https://pubads.g.doubleclick.net/activity;xsp=4634367;ord='+%20a%20+'?gtmcb=1147474590
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7d32a45aef378e16
clickserv.sitescout.com/conv/
43 B
267 B
Image
General
Full URL
https://clickserv.sitescout.com/conv/7d32a45aef378e16
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.179 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:42 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36426c8f6a13ed9c4e0298dd97d11a4e198585399ee30d5722b8396ce32fd23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
808ca9d6913d66e4f841ac0cacd6b7e44e15da76413cbfdb80eaa505050f7e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d13bd58c5ea5453cb83d25212386940ab276a61bd6ff0abbba00501c7a18999

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
BecomeMemberIcon.svg
images.ctfassets.net/ko5ptq943svb/1vWxQzvNFewzn1oHffxrx1/eb53c8e7114a9f8f8d53e38a6ce26c08/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/1vWxQzvNFewzn1oHffxrx1/eb53c8e7114a9f8f8d53e38a6ce26c08/BecomeMemberIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
e51c14a0aa93874184b7ad5f22ef231fdb600a6d27d08824f7a442210a0ffabe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 14:50:29 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 15:58:06 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
58334
etag
W/"2665ae41d812dd5462ced0046b7777c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
2d2JX95AlBjqYijfva4G7KBoKR_E6PbgoXXn5mnywraqz2npvx9vFg==
ApplyForLoanIcon.svg
images.ctfassets.net/ko5ptq943svb/2UG5cucbcSSwdZJw8RTL5Z/b954d535edf117cfd5d4ec112c24b7f0/
7 KB
3 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/2UG5cucbcSSwdZJw8RTL5Z/b954d535edf117cfd5d4ec112c24b7f0/ApplyForLoanIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
d4153e2eb2c79a72b237d6538078f18ef7e77e733613c9147d76ce9942f0a0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 15:56:19 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
10667
etag
W/"6aa330703041d0817a393c15e7eb7e48"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
LH-UB0rp1w1hgU_aYFzLkpP4IicBSQXevzyffaxQo6ovEyHg42_1YQ==
GraySOLIDSwirlIcon.svg
images.ctfassets.net/ko5ptq943svb/1NJBrimtZpOC2dijstWTk5/002832af3cfbd8b40826416970f87625/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/1NJBrimtZpOC2dijstWTk5/002832af3cfbd8b40826416970f87625/GraySOLIDSwirlIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
86b7f1d56aae3a609d0620edc125cf51e1a2d562e965768db79895a294f31a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jan 2021 15:32:38 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
50371
etag
W/"a965b8e59195ced071141bad876b7a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
hzIwfa2ij1PouG96SXi0d11_kMd-od-SsBj7OZR2ngXhxaWfZHCJEQ==
StayInformedIcon.svg
images.ctfassets.net/ko5ptq943svb/1EBwxL9mkB7On1b7GMvdEj/0de5ccb4d883b4d2d7cd6698a7f4556f/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/1EBwxL9mkB7On1b7GMvdEj/0de5ccb4d883b4d2d7cd6698a7f4556f/StayInformedIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
05df87639e81abd46c38e131d0c518eaacf5a8c6a596324a908e9c7ba5384138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 08:14:13 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 20:06:27 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
82110
etag
W/"6eab4adcdfb91b768aebfed6e0ca34e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
U3agNGRe5X1fwi1trhr_Ch0LDiuaGmJgMyJOIiwsKkSjcTvJGJ3PkA==
PodcastIcon.svg
images.ctfassets.net/ko5ptq943svb/4eL4JqjvgVDVGd9sfn7oJz/0203e0da2f74c23e4b2cf700120b2431/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/4eL4JqjvgVDVGd9sfn7oJz/0203e0da2f74c23e4b2cf700120b2431/PodcastIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2887b6341fbdd2f7eb94d7d3a99d7a8167d84ef4ec772a083a05a4126ca04c32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 15:34:23 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
10667
etag
W/"74a9865bd5f9a4001f1345d869688f3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
td-k8EngnjWiQE69xley5V5j1cTfVefas6sJUAP1-IfEKbVZSzF1VA==
RetirementIcon.svg
images.ctfassets.net/ko5ptq943svb/5o2g21CVSvK50BQHk4VvOh/93604fd9f2fe26d2bd12bc5db9b74bb6/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/5o2g21CVSvK50BQHk4VvOh/93604fd9f2fe26d2bd12bc5db9b74bb6/RetirementIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
ed10aa4ebc4156c7fd0e6674d299cc4393b5c439d27c3f0e733ee95ec4a0cef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 20:02:39 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
10667
etag
W/"94efe57faf77f41ce97cdc497b00a6cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
reDJozV1Sbdz2yav5YUsFQs_JxCrPlx6P1KC9h8MaH_J1elNRGbnYw==
InTheNewsIcon.svg
images.ctfassets.net/ko5ptq943svb/7eT12XfDZZNLZxNLAk7E5O/5abad3d6f7b4e60185ef126d3fa912a8/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/7eT12XfDZZNLZxNLAk7E5O/5abad3d6f7b4e60185ef126d3fa912a8/InTheNewsIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b77708c681de141cb812bdbe937fb2fbb2b96d7190897d616d9e01cc09231a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 20:00:33 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
50371
etag
W/"dca5808af04409205ae782e23913cf07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
uEnS3oWOp2eTX1pNpQEJZyxeZpGx8_b7iDEcljTpcCAg2d-vE8_JxA==
SecurityTipsIcon.svg
images.ctfassets.net/ko5ptq943svb/6QxbueZgIVzMKoIeABnBBn/7254cb31de45418031964eca270d3682/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/6QxbueZgIVzMKoIeABnBBn/7254cb31de45418031964eca270d3682/SecurityTipsIcon.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0be2bd30a9e468d38ee1fe3ecfb2f38a697c518f5db5336fa36cd969bc11a151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2020 20:05:16 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
10667
etag
W/"62f28df2b1cae69e3fb670d252503139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
MyCW9oXBMVH7TCn1r2IydojoD9-_PVh4zrWBO-L3DBJCi0GTbtN1WQ==
truncated
/
932 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a89592c0938d8b95aad72af0f91af2ee19b9c549482a9dff5f18d62b9fcc5529

