bfsfcu.org Open in urlscan Pro
2606:4700::6812:5d6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bfsfcu.org/borrow/mortgage-refinance.html
Submission: On October 12 via manual (October 12th 2023, 8:19:27 pm UTC) from US — Scanned from DE

Summary HTTP 148 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 36 domains to perform 148 HTTP transactions. The main IP is 2606:4700::6812:5d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is bfsfcu.org. The Cisco Umbrella rank of the primary domain is 924540.
TLS certificate: Issued by GTS CA 1P5 on August 28th 2023. Valid for: 3 months.

This is the only time bfsfcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700::68... 2606:4700::6812:5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:206... 2600:9000:206f:a600:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9000:3:4b74:18c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:992	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2600:9000:223... 2600:9000:223f:bc00:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	35.174.82.179 35.174.82.179	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40 52	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:8... 2600:1901:0:891c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:211... 2600:9000:211e:d000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 6	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4216:733d:a16f:95fc:a32a	14618 (AMAZON-AES) (AMAZON-AES)
2 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.154.110.236 54.154.110.236	16509 (AMAZON-02) (AMAZON-02)
2 2	3.73.45.43 3.73.45.43	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.118 13.32.121.118	16509 (AMAZON-02) (AMAZON-02)
4 6	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
8 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2	44.212.232.9 44.212.232.9	14618 (AMAZON-AES) (AMAZON-AES)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.35.30.113 63.35.30.113	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	52.7.4.58 52.7.4.58	14618 (AMAZON-AES) (AMAZON-AES)
148	37

44 2606:4700::6812:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)

bfsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:a600:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9000:3:4b74:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:992 (United States)

ASN13335 (CLOUDFLARENET, US)

js.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insights.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:bc00:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.174.82.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-82-179.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maprtb.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 35.204.74.118 (Groningen, Netherlands) 40 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:891c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:d000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:733d:a16f:95fc:a32a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.110.236 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-110-236.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.45.43 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-45-43.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-118.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:8eee:: (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.212.232.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-232-9.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.4.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-4-58.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	simpli.fi 40 redirects um.simpli.fi — Cisco Umbrella Rank: 952 tag.simpli.fi — Cisco Umbrella Rank: 4814 i.simpli.fi — Cisco Umbrella Rank: 4196	30 KB
44	bfsfcu.org bfsfcu.org — Cisco Umbrella Rank: 924540	932 KB
14	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 40970 connect.segmint.net — Cisco Umbrella Rank: 46870 maprtb.segmint.net — Cisco Umbrella Rank: 72443	142 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	166 KB
12	salemove.com api.salemove.com — Cisco Umbrella Rank: 19757 libs.salemove.com — Cisco Umbrella Rank: 19982 client-logger.salemove.com — Cisco Umbrella Rank: 14122	561 KB
10	doubleclick.net 10 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	3 KB
6	pro-market.net 4 redirects fei.pro-market.net — Cisco Umbrella Rank: 2678 pbid.pro-market.net — Cisco Umbrella Rank: 9064	2 KB
5	sitesearch360.com js.sitesearch360.com — Cisco Umbrella Rank: 61407 cdn.sitesearch360.com — Cisco Umbrella Rank: 39620 insights.sitesearch360.com — Cisco Umbrella Rank: 36672	116 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2048	3 KB
4	agkn.com 4 redirects aa.agkn.com — Cisco Umbrella Rank: 587 d.agkn.com — Cisco Umbrella Rank: 796	2 KB
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	2 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 649	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 547	379 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	478 B
2	google.de www.google.de — Cisco Umbrella Rank: 6147	563 B
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1015 B
2	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 153	835 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 445	140 B
2	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1199	622 B
2	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	531 B
2	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 669	886 B
2	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1969	842 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1105
2	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7104	349 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	279 B
2	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	755 B
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 893	473 B
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4430 cdn.acsbapp.com — Cisco Umbrella Rank: 4621	221 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	monsido.com cdn.monsido.com — Cisco Umbrella Rank: 21358 tracking.monsido.com — Cisco Umbrella Rank: 11162	3 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	315 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	250 B
1	gstatic.com fonts.gstatic.com	33 KB
1	glia.com api.glia.com — Cisco Umbrella Rank: 14941	9 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	95 KB
148	36

	Domain	Requested by
52	um.simpli.fi	40 redirects tag.simpli.fi
44	bfsfcu.org	bfsfcu.org
12	cdn.cookielaw.org	bfsfcu.org cdn.cookielaw.org
8	cm.g.doubleclick.net	8 redirects
6	connect.segmint.net	cdn.segmint.net
6	libs.salemove.com	api.salemove.com libs.salemove.com
6	cdn.segmint.net	bfsfcu.org cdn.segmint.net
5	api.salemove.com	bfsfcu.org api.salemove.com libs.salemove.com
4	ib.adnxs.com	2 redirects
4	loadm.exelator.com	2 redirects
4	fei.pro-market.net	4 redirects
4	pixel.tapad.com	2 redirects
4	sync.1rx.io	4 redirects
3	cdn.sitesearch360.com	js.sitesearch360.com cdn.sitesearch360.com
2	us-u.openx.net
2	pixel.rubiconproject.com
2	www.google.de
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	2 redirects
2	idsync.rlcdn.com
2	ce.lijit.com
2	bcp.crwdcntrl.net
2	stags.bluekai.com
2	sync.bfmio.com
2	pbid.pro-market.net
2	sync.intentiq.com
2	d.agkn.com	2 redirects
2	aa.agkn.com	2 redirects
2	simplifi.partners.tremorhub.com
2	eb2.3lift.com
2	sync.targeting.unrulymedia.com
2	s.ad.smaato.net
2	i.simpli.fi	tag.simpli.fi
2	tag.simpli.fi	connect.segmint.net
2	maprtb.segmint.net	connect.segmint.net
2	fonts.googleapis.com	bfsfcu.org
1	client-logger.salemove.com	libs.salemove.com
1	tracking.monsido.com
1	cdn.acsbapp.com	acsbapp.com
1	insights.sitesearch360.com	cdn.sitesearch360.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	acsbapp.com	bfsfcu.org
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	api.glia.com	bfsfcu.org
1	js.sitesearch360.com	bfsfcu.org
1	www.googletagmanager.com	bfsfcu.org
1	cdn.monsido.com	bfsfcu.org
148	49

This site contains links to these domains. Also see Links.

Domain
accessibe.com
cuportal.bfsfcu.org
apply.bfsfcu.org
cab-portal.bfsfcu.org
online.bfsfcu.org
itunes.apple.com
play.google.com
www.youtube.com
www.linkedin.com
www.onetrust.com

Subject Issuer	Validity	Valid
bfsfcu.org GTS CA 1P5	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.glia.com Amazon RSA 2048 M01	`2023-06-18` - `2024-07-15`	a year	crt.sh
*.segmint.net Amazon RSA 2048 M02	`2023-03-01` - `2023-12-30`	10 months	crt.sh
cdn.monsido.com Amazon RSA 2048 M02	`2023-10-11` - `2024-11-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
acsbapp.com GTS CA 1P5	`2023-08-30` - `2023-11-28`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
tracking.monsido.com GTS CA 1D4	`2023-09-27` - `2023-12-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bfsfcu.org/borrow/mortgage-refinance.html
Frame ID: 0062CE433B9452AA5E665687C63018CD
Requests: 87 HTTP requests in this frame

Frame: https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html
Frame ID: 6E92B1C4118F1C65951624F35A027181
Requests: 5 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Frame ID: 49670E5ADB95334AC94ACF54FE5071BE
Requests: 27 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Frame ID: 7890CE6C275F57E66934E066BADCCBE4
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mortgage Refinance | Bank-Fund Staff Federal Credit UnionBack ButtonFilter Button

Detected technologies

DreamWeaver (Editors) Expand

Overall confidence: 100%
Detected patterns

<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

148
Requests

73 %
HTTPS

48 %
IPv6

36
Domains

49
Subdomains

37
IPs

5
Countries

2345 kB
Transfer

6373 kB
Size

30
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://cuportal.bfsfcu.org/Onlinequeuing/
Title: Branch Waitlist

Search URL Search Domain Scan URL

URL: https://apply.bfsfcu.org/cu/ViewSubmittedLoans.aspx?enc=Kw21Wblm1yxpjJabdoZaD9WjLmLJ1GJ8AFIR1QMCde2HPWwAi9w9qyX-d_1YIx4i
Title: Check Application Status

Search URL Search Domain Scan URL

URL: https://cab-portal.bfsfcu.org/#/get-started
Title: Apply for a Mortgage

Search URL Search Domain Scan URL

URL: https://online.bfsfcu.org/RegistrationDisclosure.aspx
Title: Enroll Now

Search URL Search Domain Scan URL

URL: https://online.bfsfcu.org/ForgotPassword.aspx
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.bfsfcu.org/FAQs.aspx
Title: FAQ

Search URL Search Domain Scan URL

URL: https://online.bfsfcu.org/SupportedBrowsers.aspx
Title: Supported Browsers

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/bfsfcu-mobile/id1052377482

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bfsfcu.smartclient

Search URL Search Domain Scan URL

URL: https://cab-portal.bfsfcu.org/#/rate-selection
Title: Get My Rate Today

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BankFundStaffFCU
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bank-fund-staff-federal-credit-union/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=DC7E577BB3A143699EE6DC2EF3475DAE

Request Chain 88

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6662AF0823754CE18912C0BA1912DEEE

Request Chain 103

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 104

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477?zcc=1&cb=1697141962036 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1a3ace4c-843a-420a-9821-854322f21b25-003

Request Chain 105

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3

Request Chain 106

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 107

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 108

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://d.agkn.com/pixel/10751/?che=1697141962077&ip=80.255.10.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219353204667004743084 HTTP 302
https://um.simpli.fi/aa_px?sk=219353204667004743084 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 109

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 112

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQzODMxMDEwODA2MDk0MDQzMTA= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1

Request Chain 113

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1

Request Chain 115

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 116

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 117

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 118

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 119

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 120

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1697141961895&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylQoZZGUAaeh9u8Pveu9yAU&sscte=1&crd=&pscrd=IhMIkaGevqrxgQMVp5D9Bx29dQ9Z HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIkaGevqrxgQMVp5D9Bx29dQ9Z&is_vtc=1&ocp_id=ylQoZZGUAaeh9u8Pveu9yAU&cid=CAQSKQDICaaNC0iZwYftI24-aGA6ebkNySAFdC_0KX9TvjftbO9baFnozrKx&random=1013994602 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIkaGevqrxgQMVp5D9Bx29dQ9Z&is_vtc=1&ocp_id=ylQoZZGUAaeh9u8Pveu9yAU&cid=CAQSKQDICaaNC0iZwYftI24-aGA6ebkNySAFdC_0KX9TvjftbO9baFnozrKx&random=1013994602&ipr=y

Request Chain 122

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=1BF710A20E804F03BD8E54BDA27F4477 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

Request Chain 123

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365

Request Chain 124

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMKtQlOZgZ1zOHDmhlG_GQY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 126

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 127

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477?zcc=1&cb=1697141962236 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003

Request Chain 128

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3

Request Chain 129

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 130

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 131

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://d.agkn.com/pixel/10751/?che=1697141962079&ip=80.255.10.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220103204667004740909 HTTP 302
https://um.simpli.fi/aa_px?sk=220103204667004740909 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 132

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 135

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTgwNjY4NDc3MjE5MzE2NDkwOTI= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1

Request Chain 136

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1

Request Chain 138

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 139

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 140

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 141

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 142

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 143

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1697141961895&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylQoZfqXAc6O7_UPyrOE6Ac&sscte=1&crd=&pscrd=IhMI-qSevqrxgQMVTse7CB3KGQF9 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI-qSevqrxgQMVTse7CB3KGQF9&is_vtc=1&ocp_id=ylQoZfqXAc6O7_UPyrOE6Ac&cid=CAQSKQDICaaNPWKgPHiEVGMMGFl_d3C74Kj4e6afPmIeKi5DOOPNnV8feAND&random=4178582406 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI-qSevqrxgQMVTse7CB3KGQF9&is_vtc=1&ocp_id=ylQoZfqXAc6O7_UPyrOE6Ac&cid=CAQSKQDICaaNPWKgPHiEVGMMGFl_d3C74Kj4e6afPmIeKi5DOOPNnV8feAND&random=4178582406&ipr=y

Request Chain 145

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=1BF710A20E804F03BD8E54BDA27F4477 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

Request Chain 146

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365

Request Chain 147

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEKS9SDc0-pmCL6yzk_VwEFw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF710A20E804F03BD8E54BDA27F4477 HTTP 302
https://um.simpli.fi/g_match?id=

148 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mortgage-refinance.html Show response
bfsfcu.org/borrow/ 113 KB
18 KB 438ms
385ms Document
text/html 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef142f83461f4b76699695213d63e48decc62b52c20e2b6fa19c5ad0321861a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8152097c2afc2bd7-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 20:19:19 GMT
expires: Thu, 12 Oct 2023 20:29:19 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 all.min.css
bfsfcu.org/assets/vendor/fontawesome/css/ 58 KB
13 KB 360ms
358ms Stylesheet
text/css 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/fontawesome/css/all.min.css

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 12763
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8152097e9e772bd7-FRA
expires: Sat, 11 Nov 2023 20:19:19 GMT

GET
H2 200 theme.min.css
bfsfcu.org/assets/css/ 365 KB
51 KB 385ms
383ms Stylesheet
text/css 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/css/theme.min.css

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cad7ab52009b268c60153b4ba6eafe8a3cb96e0dda94f2fb2a154ea541ae5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 52513
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8152097e9e792bd7-FRA
expires: Sat, 11 Nov 2023 20:19:19 GMT

GET
H2 200 custom.css
bfsfcu.org/assets/css/ 69 KB
11 KB 359ms
358ms Stylesheet
text/css 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/css/custom.css

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2509abf3ecedeb1b5e011627799b6274ea7174be52c5d826e14049830d1955f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 11520
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 15:30:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8152097e9e7a2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:19 GMT

GET
H2 200 salemove_integration.js Show response
api.salemove.com/ 9 KB
9 KB 86ms
8ms Script
application/javascript 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/salemove_integration.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 12 Oct 2023 19:56:48 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 19:34:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1352
x-amz-server-side-encryption: AES256
etag: "1a8fd57b4a2524648ffd2624368c9cac"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8905
x-amz-cf-id: pJn2EDkVP5mXT0h5lhFM97DIUvptR0i0fONZc8kmhEFpQxWdEA2CCQ==

GET
H/1.1 200
OK responsive.css
cdn.segmint.net/ 120 KB
120 KB 136ms
11ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/responsive.css
Requested by: Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bc6b572c3369ccae9d89fb288570d20d0fd3ed04bc1bca12e051f8b822c52fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 20:06:50 GMT
Via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Oct 2023 20:00:01 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 750
ETag: "a15f45c1be6245036f951af18a194750"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122382
X-Amz-Cf-Id: sLBE_3MqeLyisVfnSXDL7KNljZpB_GcDdoPcZ1_gh6JwGhDFt9e_pw==

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 10ms
10ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 05:02:39 GMT
Via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Sep 2023 12:33:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 55009
x-amz-server-side-encryption: AES256
ETag: "6bdf8bf9c48aef3424ec8556d42ae32e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16163
X-Amz-Cf-Id: Lbsp8tDI4Cp0v94zlTie_0blYQTlBm9V5_RKIxCgOazfEDr01Kq84Q==

GET
H2 200 monsido.js Show response
cdn.monsido.com/tool/javascripts/ 2 KB
3 KB 72ms
8ms Script
text/javascript 2600:9000:2156:9000:3:4b74:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.monsido.com/tool/javascripts/monsido.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9000:3:4b74:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

17dd560fed5a0713a3f47f70269fe1d3f9e1cdc3bc47fbcd114c6ebcb56d295f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Thu, 12 Oct 2023 00:32:21 GMT
via: 1.1 google, 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
age: 71218
x-cache: Hit from cloudfront
content-length: 2352
x-request-id: 306ea15f-fe25-48a4-993f-015583ea2358
x-runtime: 0.601394
referrer-policy: strict-origin-when-cross-origin
etag: W/"17dd560fed5a0713a3f47f70269fe1d3"
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public
x-amz-cf-id: h7_C9eEYLmeKeC9gHhNYbRsHWX0IPSdABIiMbnbV-8Ad5FDkjz70Qw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
95 KB 56ms
26ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6021JGW7YV

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cda3f3adc9de686c2e60b3c01b66a1068db24142d69d47ef8800339282731dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Oct 2023 20:19:20 GMT

GET
H2 200 img3.png
bfsfcu.org/assets/img/mockups/ 4 KB
5 KB 354ms
350ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/mockups/img3.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e168d1e9e19c60b7c5dc0629a4560a05083aa6aee22c1c73a3acb947e3de22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:07:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc4a2bd7-FRA
content-length: 4533
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 img2.png
bfsfcu.org/assets/img/mockups/ 3 KB
3 KB 363ms
358ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/mockups/img2.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