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
885 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be99b664faef1b9589ca099a1d683adb86b0b3ab3922aad944eb8fd59bd4927

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
927 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7d5819eb995289c6dd1339222892444b893c1f9453e7c0e61c6bf5c543b704a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
/
insight.adsrvr.org/track/evnt/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/evnt/?adv=8mbbe28&ct=0:e2q97pn&fmt=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 15 Nov 2022 07:02:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bob_002.gif
bob.dmpxs.com/
42 B
369 B
Image
General
Full URL
https://bob.dmpxs.com/bob_002.gif?bob_bk=1&phnxid=140647&sub1=
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9e00:15:4f24:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:25:46 GMT
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
last-modified
Mon, 03 Feb 2020 23:36:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
27417
etag
"d89746888da2d9510b64a9f031eaecd5"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
42
x-amz-cf-id
JU7O07Gv90fSrMhJjpwex_TDJeR8MEenCJblnoVjDvqymBU2TyGbWQ==
widget-loader.js
fcfcu-widget.interface.ai/
139 KB
140 KB
Script
General
Full URL
https://fcfcu-widget.interface.ai/widget-loader.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff74952acc1f144cbb168ea7436839b8199a5e021f93d50293719a7ba92e7364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:13:46 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 04:58:20 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
2937
etag
"b20be35b783a29a5a126173b8c82209f"
x-cache
Hit from cloudfront
content-type
application/json;charset=utf-8
accept-ranges
bytes
content-length
142586
x-amz-cf-id
v5gdarF6KAV0r83eWw6DEzWxDAMR9iP6yh4FQlK4zUmI9EEXa3hxqQ==
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&tr=1img.1lcl.1html.1html.1html.5html.5lcl&ti=1img.1lcl.1html.1html.1html.1html.1lcl&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:42 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
loading_dots.gif
assets.interface.ai/widget/
4 KB
4 KB
Image
General
Full URL
https://assets.interface.ai/widget/loading_dots.gif
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca5fd78f20572527f4cddaa8a2da165a344450475daeebe506fb0a2f24fd6c9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Uh4YPQZ8xyQjWhDx6BR7rhGr06AA5nWO
date
Wed, 09 Nov 2022 00:54:11 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 11:57:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
540512
etag
"71d2aae75d9ba41ad4ee81bfb14d5aca"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
content-length
4107
x-amz-cf-id
NCy5g9VUWahMKP2DP2AhvlfA5WZd3fGQbP7ffOUD5SGujGpE0ptFlg==
bot.png
assets.interface.ai/images/FCFCU/
7 KB
7 KB
Image
General
Full URL
https://assets.interface.ai/images/FCFCU/bot.png
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f60089c353029c87d93a395a72e6b792e8a4f05e405b9a8355bede1dc23b3af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
eis0bqcaMmyZ7WUg3JxsdweqbMmdDmPA
date
Mon, 14 Nov 2022 13:05:27 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 12 Aug 2022 07:53:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
64636
etag
"517faf7a4857e4b9e66e43bb937a1447"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7216
x-amz-cf-id
QVUZPTZun-0OAHu-mbNrWjEy56V76SVMV6sNLUcS4Bfw44LPtBKLyw==
index.html
fcfcu-widget.interface.ai/widget/ Frame 95E4
3 KB
3 KB
Document
General
Full URL
https://fcfcu-widget.interface.ai/widget/index.html
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b882fada3d97e9eb0734b2493aab35d084ea0ac6ae898dfc71b7085e0541ece0