935ff4222a0432936664e1f5fe4d644c84c10b1fd404db1c9137999736ea9af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:07:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc4b2bd7-FRA
content-length: 3418
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 logo-reverse.svg
bfsfcu.org/assets/img/logos/ 11 KB
9 KB 357ms
353ms Image
image/svg+xml 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/logo-reverse.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57be7bae935c8ce4881a2b969b4a356cf6aef1af61d2789afe7d4f3ba198734d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 8634
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:07:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982bc4e2bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 logo-vertical-mobile.svg
bfsfcu.org/assets/img/logos/ 10 KB
8 KB 364ms
360ms Image
image/svg+xml 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/logo-vertical-mobile.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c49b367ab278582a790724f0548d3d8f3546459782b4af4687598328bd517509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 7646
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:07:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982bc502bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 icon-blue-mobile.xs.png
bfsfcu.org/assets/img/logos/ 1 KB
1 KB 367ms
364ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/icon-blue-mobile.xs.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17eb03f7c444dff6add84d7e25c80aa4feb84b517b571153b6e43dd5201a352f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:07:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc522bd7-FRA
content-length: 1448
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 badge_app_store.png
bfsfcu.org/assets/img/ 2 KB
2 KB 355ms
351ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/badge_app_store.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8feed154e8d41d8152784da1e5dd18c418ba78b7ab9525cea39cf2387849c50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:06:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc542bd7-FRA
content-length: 2028
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 badge_google_play.png
bfsfcu.org/assets/img/ 2 KB
2 KB 357ms
354ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/badge_google_play.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c43646ef4e1906e12c8926307aba0f82b3b63c81794b7260ad7480b37424762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:06:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc562bd7-FRA
content-length: 2251
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 calc_refi.jpg
bfsfcu.org/images/mortgages/2023/ 45 KB
46 KB 359ms
356ms Image
image/jpeg 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/mortgages/2023/calc_refi.jpg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eae978c34176e7da7f90bf0c0732de4529e9ae17b605f31ac8d2ef5c0f6cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:25:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc572bd7-FRA
content-length: 46474
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 rate_refi.jpg
bfsfcu.org/images/mortgages/2023/ 47 KB
48 KB 360ms
357ms Image
image/jpeg 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/mortgages/2023/rate_refi.jpg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825cfeaf0ba6eb0de6cab02d60d0916ecd870d35d27bf4a87401830e6c7958a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:25:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc5a2bd7-FRA
content-length: 48555
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 1947703_banknotes_bills_cash_dollars_money_icon.png
bfsfcu.org/images/mortgages/2023/ 36 KB
36 KB 360ms
357ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/mortgages/2023/1947703_banknotes_bills_cash_dollars_money_icon.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1239ac99e2e58c6bfa8c2357806a59aa126ecd2b63ca4eeb6da96317bbae1d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc5b2bd7-FRA
content-length: 36458
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 3952008-128.png
bfsfcu.org/images/mortgages/2023/ 7 KB
7 KB 361ms
358ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/mortgages/2023/3952008-128.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bef48289b200ebddaf2d7911190847594e4cebaa1a943e565a5e7d5638d482ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc5c2bd7-FRA
content-length: 6856
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 2228399-128.png
bfsfcu.org/images/mortgages/2023/ 4 KB
4 KB 361ms
358ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/mortgages/2023/2228399-128.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f0577619dea851af4f60004c19adf9ceec196a886a863d2c7671f1952b2537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc5e2bd7-FRA
content-length: 3971
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 GooglePlay.svg
bfsfcu.org/images/ 9 KB
3 KB 359ms
356ms Image
image/svg+xml 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/GooglePlay.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d894c8c81f9db745b65a28b2f9ad342dae80227349a70bd58377badb2ec9eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 3482
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982bc5f2bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 AppleStore.svg
bfsfcu.org/images/ 10 KB
4 KB 363ms
360ms Image
image/svg+xml 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/AppleStore.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0930f31d0c320d8f32fb06e0a630d9c53e4b4009a61d8f84b47a106b95d385bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 3952
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982bc602bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 logo-footer.svg
bfsfcu.org/assets/img/logos/ 8 KB
6 KB 364ms
361ms Image
image/svg+xml 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/logo-footer.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f05e5688c912bb3be8cc561972d24153752f660a14f57c3eeaf28c3ca9d5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 6036
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:07:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982bc622bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 ncua-ehl.png
bfsfcu.org/assets/img/logos/ 6 KB
6 KB 362ms
359ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/ncua-ehl.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1528639b1a59ee15bd75e4bba459ee377f4fbd35976b54384275a730818a1c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:07:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc632bd7-FRA
content-length: 6189
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 jquery.min.js Show response
bfsfcu.org/assets/vendor/jquery/dist/ 87 KB
30 KB 149ms
149ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/jquery/dist/jquery.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 30910
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 815209817a9b2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
bfsfcu.org/assets/vendor/jquery-migrate/dist/ 11 KB
4 KB 136ms
135ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/jquery-migrate/dist/jquery-migrate.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 4039
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 815209824ba92bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
bfsfcu.org/assets/vendor/bootstrap/dist/js/ 82 KB
21 KB 148ms
147ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 21804
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:09:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 815209829c1e2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 hs-header.min.js Show response
bfsfcu.org/assets/vendor/hs-header/dist/ 77 KB
7 KB 145ms
140ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/hs-header/dist/hs-header.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88fae5bcae1dfef54892da00bf8fd02cacfbdc4b455ddac5aba552eb73e3ccf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 6821
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac342bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 hs-go-to.min.js Show response
bfsfcu.org/assets/vendor/hs-go-to/dist/ 5 KB
2 KB 356ms
350ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/hs-go-to/dist/hs-go-to.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d97014e8fc65a68f94014321701b3ff04e3728aa88baf950510e6ee69b4c3ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 1858
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac3b2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 hs-unfold.min.js Show response
bfsfcu.org/assets/vendor/hs-unfold/dist/ 34 KB
6 KB 142ms
137ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/hs-unfold/dist/hs-unfold.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913ab18d804421a6ef7db00534facb3477cc585e82c428c9e9060f91f1ec7bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 5665
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac3c2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 hs-mega-menu.min.js Show response
bfsfcu.org/assets/vendor/hs-mega-menu/dist/ 92 KB
28 KB 357ms
352ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/hs-mega-menu/dist/hs-mega-menu.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954c8100c6f791bf2a6f49e3fdf7b5ede106119d564e6b8d648520380ea1c9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 28768
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac3e2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 aos.js Show response
bfsfcu.org/assets/vendor/aos/dist/ 14 KB
5 KB 359ms
353ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/aos/dist/aos.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 4699
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac3f2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 theme.min.js Show response
bfsfcu.org/assets/js/ 39 KB
10 KB 354ms
349ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/theme.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f087f3551240ae6a299e65c31385ee89e4f678ec91d7a1da5cab206562716f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 10384
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac402bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 LinkDisclosure.js Show response
bfsfcu.org/assets/js/ 2 KB
1 KB 357ms
351ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/LinkDisclosure.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24af796b288a55a61ca21df4a3d3553a4005db93b2f584e9c0a8ed66253c4fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 1040
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Sep 2023 15:44:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac422bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 jquery.fancybox.min.js Show response
bfsfcu.org/assets/vendor/@fancyapps/fancybox/dist/ 67 KB
22 KB 361ms
356ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/@fancyapps/fancybox/dist/jquery.fancybox.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 22013
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:09:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac442bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 pym.v1.min.js Show response
bfsfcu.org/assets/js/ 9 KB
3 KB 353ms
348ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/pym.v1.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 2809
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982ac472bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 8875.js Show response
js.sitesearch360.com/plugin/bundle/ 1 KB
969 B 95ms
43ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.sitesearch360.com/plugin/bundle/8875.js
Requested by: Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b895e006b5c8503b4c251b70fe26dfc222d0e996731d1d36e07a51ef30bcb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 12 Oct 2023 13:47:48 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
allow-control-allow-origin: *
access-control-allow-origin: *
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=1800
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 81520982f9279207-FRA
access-control-allow-headers: *
expires: Thu, 12 Oct 2023 20:49:20 GMT

GET
H2 200 jquery.accrue.min.js Show response
bfsfcu.org/assets/js/ 6 KB
2 KB 360ms
355ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/jquery.accrue.min.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6e66b6e95b95146d4c4bc04d2865c3e4d9269f3158c63699584528ce2f95c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 1910
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982bc492bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/ 12 KB
3 KB 88ms
64ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/OtAutoBlock.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91b51560c3cff3cbfa5fcbe8f66c783d28d89ff7ab39c5a2d32c4d0ddaf1901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3781
content-md5: QVB67SrWVDdvABXZ9WGWTg==
content-length: 3212
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 19:20:11 GMT
server: cloudflare
etag: 0x8DB321CF28A368A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d9845cfb-601e-0124-1905-6407fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81520982caec1961-FRA
expires: Fri, 13 Oct 2023 20:19:20 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/ 25 KB
9 KB 53ms
29ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/otSDKStub.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b912264dad19887901e0053da71c356695a8e3f0262343c22ff4bf662941d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 15861
content-md5: 3kI/OBC+H6WMxm6AuWcQ7Q==
content-length: 8822
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 19:20:10 GMT
server: cloudflare
etag: 0x8DB321CF1E97AA1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 68aad67e-e01e-00b2-4505-64239c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81520982caee1961-FRA
expires: Fri, 13 Oct 2023 20:19:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 46ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;600;700;900&display=swap

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1a4883dd6c2a1911ff862184983cc9c95ea173cdcba7c73dc52ad1afd471436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 20:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 20:19:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 20:19:19 GMT

POST
H2 200 visitor_config Show response
api.salemove.com/ 13 KB
14 KB 307ms
307ms XHR
application/json 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/visitor_config?referrer=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html&

Requested by

Host: api.salemove.com
URL: https://api.salemove.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

53466d33c22fed1c75e7db59583e3bd7ce9e3049555079c6a94944c36ff88e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 13416
access-control-max-age: 7200
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
content-type: application/json
access-control-allow-origin: https://bfsfcu.org
access-control-expose-headers
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
vary: Origin
x-site-visitor-config: true
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: J0MgT7YlMch1gxm6EGR7VoZpobZuv8y5EbzOlQspnohqO-F-0KxtWQ==

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
9 KB 18ms
7ms Script
application/javascript 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 12 Oct 2023 19:56:48 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 19:34:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1353
x-amz-server-side-encryption: AES256
etag: "1a8fd57b4a2524648ffd2624368c9cac"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8905
x-amz-cf-id: OlZXhcSzPexuLaHQDxTo_EC3V7qiTrN21-_bdQ5EblSOH2uU8JSxxg==

GET
H/1.1 200
OK 6be5ef17-aae3-4bdb-8eca-16420e51b79c.json Show response
cdn.segmint.net/ 313 B
923 B 11ms
10ms XHR
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6531eef081889f1dec6c850c76534af9e6fbd3fc751fff0df0a89e835e3c4e5

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 12 Oct 2023 20:10:16 GMT
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 545
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Thu, 17 Dec 2020 17:46:09 GMT
Server: AmazonS3
ETag: "4f4761557796ce148178799ef7395dae"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: SJ255bU2gU1lQGwGP0-D1JgToQN1zTJ-ysajS5Bd5vtThBUVony5eA==

OPTIONS
H/1.1 200
OK 6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
cdn.segmint.net/ Frame 0
0 410ms
391ms Preflight 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bfsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EOzSqCvioH8TiWLlDD1fxubuX8lFYeY3TlU1icvfuurLItbWIHj1GA==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront

OPTIONS
H/1.1 200
OK 6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
cdn.segmint.net/ Frame 0
0 422ms
401ms Preflight 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bfsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: bpttax9N9OI5SQG5qb5P9rePDUatp_BOngQo3KB-OIBsnk_bvOeX8A==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront

GET
H/1.1 200
OK 6be5ef17-aae3-4bdb-8eca-16420e51b79c.json Show response
cdn.segmint.net/ 313 B
923 B 8ms
8ms XHR
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/6be5ef17-aae3-4bdb-8eca-16420e51b79c.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6531eef081889f1dec6c850c76534af9e6fbd3fc751fff0df0a89e835e3c4e5

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 12 Oct 2023 20:10:16 GMT
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 545
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Thu, 17 Dec 2020 17:46:09 GMT
Server: AmazonS3
ETag: "4f4761557796ce148178799ef7395dae"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: xLd0dN6bW5TwOPo1k7-FI9ZU8ovIlh4vdMQ2jHwztEFG9FbADvP5wA==

GET
DATA 200
OK truncated
/ 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fe44290fcc054bf6343c1e442cc786a781b8ba0f974794be581e59ec555916e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mortgagerefi_banner.jpg
bfsfcu.org/images/backgrounds/mortgages/2023/ 192 KB
193 KB 351ms
350ms Image
image/jpeg 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/backgrounds/mortgages/2023/mortgagerefi_banner.jpg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ddd1ff3acf44fab1eb8ebd45bba822f60df331792c6169af2e2862c25f6c37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 16:22:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520982cc7c2bd7-FRA
content-length: 196991
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f747dde46295102936ccbf6a0da611f918a4460d67d2b9b6402878441ae666a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 7215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:19:05 GMT

GET
H2 200 fa-solid-900.woff2
bfsfcu.org/assets/vendor/fontawesome/webfonts/ 78 KB
78 KB 347ms
347ms Font
font/woff2 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/vendor/fontawesome/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/assets/vendor/fontawesome/css/all.min.css
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982dc8b2bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 BrandonGrotesque-Bold.woff
bfsfcu.org/assets/fonts/ 43 KB
43 KB 353ms
353ms Font
font/woff 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/fonts/BrandonGrotesque-Bold.woff

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88d470131a01a1964fee26367d043da81d0c33ca1211ca57f7c7ecef15729fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/assets/css/custom.css
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 43455
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982dc8c2bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

GET
H2 200 fa-brands-400.woff2
bfsfcu.org/assets/vendor/fontawesome/webfonts/ 76 KB
76 KB 349ms
349ms Font
font/woff2 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/vendor/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/vendor/fontawesome/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/assets/vendor/fontawesome/css/all.min.css
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:08:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 81520982dc8d2bd7-FRA
expires: Sat, 14 Oct 2023 20:19:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6021JGW7YV&gtm=45je3ab0&_p=301417818&cid=929407674.1697141960&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697141960&sct=1&seg=0&dl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html&dt=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6021JGW7YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bfsfcu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrapper-ffafd6e34.js Show response
libs.salemove.com/visitor/ 635 KB
165 KB 53ms
9ms Script
application/javascript 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Requested by

Host: api.salemove.com
URL: https://api.salemove.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c2d0ee134d9dd6226b03a5b867ffa92f336b3a4b655b6db24d385663c990a082

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 08:54:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 213888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 06:45:00 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:34c2497f1c3d5309cba74d4b668f6ba2
etag: W/"34c2497f1c3d5309cba74d4b668f6ba2"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ablPKV_1mJeFISk2yfNQaoGkTVVlleJyVN2z7QLofJEP-UQRgBJZTg==

GET
H2 200 rate-widget-mortgage.new.html Show response
bfsfcu.org/rates/ Frame 6E92 6 KB
2 KB 139ms
139ms Document
text/html 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/js/pym.v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d3cb4fc0c88f31b45a2191a1e66e10d770d8e2852aa91f499763b5123e6b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 81520985a8532bd7-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 20:19:20 GMT
expires: Thu, 12 Oct 2023 20:29:20 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 sitesearch360-v14.frozen.4ae07b88689a1e105aa7a5c0f74f8507.js Show response
cdn.sitesearch360.com/v14/ 300 KB
89 KB 49ms
31ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v14/sitesearch360-v14.frozen.4ae07b88689a1e105aa7a5c0f74f8507.js
Requested by: Host: js.sitesearch360.com
URL: https://js.sitesearch360.com/plugin/bundle/8875.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8526f1a188d9f353fdb729f88822c633d751cb5cca86a553170512408b95224c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Oct 2023 09:59:08 GMT
server: cloudflare
age: 123600
etag: W/"4b1fc-6076ddfdbbe5e-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81520985dba79207-FRA
expires: Fri, 11 Oct 2024 20:19:20 GMT

GET
H2 200 02661cdb-f9c1-43a8-a9d3-a1061310e261.json Show response
cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/ 4 KB
2 KB 46ms
30ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/02661cdb-f9c1-43a8-a9d3-a1061310e261.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4baf72376016569c612a37d851781a1cc448413e959752aee13c5d35b3ab2224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1630
content-md5: z/c4RuIUKgqYt4axadnORg==
content-length: 1668
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 19:20:09 GMT
server: cloudflare
etag: 0x8DB321CF1A6AF32
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 00359fd1-701e-0052-0405-64c514000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81520985dfe591d8-FRA
expires: Fri, 13 Oct 2023 20:19:20 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 750 KB
220 KB 174ms
139ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb1716d6ddc1ffb2aa84bca299ebcff6c9685820595c9d24aad1c3d6647f8f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycds_mr8DLi1kq0e8yB36S79U3aL3ey0Xpj59yzcfDU998zXffOc8MzwPMFn6fUpSWFnd9ExKiN9zk09jX9fy4JJGLQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Thu, 21 Sep 2023 09:44:16 GMT
server: cloudflare
etag: W/"d92721be7cf39b11c5d6e09610aadaeb"
vary: Accept-Encoding
x-goog-hash: crc32c=uCZ0pg==, md5=2SchvnzzmxHF1uCWEKra6w==
x-goog-generation: 1695289456172111
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 768448
cf-ray: 81520985f94c65b9-FRA
expires: Fri, 11 Oct 2024 20:19:20 GMT

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 448ms
94ms Preflight 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bfsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://bfsfcu.org
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 20:19:20 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 445ms
92ms Preflight 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bfsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://bfsfcu.org
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 20:19:20 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
635 B 127ms
107ms XHR
text/plain 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://bfsfcu.org
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1Gr9rnrx Show response
connect.segmint.net/iframe/doughnut/ Frame 4967 509 B
1 KB 459ms
110ms Document
text/html 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-82-179.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Thu, 12 Oct 2023 20:19:21 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: dd971103352f59eb
X-B3-TraceId: dd971103352f59eb
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
635 B 128ms
106ms XHR
text/plain 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://bfsfcu.org
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1Gr9rnrx Show response
connect.segmint.net/iframe/doughnut/ Frame 7890 509 B
1 KB 461ms
115ms Document
text/html 35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-82-179.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Thu, 12 Oct 2023 20:19:21 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: 24bce672b7a62049
X-B3-TraceId: 24bce672b7a62049
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 bg.locations2.jpg
bfsfcu.org/images/ 40 KB
40 KB 133ms
133ms Image
image/jpeg 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/images/bg.locations2.jpg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05623ba7af61f1df722189b13a2fe4f1912f41aac2c9aad79b4150e4d99f6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:06:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8152098608e12bd7-FRA
content-length: 40898
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 linkwarning.min.js Show response
bfsfcu.org/assets/js/ 4 KB
1 KB 131ms
130ms XHR
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/linkwarning.min.js?_=1697141960116

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/vendor/jquery/dist/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

283f0e573431955a6f8cce5be4326ad506f4aebe83d51413f7806c88576c7818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 1263
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:07:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8152098689872bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 78ms
39ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81520986cd969235-FRA
access-control-allow-headers: Content-Type

GET
H2 200 webcomponents_es5-ffafd6e34.js Show response
libs.salemove.com/visitor/ 936 B
1 KB 12ms
8ms Script
application/javascript 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor/webcomponents_es5-ffafd6e34.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 08:54:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 213887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 936
last-modified: Tue, 10 Oct 2023 06:45:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
etag: "f86098c5208655efb405300993461936"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fxgyi8W1YfY7bWL8DxblZ5MKgoUct44cvlAxIa03Y00iNhJ04lJ6xg==

GET
H2 200 custom.css
bfsfcu.org/assets/css/ Frame 6E92 69 KB
11 KB 141ms
137ms Stylesheet
text/css 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/css/custom.css