Request headers

Referer
https://www.fcfcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2936
content-length
2759
content-type
text/html
date
Tue, 15 Nov 2022 07:01:33 GMT
etag
"606a26be3a729c66d487ce5c6057c9ef"
last-modified
Mon, 03 Oct 2022 04:58:41 GMT
server
AmazonS3
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-amz-cf-id
qGXYFMeYH0fCMjCOI0_MXH6leuHbFxUtj_qRPBAgYrOi6ZkV191N0A==
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
launcher-icon-bg_evnhyf.svg
assets.interface.ai/images/
2 KB
2 KB
Image
General
Full URL
https://assets.interface.ai/images/launcher-icon-bg_evnhyf.svg
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53ff7317219b58ccf50cf5e9f6a1ac43790ed0538d39c10295b2f8f217afaac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
h7hZ3uYsJw3rZFcZ15h3_LnKbaTfeFBM
date
Mon, 14 Nov 2022 23:15:53 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 11:57:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
29671
etag
"a32b25c7c796ee2717bfc2dc518558b4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
content-length
1743
x-amz-cf-id
rhJ6brxbrbb1Jxc5JU6rOQ3ae5V8B-bJTbM4_K7tcbB3RSyEqivCbA==
2.933512a3.chunk.css
fcfcu-widget.interface.ai/widget/static/css/ Frame 95E4
5 KB
5 KB
Stylesheet
General
Full URL
https://fcfcu-widget.interface.ai/widget/static/css/2.933512a3.chunk.css
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2819d1e722f77c6ae14d5be12750c21149f60523b7f5cd350c3950e25d910231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fcfcu-widget.interface.ai/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:01:33 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 04:58:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
2935
etag
"4329eb710328591ad4199a34398346d3"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4820
x-amz-cf-id
gQcVbrw-zqq5Y_EO_escjXXWuGAys22TRtMS4j0_yLw35Mn8icoeug==
main.a098fac5.chunk.css
fcfcu-widget.interface.ai/widget/static/css/ Frame 95E4
21 KB
21 KB
Stylesheet
General
Full URL
https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a9c015e373c9047722f22fe8ca540ecc0bfe7fa67a76677760a2f64c24f07bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fcfcu-widget.interface.ai/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:01:33 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 04:58:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
2934
etag
"e91b4253d7dd5ac7a0b0d89eb9b9875a"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
21524
x-amz-cf-id
h-QMuxCkqgiK3J9zoSic0iSHbAB48chqHmKigR7bzudH39yENniKoQ==
2.a690e02f.chunk.js
fcfcu-widget.interface.ai/widget/static/js/ Frame 95E4
577 KB
578 KB
Script
General
Full URL
https://fcfcu-widget.interface.ai/widget/static/js/2.a690e02f.chunk.js
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb44c281e82bc24e36d2deac4a6b10f316e5863b6c88c752c857df67f00f150e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fcfcu-widget.interface.ai/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:01:33 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 04:58:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
2935
etag
"f4e74741141246a5c092568226c9af6b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
590788
x-amz-cf-id
lT1WC8Wl6l3mJXFPTGnGTyQIrjU8BPqNlPuZufHGCx6rTGsjdMlQ7A==
main.4c6c48e2.chunk.js
fcfcu-widget.interface.ai/widget/static/js/ Frame 95E4
131 KB
131 KB
Script
General
Full URL
https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ce0b03e48fc59955981ac255deae1fcd188687c48d1c81140758cc009eed91c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fcfcu-widget.interface.ai/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:01:33 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 04:58:40 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
3538
etag
"5f30e0fd0e52e014e999f9a99471eb9c"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
133941
x-amz-cf-id
riIBM_CRTTT3sdveoVfSTvww37lwjWdF_XdZsgwDrbl5TZ_AqNDY_A==
css
fonts.googleapis.com/ Frame 95E4
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700,800
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d262cd70baf682ed76d7a583c7cb2eb5c426d3433c660b0d4ac9c815bd5952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fcfcu-widget.interface.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Nov 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 06:25:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Nov 2022 07:02:42 GMT
banner.png
assets.interface.ai/images/FCFCU/
12 KB
12 KB
Image
General
Full URL
https://assets.interface.ai/images/FCFCU/banner.png
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f5fafbd337ba6b44aa96573cfcc1d683e731c330f772a7a9491f56673597f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
JIP9Awc1V9nt4MzWFud5xZynNVLlv94.
date
Tue, 15 Nov 2022 07:02:42 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 12 Aug 2022 07:54:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10663
etag
"d198f84058e1603ae1e542fe3de3beea"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12371
x-amz-cf-id
1gBYb-cAhZxll0s1-LItB-JwwL_z00VV86Ua_-R6mJszDVq6zrfLUw==
thumbs-up.png
assets.interface.ai/widget/
9 KB
9 KB
Image
General
Full URL
https://assets.interface.ai/widget/thumbs-up.png
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95a8827147009dbb66c6273a554580d0251f67bef2fd6dbb0aea14bcb8235f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Qs3UeYpIlFjCeHdRlOo9qTe6LpL8dwSk
date
Sat, 12 Nov 2022 07:42:01 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 11:57:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
256841
etag
"e84dacf91f48267d51d3e8a5f553be19"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
content-length
8804
x-amz-cf-id
ev-MonnAEK1RLUtlkcwEE5C8XKzItdROTtE6ZbS5PA7We_NSI987Bw==
thumbs-down.png
assets.interface.ai/widget/
9 KB
9 KB
Image
General
Full URL
https://assets.interface.ai/widget/thumbs-down.png
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d6dc445434df5642294b345c9439550818c7646eef2409a6fa4af23069a5292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
6tt_5VlMGx3.kXLTtWxGnF2kNrUvq3wf
date
Tue, 15 Nov 2022 05:03:59 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 11:57:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
15530
etag
"a379af8d6d9bd73938b667b0b9b6a974"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
content-length
8846
x-amz-cf-id
7uswtAkou_ivLqPe7zkvCFX-Avn68nOSWiuy1VH8q4lXXdwAdORBlQ==
/
api.ipify.org/ Frame 95E4
24 B
266 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
56974c39ea04e99f53ba5e2448cee4df1dd0b67063a3b92b2e98be59d9e49ce6