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2509abf3ecedeb1b5e011627799b6274ea7174be52c5d826e14049830d1955f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 11520
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 15:30:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520986fa2c2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 theme.min.css
bfsfcu.org/assets/css/ Frame 6E92 365 KB
51 KB 169ms
166ms Stylesheet
text/css 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/css/theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cad7ab52009b268c60153b4ba6eafe8a3cb96e0dda94f2fb2a154ea541ae5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 52513
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520986fa2d2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 pym.v1.min.js Show response
bfsfcu.org/assets/js/ Frame 6E92 9 KB
3 KB 136ms
133ms Script
application/javascript 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bfsfcu.org/assets/js/pym.v1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/rates/rate-widget-mortgage.new.html?initialWidth=1080&childId=mortgage-rate-widget&parentTitle=Mortgage%20Refinance%20%7C%20Bank-Fund%20Staff%20Federal%20Credit%20Union&parentUrl=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 2809
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Mar 2023 18:06:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 81520986fa2f2bd7-FRA
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/ 407 KB
98 KB 19ms
18ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 12zQcT/rVMicuxojEvnp3g==
age: 51938
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 100389
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:15 GMT
server: cloudflare
etag: 0x8DB3FB51FD9A927
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4a759dcb-501e-0089-6bb0-7161c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8152098748fe1961-FRA

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
239 B 83ms
44ms XHR
text/plain 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=14.1
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v14/sitesearch360-v14.frozen.4ae07b88689a1e105aa7a5c0f74f8507.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 815209879c966933-FRA
access-control-allow-headers: *

GET
H2 200 ss360-unibox-v14.chunk.29b2774960cbfd2c7c75.js Show response
cdn.sitesearch360.com/v14/ 53 KB
15 KB 49ms
23ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v14/ss360-unibox-v14.chunk.29b2774960cbfd2c7c75.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v14/sitesearch360-v14.frozen.4ae07b88689a1e105aa7a5c0f74f8507.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e876f284b86914a81c67a946c3b25725853e6ebca9a05e5e461097573a3de37

Request headers

Referer: https://bfsfcu.org/
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Oct 2023 09:59:11 GMT
server: cloudflare
age: 122859
etag: W/"d378-6076de0028fde-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81520987994a371f-FRA
expires: Fri, 11 Oct 2024 20:19:20 GMT

GET
H2 200 ss360-styles-v14.chunk.704c0db5306c5a6032ac.js Show response
cdn.sitesearch360.com/v14/ 48 KB
11 KB 45ms
24ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v14/ss360-styles-v14.chunk.704c0db5306c5a6032ac.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v14/sitesearch360-v14.frozen.4ae07b88689a1e105aa7a5c0f74f8507.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f37a2b3b8ff20ea4f89b92dff427b9464e57496701a2879e9d945e4b3475aa

Request headers

Referer: https://bfsfcu.org/
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Sep 2023 09:34:43 GMT
server: cloudflare
age: 2715160
etag: W/"c126-60512094ec70d-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81520987994b371f-FRA
expires: Fri, 11 Oct 2024 20:19:20 GMT

GET
H2 200 logo.png
bfsfcu.org/assets/img/logos/ 10 KB
11 KB 133ms
132ms Image
image/png 2606:4700::6812:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bfsfcu.org/assets/img/logos/logo.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7869a2b9fbd6dabeec18ec031473e32c59f46447095f2ccd33cc279d7436b2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/borrow/mortgage-refinance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Mar 2023 18:07:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://online.bfsfcu.org/
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 815209877adb2bd7-FRA
content-length: 10742
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 20:19:20 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/bfsfcu.org/ 162 B
725 B 360ms
134ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/bfsfcu.org/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f2c34ad12852a599a1b08f708d432af59a258aad41116ba096d52a33b66e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsn0g_rLArdkGH5aiPFoMjPWFzWBXhM_hBWh_f5tXRr8NJHXTJovdjrLGn9qXovGvS4IyYNGOaokrHQR9ZJD3TCo4C1uNDt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 24 Jul 2023 16:13:53 GMT
server: cloudflare
etag: W/"c1c5e025e0f934aaa8f75c8374c91550"
vary: Accept-Encoding
x-goog-hash: crc32c=6X9xEg==, md5=wcXgJeD5NKqo91yDdMkVUA==
x-goog-generation: 1690215233207599
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 162
cf-ray: 81520989690539e8-FRA
expires: Fri, 11 Oct 2024 20:19:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6E92 9 KB
770 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;600;700;900&display=swap

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1a4883dd6c2a1911ff862184983cc9c95ea173cdcba7c73dc52ad1afd471436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 20:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 20:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 20:19:20 GMT

GET
H2 200 visitor-app.52f3ed42.min.js Show response
libs.salemove.com/ 800 KB
230 KB 14ms
11ms Script
application/javascript 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.52f3ed42.min.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88f4bb9f935fb7b9bfa6201bc3124c684cf5e84c10d7127733638af240d59d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 223594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 09 Oct 2023 14:26:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:99bdd1dbd5e059c9a10837d9d7f6b94e
etag: W/"99bdd1dbd5e059c9a10837d9d7f6b94e"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 2bPnirNs8HRJbhDPelRzRywgPm01B_dkv6UXHBXUVX4gC8uLLz-NPw==

GET
H2 200 visitor-app.52f3ed42.default.css
libs.salemove.com/ 317 KB
115 KB 10ms
8ms Stylesheet
text/css 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/visitor-app.52f3ed42.default.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

495b4edc562beb183728fde5f108ef80672f29df38e5810463fb36aa52492eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 223594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 09 Oct 2023 14:26:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:aa44af0ad197713651a1c07e347450c3
etag: W/"aa44af0ad197713651a1c07e347450c3"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: n741D4-uO5_mwE8PKOc-9xZzOS5_E88KKMo42kL_jcmUfdakqBDp8w==

GET
H2 200 73aff4e53eea34 Show response
api.salemove.com/visitor_app/52f3ed42/sites/ca7ed352-ef39-4913-98b8-4507288a244c/custom_locales/EN-US-disclaimer/ 14 KB
14 KB 31ms
9ms XHR
application/json 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/visitor_app/52f3ed42/sites/ca7ed352-ef39-4913-98b8-4507288a244c/custom_locales/EN-US-disclaimer/73aff4e53eea34

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0105ae60cfa80e514f098d4cd4ba0ebbe9e41b1b06590937b36d2c6a28e7daff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 223174
x-cache: Hit from cloudfront
content-length: 14205
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
content-type: application/json
access-control-allow-origin: https://bfsfcu.org
access-control-expose-headers
cache-control: public, max-age=31536000
vary: Origin
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: ypLlZtzpYUzugBCWp-i07xtFORYov5buPMOCmRSrCyPl3kI-8INLkQ==

GET
H2 200 gva-custom-chat-renderer.d938ba9.js Show response
libs.salemove.com/ 23 KB
8 KB 21ms
19ms Script
application/javascript 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/gva-custom-chat-renderer.d938ba9.js

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a19e35c238665b103fff54c0a89023a450c1d40f5cd58e01a7f5e5616d9aace7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:40:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1147105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 29 Sep 2023 13:23:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0f7fb6803bd6390810b1bd3849ed1eca
etag: W/"0f7fb6803bd6390810b1bd3849ed1eca"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: h9sUDza5kauQeKT-zOkPuVRroeFzJa4t08vX2f6MsVJBshqHV9lygg==

GET
H2 200 gva-custom-chat-renderer.d938ba9.css
libs.salemove.com/ 8 KB
2 KB 21ms
20ms Stylesheet
text/css 2600:9000:223f:bc00:0:99b9:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.salemove.com/gva-custom-chat-renderer.d938ba9.css

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:bc00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2d8b1a8785213054e3f78b388d4a23025d97a334a9b08a7729a6df6c0d5f1c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:40:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1147105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 29 Sep 2023 13:23:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:ad4a498454998389e55378a9323cb2c9
etag: W/"ad4a498454998389e55378a9323cb2c9"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: E4pSriHw3VL7lXNT6n7PceXQgjsUnUG1cyTEwjuTF743-W_asnw6rg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/b3945638-2c03-4052-abba-bc2f059d0a65/ 74 KB
16 KB 28ms
25ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/02661cdb-f9c1-43a8-a9d3-a1061310e261/b3945638-2c03-4052-abba-bc2f059d0a65/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987c75f13be17e2b024127e5e4390e450bac0500ec1f5cb656276217c605367d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51068
content-md5: U9Ha38bHkEAdTk7Qdvu9Dg==
content-length: 15932
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 19:20:12 GMT
server: cloudflare
etag: 0x8DB321CF3226841
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2f785ce4-301e-0069-5a0c-e800cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815209887c4791d8-FRA
expires: Fri, 13 Oct 2023 20:19:21 GMT

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 4967
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=DC7E577BB3A143699EE6DC2EF3475DAE

43 B
412 B

388ms
99ms

Image
image/gif

35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=DC7E577BB3A143699EE6DC2EF3475DAE
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Protocol: HTTP/1.1
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: openresty
X-B3-TraceId: bfdbf669493c9386
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: bfdbf669493c9386
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=DC7E577BB3A143699EE6DC2EF3475DAE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 4967 3 KB
3 KB 90ms
16ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F411nzVrab8ozWmdXcgC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 7890
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6662AF0823754CE18912C0BA1912DEEE

43 B
412 B

390ms
101ms

Image
image/gif

35.174.82.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6662AF0823754CE18912C0BA1912DEEE
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Protocol: HTTP/1.1
Server: 35.174.82.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-82-179.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:21 GMT
Server: openresty
X-B3-TraceId: 84a03f42c512473d
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: 84a03f42c512473d
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6662AF0823754CE18912C0BA1912DEEE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 7890 3 KB
3 KB 78ms
16ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Gr9rnrx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F411nzVsykSGUGTKvKaB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 9 KB
3 KB 22ms
21ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: RDJTQu0rTVB85tiZ/K6VYg==
age: 51066
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:08 GMT
server: cloudflare
etag: 0x8DB3FB51B94828F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61af54c1-301e-0033-6e2c-7281cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815209897da591d8-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/ 62 KB
13 KB 41ms
41ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd59848705700c676f53c35e5ce30bb68308374bb70577911494b1efee6b176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EdKfLim+rSnHw/A35nKkCg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13392
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:10 GMT
server: cloudflare
etag: 0x8DB3FB51C9C0994
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c8fa90c6-301e-0173-672c-72ee70000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815209898da691d8-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 21 KB
4 KB 21ms
21ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 38517
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ff187626-501e-012c-662c-721c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 815209898da891d8-FRA

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9

Request headers

Referer
Origin: https://bfsfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
622 B 18ms
18ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 5651
x-ms-lease-status: unlocked
last-modified: Wed, 11 Oct 2023 07:03:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0e58b03a-901e-0002-12d9-fc873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8152098bff7a1961-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 17ms
17ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 38517
x-ms-lease-status: unlocked
last-modified: Wed, 11 Oct 2023 07:03:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c193fd3c-701e-0057-784c-fc97b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8152098bf86e91d8-FRA

GET
H2 200 BFSFCU_LOGO_500x.png
cdn.cookielaw.org/logos/bc94c43f-a3ff-4c26-9296-427906fcabef/9e185d5d-3520-4e22-94bf-c45d2076103c/389fec28-392e-4163-b054-231d450b6d63/ 13 KB
13 KB 33ms
32ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/bc94c43f-a3ff-4c26-9296-427906fcabef/9e185d5d-3520-4e22-94bf-c45d2076103c/389fec28-392e-4163-b054-231d450b6d63/BFSFCU_LOGO_500x.png

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317b6128254428cf3573098c14fb28b9e796a2f481087202d1b33fa493fea1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Q/wl77ksncYJLJYJ6Nc2ow==
age: 17797
content-length: 13634
x-ms-lease-status: unlocked
last-modified: Thu, 01 Apr 2021 14:14:24 GMT
server: cloudflare
etag: 0x8D8F518741A5B0B
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: abf8c6bc-f01e-0092-0d27-d3bd55000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8152098c1fbb1961-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: bfsfcu.org
URL: https://bfsfcu.org/borrow/mortgage-refinance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 86224
x-ms-lease-status: unlocked
last-modified: Wed, 11 Oct 2023 07:03:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 84d8a515-301e-0079-706d-fcc5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8152098c1fc01961-FRA

OPTIONS
H2 204 a38c9efb-0ee1-4771-9dc7-653584f2272a
api.salemove.com/sites/ca7ed352-ef39-4913-98b8-4507288a244c/visitors/ Frame 0
0 103ms
103ms Preflight 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/sites/ca7ed352-ef39-4913-98b8-4507288a244c/visitors/a38c9efb-0ee1-4771-9dc7-653584f2272a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: PATCH
Origin: https://bfsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET, HEAD, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-id: z5DVcnHb56dFh0uqLdJaZNKvcFBiuH1JC75oQkb9dF_PF6Vpeb_BuA==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

PATCH
H2 200 a38c9efb-0ee1-4771-9dc7-653584f2272a Show response
api.salemove.com/sites/ca7ed352-ef39-4913-98b8-4507288a244c/visitors/ 193 B
701 B 346ms
346ms XHR
application/json 2600:9000:206f:a600:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.salemove.com/sites/ca7ed352-ef39-4913-98b8-4507288a244c/visitors/a38c9efb-0ee1-4771-9dc7-653584f2272a

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

acd5833f80b9382b20914f655765364662330b6b440284c21ebd360257a9ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/vnd.salemove.private+json
Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjUxOWQ2NjkyLWZhM2EtNDQzMi1hY2NjLTgyYTY0OTA2ZDljZSJ9.eyJpYXQiOjE2OTcxNDE5NjAsImV4cCI6MTY5ODM1MTU2MCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjphMzhjOWVmYi0wZWUxLTQ3NzEtOWRjNy02NTM1ODRmMjI3MmEiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiYTM4YzllZmItMGVlMS00NzcxLTlkYzctNjUzNTg0ZjIyNzJhIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImNhN2VkMzUyLWVmMzktNDkxMy05OGI4LTQ1MDcyODhhMjQ0YyIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiY2E3ZWQzNTItZWYzOS00OTEzLTk4YjgtNDUwNzI4OGEyNDRjIl19XSwiYWNjb3VudF9pZCI6IjBkNjNkNDViLTExOWUtNGY1MC05NTdiLWYzMjYwNTAxNWZmYiJ9.7FneQ64Rpkt435Xqy_L32qVMWYOl6jE2iuuk8YKpjL-kiE9Ey5Af2jvhwdVd5jVrc5zr_vR2C2_OIZPfd3JnIA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 193
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
x-amz-cf-id: 7quwy-VzcFoEDHnDwr_NaRnOadLOlscXuvVEx8_dMvOwEimh0Vy4bg==

GET
H2 200 p Show response
i.simpli.fi/ Frame 4967 804 B
1 KB 34ms
16ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 100b259d8c98a545d6549b26126a934b9b915b3cd969f680fa7c59ecbad07b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: openresty
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 7890 804 B
1 KB 32ms
15ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 100b259d8c98a545d6549b26126a934b9b915b3cd969f680fa7c59ecbad07b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: openresty
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
196 B 62ms
20ms Image
image/gif 2600:1901:0:891c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=DpMFZI9OrEtwkbcEl3oviw&b=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html&c=3D01697141960103&d=1600x1200&e=&f=1EC1697141960103&g=1604&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:891c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bfsfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: 2023-10-12T20:19:21Z
date: Thu, 12 Oct 2023 20:19:21 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

204

/
s.ad.smaato.net/c/ Frame 7890
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477

0
236 B

101ms
36ms

Image
text/plain

2600:9000:211e:d000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 2600:9000:211e:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-cache, must-revalidate
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 7cXCITYYrn1WhKTiMLD11y_rOJarlBdzS_eng1LzRm4Cu-LHc4gjtQ==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

RX-1a3ace4c-843a-420a-9821-854322f21b25-003
sync.targeting.unrulymedia.com/csync/ Frame 7890
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477?zcc=1&cb=1697141962036
https://sync.targeting.unrulymedia.com/csync/RX-1a3ace4c-843a-420a-9821-854322f21b25-003

43 B
378 B

77ms
76ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-1a3ace4c-843a-420a-9821-854322f21b25-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-1a3ace4c-843a-420a-9821-854322f21b25-003
pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3

37 B
140 B

71ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477

43 B
174 B

399ms
92ms

Image
image/gif

2600:1f18:612b:4216:733d:a16f:95fc:a32a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 2600:1f18:612b:4216:733d:a16f:95fc:a32a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 12 Oct 2023 20:19:22 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7890
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

95 B
434 B

26ms
19ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 7890
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1BF710A20E804F03BD8E54BDA27F4477
https://d.agkn.com/pixel/10751/?che=1697141962077&ip=80.255.10.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219353204667004743084
https://um.simpli.fi/aa_px?sk=219353204667004743084
https://um.simpli.fi/empty.gif

43 B
361 B

14ms
14ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 7890
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477

0
0

77ms
3ms

Image
text/html

13.32.121.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-118.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7890 43 B
409 B 32ms
15ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 7890 43 B
409 B 33ms
16ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame 7890
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQzODMxMDEwODA2MDk0MDQzMTA=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1

43 B
380 B

47ms
22ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 7890
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1

0
763 B

35ms
34ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 12 Oct 2023 20:19:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 7890 43 B
409 B 35ms
18ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477

0
421 B

468ms
91ms

Image
text/plain

44.212.232.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: HTTP/1.1
Server: 44.212.232.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-232-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 12 Oct 2023 20:19:21 GMT

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 7890
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477

62 B
443 B

245ms
170ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 12 Oct 2023 20:19:22 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

404

tpid=1BF710A20E804F03BD8E54BDA27F4477
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 7890
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477

49 B
265 B

125ms
33ms

Image
image/gif

63.35.30.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.121
content-length: 49
expires: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477

0
311 B

87ms
21ms

Image
text/plain

216.52.2.91
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:22 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477

0
98 B

86ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 7890
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1697141961895&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
108 B

49ms
25ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIkaGevqrxgQMVp5D9Bx29dQ9Z&is_vtc=1&ocp_id=ylQoZZGUAaeh9u8Pveu9yAU&cid=CAQSKQDICaaNC0iZwYftI24-aGA6ebkNySAFdC_0KX9TvjftbO9baFnozrKx&random=1013994602&ipr=y