Request headers

Referer
https://fcfcu-widget.interface.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Nov 2022 07:02:43 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://fcfcu-widget.interface.ai
Connection
keep-alive
Content-Length
24
login
fcfcu-connect.interface.ai/ Frame 95E4
192 B
532 B
XHR
General
Full URL
https://fcfcu-connect.interface.ai/login
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/js/main.4c6c48e2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.123.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-123-202.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4343798bc8d9247a5a2c809633e46ded640ce4d29fe867cda7d9088830d401a5

Request headers

Referer
https://fcfcu-widget.interface.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
istio-envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fcfcu-widget.interface.ai
access-control-expose-headers
Set-Cookie
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
192
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 95E4
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fcfcu-widget.interface.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 22:04:56 GMT
x-content-type-options
nosniff
age
377866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 22:04:56 GMT
interfaceicons.woff
assets.interface.ai/fonts/ Frame 95E4
3 KB
3 KB
Font
General
Full URL
https://assets.interface.ai/fonts/interfaceicons.woff
Requested by
Host: fcfcu-widget.interface.ai
URL: https://fcfcu-widget.interface.ai/widget/static/css/main.a098fac5.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e1f6a1e76cd6bec380a11af4c8f2fa59ae1ffc0e8f8a68e2d5025255dc0c4e0