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=2094878776&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIkaGevqrxgQMVp5D9Bx29dQ9Z&is_vtc=1&ocp_id=ylQoZZGUAaeh9u8Pveu9yAU&cid=CAQSKQDICaaNC0iZwYftI24-aGA6ebkNySAFdC_0KX9TvjftbO9baFnozrKx&random=1013994602&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame 7890 0
272 B 53ms
37ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=1BF710A20E804F03BD8E54BDA27F4477
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

43 B
891 B

44ms
44ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
an-x-request-uuid: 5d537935-5b43-4920-837a-8df909ebf2b9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.203; 80.255.10.203; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
an-x-request-uuid: 541c7301-2600-43dd-9bc0-39926b30b270
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.203; 80.255.10.203; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7890
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365

0
239 B

101ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7890
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477

43 B
106 B

84ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame 7890
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEMKtQlOZgZ1zOHDmhlG_GQY&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF710A20E804F03BD8E54BDA27F4477
https://um.simpli.fi/g_match?id=

0
320 B

15ms
14ms

Image
text/plain

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 11 Oct 2023 20:19:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
s.ad.smaato.net/c/ Frame 4967
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477

0
237 B

39ms
26ms

Image
text/plain

2600:9000:211e:d000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 2600:9000:211e:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-cache, must-revalidate
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 44pwQG6UPk343nR5BX0fniZCU8rexiJsZ6wkNQq5pEUA16WXbigI7Q==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003
sync.targeting.unrulymedia.com/csync/ Frame 4967
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477
https://sync.1rx.io/usersync/simplifi/1BF710A20E804F03BD8E54BDA27F4477?zcc=1&cb=1697141962236
https://sync.targeting.unrulymedia.com/csync/RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003

43 B
377 B

965ms
914ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:23 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003
pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3

37 B
139 B

21ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=1BF710A20E804F03BD8E54BDA27F4477&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477

43 B
175 B

347ms
91ms

Image
image/gif

2600:1f18:612b:4216:733d:a16f:95fc:a32a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 2600:1f18:612b:4216:733d:a16f:95fc:a32a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 12 Oct 2023 20:19:22 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4967
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

95 B
423 B

27ms
20ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1BF710A20E804F03BD8E54BDA27F4477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 4967
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1BF710A20E804F03BD8E54BDA27F4477
https://d.agkn.com/pixel/10751/?che=1697141962079&ip=80.255.10.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D220103204667004740909
https://um.simpli.fi/aa_px?sk=220103204667004740909
https://um.simpli.fi/empty.gif

43 B
361 B

15ms
15ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 4967
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477

0
0

47ms
4ms

Image
text/html

13.32.121.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-118.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 4967 43 B
409 B 54ms
38ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 4967 43 B
409 B 54ms
39ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame 4967
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=1BF710A20E804F03BD8E54BDA27F4477;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTgwNjY4NDc3MjE5MzE2NDkwOTI=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1

43 B
377 B

48ms
23ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOJEaWyrvHv7eqsNxpain-w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 4967
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1

0
763 B

36ms
36ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 12 Oct 2023 20:19:23 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=1BF710A20E804F03BD8E54BDA27F4477&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 4967 43 B
409 B 55ms
40ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477

0
421 B

468ms
91ms

Image
text/plain

44.212.232.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: HTTP/1.1
Server: 44.212.232.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-232-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 12 Oct 2023 20:19:21 GMT

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 4967
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477

62 B
443 B

243ms
169ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 12 Oct 2023 20:19:22 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

404

tpid=1BF710A20E804F03BD8E54BDA27F4477
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 4967
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477

49 B
266 B

123ms
32ms

Image
image/gif

63.35.30.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.104
content-length: 49
expires: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477

0
311 B

88ms
23ms

Image
text/plain

216.52.2.91
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 12 Oct 2023 20:19:22 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477

0
42 B

85ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 4967
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1697141961895&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie...
https://www.google.com/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
https://www.google.de/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1...

42 B
455 B

46ms
23ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI-qSevqrxgQMVTse7CB3KGQF9&is_vtc=1&ocp_id=ylQoZfqXAc6O7_UPyrOE6Ac&cid=CAQSKQDICaaNPWKgPHiEVGMMGFl_d3C74Kj4e6afPmIeKi5DOOPNnV8feAND&random=4178582406&ipr=y

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=94265753&cv=7&fst=1697141961895&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI-qSevqrxgQMVTse7CB3KGQF9&is_vtc=1&ocp_id=ylQoZfqXAc6O7_UPyrOE6Ac&cid=CAQSKQDICaaNPWKgPHiEVGMMGFl_d3C74Kj4e6afPmIeKi5DOOPNnV8feAND&random=4178582406&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame 4967 0
272 B 56ms
43ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=1BF710A20E804F03BD8E54BDA27F4477
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

43 B
891 B

24ms
22ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
an-x-request-uuid: 53336358-04a2-45ba-b80c-bd0ffbb78ef7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.203; 80.255.10.203; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
an-x-request-uuid: 6a1b476a-630a-4bca-8d2b-4ac17e95f47f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1BF710A20E804F03BD8E54BDA27F4477
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.203; 80.255.10.203; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4967
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365

0
239 B

91ms
11ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1BF710A20E804F03BD8E54BDA27F4477&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4967
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477

43 B
273 B

73ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 12 Oct 2023 20:19:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=1BF710A20E804F03BD8E54BDA27F4477
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 11 Oct 2023 20:19:21 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame 4967
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEKS9SDc0-pmCL6yzk_VwEFw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BF710A20E804F03BD8E54BDA27F4477
https://um.simpli.fi/g_match?id=

0
320 B

14ms
14ms

Image
text/plain

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:19:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 11 Oct 2023 20:19:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 20:19:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content /
client-logger.salemove.com/ 0
0 409ms
194ms Fetch 52.7.4.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://client-logger.salemove.com/

Requested by

Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-ffafd6e34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.7.4.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-4-58.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bfsfcu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 20:19:24 GMT
server: envoy
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
x-envoy-upstream-service-time: 1