Request headers

Referer
https://fcfcu-widget.interface.ai/
Origin
https://fcfcu-widget.interface.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 05:01:51 GMT
x-amz-version-id
jvJ9bJd.swPmbDu3lOIx4gzQf5tqBnAX
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
352852
x-cache
Hit from cloudfront
content-length
2588
last-modified
Thu, 10 Dec 2020 00:36:45 GMT
server
AmazonS3
etag
"392a2f961b5725809920abb7617792e1"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
x-amz-cf-id
f-oJHkH8ogXunErYibJBPjfRrF9UlYkbtpu7X3W6TApDkpnTu_zasQ==
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1430031130&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&dp=%2Fballstate&ul=en-us&de=UTF-8&dt=Home%20-%20Financial%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1229748620&gjid=1215642330&cid=1455094634.1668495762&tid=UA-21760027-1&_gid=245138634.1668495762&_r=1&_slc=1&z=1817792720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fcfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fcfcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
path---ballstate-954fbe37a56bdd7d177c.js
www.fcfcu.com/
152 KB
24 KB
Script
General
Full URL
https://www.fcfcu.com/path---ballstate-954fbe37a56bdd7d177c.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
3d6fd42a9a8903cb1f7085f298d1c504f6d9fbe6cf672570e621103dd2bd2ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-25f25"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&tr=5img.5html.5html&ti=1img.1html.1html&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
collect
stats.g.doubleclick.net/j/
4 B
441 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21760027-1&cid=1455094634.1668495762&jid=1229748620&gjid=1215642330&_gid=245138634.1668495762&_u=aEBAAEAAAAAAACAAI~&z=400852526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fcfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 15 Nov 2022 07:02:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fcfcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21760027-1&cid=1455094634.1668495762&jid=1229748620&_u=aEBAAEAAAAAAACAAI~&z=1156139830
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21760027-1&cid=1455094634.1668495762&jid=1229748620&_u=aEBAAEAAAAAAACAAI~&z=1156139830
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
orf4sjh.js
use.typekit.net/
19 KB
7 KB
Script
General
Full URL
https://use.typekit.net/orf4sjh.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
09d539ec06ff85e519077bdd9f8286ac097d353cf2f7420fd60411d0bae8da65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6905
css
fonts.googleapis.com/
8 KB
744 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/component---src-layouts-index-js-d3e0241575038feeb9bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Nov 2022 07:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 06:33:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Nov 2022 07:02:43 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43c7db19c257617111725dd2c449441796009aa687c9b258c27f5d82416c9e48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2939
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0
Document
General
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.fcfcu.com/ballstate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 15 Nov 2022 07:02:43 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
fcfcu-logo-a6ae74f0f6b71f305f8cc90b1090e850-cff4b.webp
www.fcfcu.com/static/
7 KB
7 KB
Image
General
Full URL
https://www.fcfcu.com/static/fcfcu-logo-a6ae74f0f6b71f305f8cc90b1090e850-cff4b.webp
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
7de5181efa24b35e03c3a21bd19a340f2913bfc64117e4358e8f6b3b7c23dc3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:32:10 GMT
server
nginx
etag
"6373245a-1c96"
x-farmhand
api-srv1
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
7318
x-xss-protection
1; mode=block
BSF_BrighterFuture_0820.jpg
images.ctfassets.net/ko5ptq943svb/3XDhBOHeKOhGCLvmwYHDjD/de42d8578d64fe65cb967dcc4ecadde3/
121 KB
122 KB
Image
General
Full URL
https://images.ctfassets.net/ko5ptq943svb/3XDhBOHeKOhGCLvmwYHDjD/de42d8578d64fe65cb967dcc4ecadde3/BSF_BrighterFuture_0820.jpg?w=2000&h=1000&q=80&fm=webp
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
d0a178e1827c5949d3647226288de836fb729816a8303cf55a16cb57965569c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 15:48:16 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 08:59:47 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P4
age
54867
etag
"f976268f829fabd871abf147d6f17f05"
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
123870
x-amz-cf-id
u3JkXWnJKfevvu_zlkr4vm3qEXKOnTSzeQFiQHiXLaTlXpRkt6DugQ==
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 07:43:20 GMT
x-content-type-options
nosniff
age
83963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 07:43:20 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 20:40:44 GMT
x-content-type-options
nosniff
age
296519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 20:40:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
386428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
414183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 11:59:40 GMT
l
use.typekit.net/af/442215/000000000000000000010b5a/27/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"9523c64514161c03124fab238b18113d17bad9eb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23800
l
use.typekit.net/af/3df5fe/000000000000000000010b5b/27/
25 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/3df5fe/000000000000000000010b5b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"639e52eb61e2e74a6b9e567eea4595b8cedfd8df"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25160
l
use.typekit.net/af/1709eb/000000000000000000010b60/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"9bd0488a91630a3c738a4d950e0b0b7930bcb98f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24740
l
use.typekit.net/af/65fc7d/000000000000000000010b61/27/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/65fc7d/000000000000000000010b61/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"08910aa8e42a32045f6a1944e9821c03acb37f44"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26660
l
use.typekit.net/af/ba2099/000000000000000000010b58/27/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/ba2099/000000000000000000010b58/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
294ae0fff50521a07608e00efcf5ddd6d518b3d8a5bf8feacc46fd827d49ded1

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"02f2a31f97bd41f4cd19e9b17104d622e87bbdf5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23360
l
use.typekit.net/af/1ece10/000000000000000000010b59/27/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/1ece10/000000000000000000010b59/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
30bdc57e6ab23a0571f989fad6f4be3aadf1c774e81ac0633b50d726028d6aec

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"d08dedb0d79df51ca1b20b96bd1b830a76d6f7e4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23764
l
use.typekit.net/af/8dd886/000000000000000000010b5c/27/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/8dd886/000000000000000000010b5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"02ac0f44fc2605ad66d853df88904127aa3b3e9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23180
l
use.typekit.net/af/441f33/000000000000000000010b5d/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/441f33/000000000000000000010b5d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1d9365bce1517ad551714c48bf91e35c7e46c9bfa8f99b6602908b49da91eb7b

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"c279e65fbd61688650c397769c289211ded91d9f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24656
l
use.typekit.net/af/cef9f3/000000000000000000010b5e/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/cef9f3/000000000000000000010b5e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"2cf082c83c603f9c00006fb11a3498c4cf214475"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24232
l
use.typekit.net/af/2a72d2/000000000000000000010b5f/27/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/2a72d2/000000000000000000010b5f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aa62b8b21767c2925740b17092c3584a7a29cad72443650d2a96c54ad1819ef5

Request headers

Referer
https://www.fcfcu.com/
Origin
https://www.fcfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
nginx
etag
"ce2f74527cde9d77ddc7a1f5995e3509410cbee4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26604
path---financial-education-education-video-library-ccd97fcdf74ddfb04e78.js
www.fcfcu.com/
150 KB
22 KB
Script
General
Full URL
https://www.fcfcu.com/path---financial-education-education-video-library-ccd97fcdf74ddfb04e78.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
15c8c161ab060c04c13aa435e2b58f7026894913a0ba1e5169179a4c3ac27f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-2599b"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
p.gif
p.typekit.net/
35 B
214 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=orf4sjh&ht=tk&h=www.fcfcu.com&f=10954.13453.13454.13455.13456.13457.13458.13459.13460.13461&a=8857365&js=1.21.0&app=typekit&e=js&_=1668495763521
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
path---live-chat-f900f5c56658c2804d21.js
www.fcfcu.com/
144 KB
20 KB
Script
General
Full URL
https://www.fcfcu.com/path---live-chat-f900f5c56658c2804d21.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
428c1871951865d9b8e2e9722b2c88d029f5291c4ff6cd62108cdede13cf4e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-23f51"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=*&eid=4&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&z=0
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/ballstate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
path---webinar-calendar-cd883cd764685e587d05.js
www.fcfcu.com/
148 KB
22 KB
Script
General
Full URL
https://www.fcfcu.com/path---webinar-calendar-cd883cd764685e587d05.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9e18797d9bd8d656973d1370aa21c11d0b39c8c26e36a323238105b8a2d9aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-250c2"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
path---app-1f1bf38a726bcc5453f3.js
www.fcfcu.com/
160 KB
25 KB
Script
General
Full URL
https://www.fcfcu.com/path---app-1f1bf38a726bcc5453f3.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
c082a16833cd72a975765154a2974289b62b5746dbb785ebf5270d74578aa80d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-27fb2"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
component---src-banking-index-js-51c031d933c00055c78d.js
www.fcfcu.com/
260 KB
61 KB
Script
General
Full URL
https://www.fcfcu.com/component---src-banking-index-js-51c031d933c00055c78d.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
9312184d8cae6f063bdfd839798082f23c27b291b25c255213c482c4158ce548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-40e78"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
path---articles-gift-from-ball-state-financial-will-boost-universitys-financial-literacy-184fcf94f5185d6f633e.js
www.fcfcu.com/
145 KB
20 KB
Script
General
Full URL
https://www.fcfcu.com/path---articles-gift-from-ball-state-financial-will-boost-universitys-financial-literacy-184fcf94f5185d6f633e.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
90cdd4f98ec25ed1563fff90a45dfdd3310b9fa7f5b25b9bdae1926d502f419c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-24378"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
component---src-templates-article-js-851fc9a926958a8ed893.js
www.fcfcu.com/
2 KB
1 KB
Script
General
Full URL
https://www.fcfcu.com/component---src-templates-article-js-851fc9a926958a8ed893.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
e0c139364ed834ef7ba3bde8b7a9dfc5769804b3e1b1439873feddd4698856ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-896"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
path---carpedime-8451916a3f0941fae432.js
www.fcfcu.com/
156 KB
23 KB
Script
General
Full URL
https://www.fcfcu.com/path---carpedime-8451916a3f0941fae432.js
Requested by
Host: www.fcfcu.com
URL: https://www.fcfcu.com/commons-d2ae2c4263222d3da4bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.145.156.20 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
nginx /
Resource Hash
1d50d928d98dc0281b51f6f3024f9eb3fc53c9781d7ff8759bc595090769c536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/ballstate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 05:39:00 GMT
server
nginx
content-encoding
gzip
etag
W/"637325f4-2717d"
x-farmhand
api-srv1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
up
insight.adsrvr.org/track/ Frame E0CC
0
181 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=cq327qt&ref=https%3A%2F%2Fwww.fcfcu.com%2Fballstate&upid=5ren5rh&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fcfcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Tue, 15 Nov 2022 07:02:44 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WH86XH7&cv=9&v=3&t=t&pid=191473181&rv=b90&es=1&e=gtm.load&eid=5&u=AAAAAAAAAAAAAAAAAAAB&h=BA&tc=7&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fcfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:02:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| __EMOTION_CRITICAL_CSS_IDS__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager string| ssaUrl function| postscribe object| google_tag_manager_external object| webpackManifest object| InterfaceWidget object| PayjoWidget function| ttd_dom_ready function| TTDUniversalPixelApi function| webpackJsonp object| __SECRET_EMOTION__ object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| core object| ___history object| ___emitter object| asyncRequires object| ___loader function| matchPath object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| ___navigateTo object| Typekit

4 Cookies

Domain/Path Name / Value
.fcfcu.com/ Name: _ga
Value: GA1.2.1455094634.1668495762
.fcfcu.com/ Name: _gid
Value: GA1.2.245138634.1668495762
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fcfcu.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.dstillery.com
action.media6degrees.com
api.ipify.org
assets.interface.ai
bob.dmpxs.com
clickserv.sitescout.com
fcfcu-connect.interface.ai
fcfcu-widget.interface.ai
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
insight.adsrvr.org
js.adsrvr.org
p.typekit.net
pixel-a.basis.net
pixel.sitescout.com
pubads.g.doubleclick.net
stats.g.doubleclick.net
use.typekit.net
www.bsfcu.com
www.fcfcu.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.157.1.118
13.226.153.103
15.197.193.217
2600:9000:225e:8c00:12:94b3:c380:93a1
2600:9000:2315:9e00:15:4f24:a700:93a1
2606:4700:3031::6815:2046
2606:4700::6812:16ea
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:14a0
52.20.78.240
52.88.123.202
63.145.156.20
65.9.66.50
66.155.71.150
66.155.71.179
05df87639e81abd46c38e131d0c518eaacf5a8c6a596324a908e9c7ba5384138
09d539ec06ff85e519077bdd9f8286ac097d353cf2f7420fd60411d0bae8da65
0a9c015e373c9047722f22fe8ca540ecc0bfe7fa67a76677760a2f64c24f07bd
0be2bd30a9e468d38ee1fe3ecfb2f38a697c518f5db5336fa36cd969bc11a151
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
15c8c161ab060c04c13aa435e2b58f7026894913a0ba1e5169179a4c3ac27f53
1d50d928d98dc0281b51f6f3024f9eb3fc53c9781d7ff8759bc595090769c536
1d9365bce1517ad551714c48bf91e35c7e46c9bfa8f99b6602908b49da91eb7b
2819d1e722f77c6ae14d5be12750c21149f60523b7f5cd350c3950e25d910231
2887b6341fbdd2f7eb94d7d3a99d7a8167d84ef4ec772a083a05a4126ca04c32
294ae0fff50521a07608e00efcf5ddd6d518b3d8a5bf8feacc46fd827d49ded1
2be99b664faef1b9589ca099a1d683adb86b0b3ab3922aad944eb8fd59bd4927
2fb259fbbbcd67dc02df4738c5cac93f4bc10f87a2913181094fcba6bd92785f
30a93163b157e1ced41b4a3aaf67150da7b5ecc8a3f13a2bd8255e9c163e604a
30bdc57e6ab23a0571f989fad6f4be3aadf1c774e81ac0633b50d726028d6aec
36426c8f6a13ed9c4e0298dd97d11a4e198585399ee30d5722b8396ce32fd23d
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804
3d6fd42a9a8903cb1f7085f298d1c504f6d9fbe6cf672570e621103dd2bd2ae5
428c1871951865d9b8e2e9722b2c88d029f5291c4ff6cd62108cdede13cf4e95
4343798bc8d9247a5a2c809633e46ded640ce4d29fe867cda7d9088830d401a5
43c7db19c257617111725dd2c449441796009aa687c9b258c27f5d82416c9e48
47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177
4d13bd58c5ea5453cb83d25212386940ab276a61bd6ff0abbba00501c7a18999
53ff7317219b58ccf50cf5e9f6a1ac43790ed0538d39c10295b2f8f217afaac8
56974c39ea04e99f53ba5e2448cee4df1dd0b67063a3b92b2e98be59d9e49ce6
5f22613d6c78c484b8832fc6a988b2c278ad0a268bb94680207f11e1e4d50d5a
6f60089c353029c87d93a395a72e6b792e8a4f05e405b9a8355bede1dc23b3af
71f5fafbd337ba6b44aa96573cfcc1d683e731c330f772a7a9491f56673597f3
7b5a799d3987c520e33754099c5d663d8d089e7f434e69354b35e9eafe29963d
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d6dc445434df5642294b345c9439550818c7646eef2409a6fa4af23069a5292
7de5181efa24b35e03c3a21bd19a340f2913bfc64117e4358e8f6b3b7c23dc3e
808ca9d6913d66e4f841ac0cacd6b7e44e15da76413cbfdb80eaa505050f7e5c
81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b7f1d56aae3a609d0620edc125cf51e1a2d562e965768db79895a294f31a85
8ce0b03e48fc59955981ac255deae1fcd188687c48d1c81140758cc009eed91c
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1f6a1e76cd6bec380a11af4c8f2fa59ae1ffc0e8f8a68e2d5025255dc0c4e0
90cdd4f98ec25ed1563fff90a45dfdd3310b9fa7f5b25b9bdae1926d502f419c
9312184d8cae6f063bdfd839798082f23c27b291b25c255213c482c4158ce548
95a8827147009dbb66c6273a554580d0251f67bef2fd6dbb0aea14bcb8235f85
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9f62c8b792c5d565f26344bdf7d115450d223cc9f511e9add7c0a37095d78878
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0688617859a58bb3c37b54371b910e0007228802df93fc3de3729bb045ec232
a89592c0938d8b95aad72af0f91af2ee19b9c549482a9dff5f18d62b9fcc5529
aa62b8b21767c2925740b17092c3584a7a29cad72443650d2a96c54ad1819ef5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b77708c681de141cb812bdbe937fb2fbb2b96d7190897d616d9e01cc09231a61
b882fada3d97e9eb0734b2493aab35d084ea0ac6ae898dfc71b7085e0541ece0
b965549f386ba1e9715081eb28b4ad395bfe8d9c779fa5029b28c51cb38b751f
c082a16833cd72a975765154a2974289b62b5746dbb785ebf5270d74578aa80d
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d
c7d5819eb995289c6dd1339222892444b893c1f9453e7c0e61c6bf5c543b704a
ca5fd78f20572527f4cddaa8a2da165a344450475daeebe506fb0a2f24fd6c9e
d0a178e1827c5949d3647226288de836fb729816a8303cf55a16cb57965569c5
d1f386fe3484dbae5c08c33356ffc8b68be5e84d6501e2c5a6e618c1b271b723
d4153e2eb2c79a72b237d6538078f18ef7e77e733613c9147d76ce9942f0a0f3
e0c139364ed834ef7ba3bde8b7a9dfc5769804b3e1b1439873feddd4698856ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c14a0aa93874184b7ad5f22ef231fdb600a6d27d08824f7a442210a0ffabe
e8d262cd70baf682ed76d7a583c7cb2eb5c426d3433c660b0d4ac9c815bd5952
ed10aa4ebc4156c7fd0e6674d299cc4393b5c439d27c3f0e733ee95ec4a0cef0
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f78180284f44e7595cd1b337923d28f44dc3feb77bd4b0a0cc8344270f1d346a
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447
fb44c281e82bc24e36d2deac4a6b10f316e5863b6c88c752c857df67f00f150e
ff74952acc1f144cbb168ea7436839b8199a5e021f93d50293719a7ba92e7364
ff9e18797d9bd8d656973d1370aa21c11d0b39c8c26e36a323238105b8a2d9aa