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bfsfcu.org/borrow	1970-01-20 15:35:46	Name: TestCookie Value: OK
.bfsfcu.org/	1970-01-20 15:25:43	Name: __cf_bm Value: .iEX1kKoFlg8jLsOaOO.Vae7qvGoZ8qS3MhqhD_myCA-1697141959-0-Acaswm7BSA0gBM3Pm7g7D16Mwc+xF6G68GRWHzXBouJwktDp9X8hvGiEta/PW2enix0mPI8DBoutAZhs6UmJT3k=
bfsfcu.org/	1970-01-20 16:08:53	Name: monsido Value: 3D01697141960103
.bfsfcu.org/	1970-01-21 01:01:41	Name: _ga_6021JGW7YV Value: GS1.1.1697141960.1.0.1697141960.0.0.0
.bfsfcu.org/	1970-01-21 01:01:41	Name: _ga Value: GA1.1.929407674.1697141960
api.salemove.com/	1970-01-21 00:11:17	Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2OTcxNDE5NjAsInZpc2l0b3JfaWQiOiJhMzhjOWVmYi0wZWUxLTQ3NzEtOWRjNy02NTM1ODRmMjI3MmEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiIwMGU2YjdkNi0yNzNlLTRlMDUtODYzZi1kYjQxZTlmYjAzZDQifQ.o8tsXnOkJkUv-kQCfd1-XiDQ3vV7PcE_hnAi-eob7DUdCzq8Uqpgq58gwEnzAQslN_lux2mI-8wEeWH7JV3GsA
bfsfcu.org/	1970-01-21 00:11:17	Name: ssi--sessionId Value: 83254bad-2624-cd59-0e8e-55f0d2191f9b
bfsfcu.org/	1970-01-20 15:25:42	Name: ssi--lastInteraction Value: 1697141960863
.segmint.net/	1970-01-21 01:01:41	Name: SegmintId Value: 9fef5cc202fc46199d449e97a1c72d8f
.simpli.fi/	1970-01-21 00:12:44	Name: suid Value: 1BF710A20E804F03BD8E54BDA27F4477
.bfsfcu.org/	1970-01-21 00:11:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+12+2023+22%3A19%3A21+GMT%2B0200+(Central+European+Summer+Time)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=4e696f28-302c-4667-a7b4-7541c1de14af&interactionCount=0&landingPath=https%3A%2F%2Fbfsfcu.org%2Fborrow%2Fmortgage-refinance.html&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.simpli.fi/	1970-01-20 15:35:46	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-20 16:52:05	Name: TapAd_TS Value: 1697141962023
.tapad.com/	1970-01-20 16:52:05	Name: TapAd_DID Value: a3283c37-e90f-4ce3-a0ba-d0709961142f
.pro-market.net/	1970-01-20 16:08:53	Name: anHistory Value: "-1padeuzhm370k+2+!#7%.%4!W}="
.tapad.com/	1970-01-20 16:52:05	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 00:11:17	Name: ab Value: 0001%3AkqFauYxRRQmkjkzqprpO97lOngi6PVMw
.doubleclick.net/	1970-01-21 00:47:17	Name: IDE Value: AHWqTUldPiv8r0cM8Bf2JElu7TxqF1mJ0eyGzY1f3Vvmx1tj8FkZBk2lER0rI9Yl
.adnxs.com/	1970-01-20 17:35:17	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C%wsyEbA!]tbPl1N!7OnM$=BWzxh1u`biI)/VdWJ.:cyChNdY`2Wfn5_Olx-iYll(ijgZE!/X%W#.wL4W1Qw1^%q!ie
.pro-market.net/	1970-01-20 19:44:53	Name: anProfile Value: "-1padeuzhm370k+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0005A00000000000000000008+s2=(s2fn4a)+vm=24-1BF710A20E804F03BD8E54BDA27F4477:53-CAESEOJEaWyrvHv7eqsNxpain-w"
.adnxs.com/	1970-01-20 17:35:17	Name: uuid2 Value: 2993148103092039088
.exelator.com/	1970-01-20 18:18:29	Name: EE Value: "0eca262627b88e2fe8aec8578ef1889b"
.agkn.com/	1970-01-21 00:11:17	Name: u Value: C\|0AAAAAAAALLsRSgAAAAAA
.bluekai.com/	1970-01-20 19:49:13	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEaYHMzh1WW01WDT1eHs1eBYHeCaBEHYHWW0B6R6Bezl9y97G9rq
.bluekai.com/	1970-01-20 19:49:13	Name: bku Value: blx991oDvsPE6tR5
.exelator.com/	1970-01-20 18:18:29	Name: ud Value: "eJxrXxzq6XKLQcEgNTnRyAwIzZMsLFKN0lItElOTLUzNLVLTDC0sLJMWl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYsNDc2X5Bdlpi9ycV1clJLGsKik%252BFTw0UnHALr7Kv0%253D"
.1rx.io/	1970-01-21 00:11:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003%22%7D
.bfmio.com/	1970-01-21 00:11:17	Name: __141_cid Value: 1BF710A20E804F03BD8E54BDA27F4477
.bfmio.com/	1970-01-21 00:11:17	Name: __io_cid Value: 5117642d6793f1407a73e7a0d2f755330804443a
.targeting.unrulymedia.com/	1970-01-21 00:11:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d149bdc9-73c4-495f-8cc5-ce418ccccd56-003%22%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1BF710A20E804F03BD8E54BDA27F4477 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acsbapp.com
api.glia.com
api.salemove.com
bcp.crwdcntrl.net
bfsfcu.org
cdn.acsbapp.com
cdn.cookielaw.org
cdn.monsido.com
cdn.segmint.net
cdn.sitesearch360.com
ce.lijit.com
client-logger.salemove.com
cm.g.doubleclick.net
connect.segmint.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insights.sitesearch360.com
js.sitesearch360.com
libs.salemove.com
loadm.exelator.com
maprtb.segmint.net
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tracking.monsido.com
um.simpli.fi
us-u.openx.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.248.245.213
13.32.121.118
142.250.184.194
142.250.185.226
185.89.210.20
2001:4860:4802:32::36
216.52.2.91
2600:1901:0:891c::
2600:1901:0:8eee::
2600:1f18:612b:4216:733d:a16f:95fc:a32a
2600:9000:206f:a600:17:4c3f:1b80:93a1
2600:9000:211e:d000:1b:5138:8a40:93a1
2600:9000:2156:9000:3:4b74:18c0:93a1
2600:9000:223f:bc00:0:99b9:cd80:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2606:4700:4400::ac40:9b77
2606:4700::6812:5d6
2606:4700::6812:83ec
2606:4700::6812:992
2a00:1450:4001:809::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2003
3.73.45.43
34.111.113.62
35.174.82.179
35.204.74.118
35.204.89.238
35.244.159.8
35.244.174.68
44.212.232.9
46.228.174.117
52.7.4.58
54.154.110.236
54.78.254.47
63.35.30.113
69.173.144.139
69.192.160.219
99.86.4.76
0105ae60cfa80e514f098d4cd4ba0ebbe9e41b1b06590937b36d2c6a28e7daff
05623ba7af61f1df722189b13a2fe4f1912f41aac2c9aad79b4150e4d99f6d3b
085fa63bd5ca5ec9e2fb93e761032cbb85a9f11c5f984842bb63230b539bbeab
0930f31d0c320d8f32fb06e0a630d9c53e4b4009a61d8f84b47a106b95d385bf
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d894c8c81f9db745b65a28b2f9ad342dae80227349a70bd58377badb2ec9eef
0ddd1ff3acf44fab1eb8ebd45bba822f60df331792c6169af2e2862c25f6c37d
100b259d8c98a545d6549b26126a934b9b915b3cd969f680fa7c59ecbad07b82
1239ac99e2e58c6bfa8c2357806a59aa126ecd2b63ca4eeb6da96317bbae1d62
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1528639b1a59ee15bd75e4bba459ee377f4fbd35976b54384275a730818a1c26
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
17dd560fed5a0713a3f47f70269fe1d3f9e1cdc3bc47fbcd114c6ebcb56d295f
17eb03f7c444dff6add84d7e25c80aa4feb84b517b571153b6e43dd5201a352f
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
24af796b288a55a61ca21df4a3d3553a4005db93b2f584e9c0a8ed66253c4fc5
2509abf3ecedeb1b5e011627799b6274ea7174be52c5d826e14049830d1955f0
283f0e573431955a6f8cce5be4326ad506f4aebe83d51413f7806c88576c7818
2d8b1a8785213054e3f78b388d4a23025d97a334a9b08a7729a6df6c0d5f1c50
2f087f3551240ae6a299e65c31385ee89e4f678ec91d7a1da5cab206562716f8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe44290fcc054bf6343c1e442cc786a781b8ba0f974794be581e59ec555916e
317b6128254428cf3573098c14fb28b9e796a2f481087202d1b33fa493fea1be
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3bc6b572c3369ccae9d89fb288570d20d0fd3ed04bc1bca12e051f8b822c52fa
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
495b4edc562beb183728fde5f108ef80672f29df38e5810463fb36aa52492eb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baf72376016569c612a37d851781a1cc448413e959752aee13c5d35b3ab2224
4cad7ab52009b268c60153b4ba6eafe8a3cb96e0dda94f2fb2a154ea541ae5c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53466d33c22fed1c75e7db59583e3bd7ce9e3049555079c6a94944c36ff88e3c
57be7bae935c8ce4881a2b969b4a356cf6aef1af61d2789afe7d4f3ba198734d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b895e006b5c8503b4c251b70fe26dfc222d0e996731d1d36e07a51ef30bcb8b
6c43646ef4e1906e12c8926307aba0f82b3b63c81794b7260ad7480b37424762
6e876f284b86914a81c67a946c3b25725853e6ebca9a05e5e461097573a3de37
6f747dde46295102936ccbf6a0da611f918a4460d67d2b9b6402878441ae666a
7869a2b9fbd6dabeec18ec031473e32c59f46447095f2ccd33cc279d7436b2eb
825cfeaf0ba6eb0de6cab02d60d0916ecd870d35d27bf4a87401830e6c7958a5
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8526f1a188d9f353fdb729f88822c633d751cb5cca86a553170512408b95224c
86d3cb4fc0c88f31b45a2191a1e66e10d770d8e2852aa91f499763b5123e6b5e
88f4bb9f935fb7b9bfa6201bc3124c684cf5e84c10d7127733638af240d59d67
88fae5bcae1dfef54892da00bf8fd02cacfbdc4b455ddac5aba552eb73e3ccf4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
89f0577619dea851af4f60004c19adf9ceec196a886a863d2c7671f1952b2537
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8e168d1e9e19c60b7c5dc0629a4560a05083aa6aee22c1c73a3acb947e3de22e
8eae978c34176e7da7f90bf0c0732de4529e9ae17b605f31ac8d2ef5c0f6cff5
8feed154e8d41d8152784da1e5dd18c418ba78b7ab9525cea39cf2387849c50a
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
913ab18d804421a6ef7db00534facb3477cc585e82c428c9e9060f91f1ec7bd7
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
935ff4222a0432936664e1f5fe4d644c84c10b1fd404db1c9137999736ea9af5
94f05e5688c912bb3be8cc561972d24153752f660a14f57c3eeaf28c3ca9d5bc
954c8100c6f791bf2a6f49e3fdf7b5ede106119d564e6b8d648520380ea1c9fb
987c75f13be17e2b024127e5e4390e450bac0500ec1f5cb656276217c605367d
9b912264dad19887901e0053da71c356695a8e3f0262343c22ff4bf662941d13
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19e35c238665b103fff54c0a89023a450c1d40f5cd58e01a7f5e5616d9aace7
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a91b51560c3cff3cbfa5fcbe8f66c783d28d89ff7ab39c5a2d32c4d0ddaf1901
acd5833f80b9382b20914f655765364662330b6b440284c21ebd360257a9ec46
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bef48289b200ebddaf2d7911190847594e4cebaa1a943e565a5e7d5638d482ff
c1a4883dd6c2a1911ff862184983cc9c95ea173cdcba7c73dc52ad1afd471436
c2d0ee134d9dd6226b03a5b867ffa92f336b3a4b655b6db24d385663c990a082
c49b367ab278582a790724f0548d3d8f3546459782b4af4687598328bd517509
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cb1716d6ddc1ffb2aa84bca299ebcff6c9685820595c9d24aad1c3d6647f8f29
cd59848705700c676f53c35e5ce30bb68308374bb70577911494b1efee6b176a
cda3f3adc9de686c2e60b3c01b66a1068db24142d69d47ef8800339282731dfa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d6531eef081889f1dec6c850c76534af9e6fbd3fc751fff0df0a89e835e3c4e5
d97014e8fc65a68f94014321701b3ff04e3728aa88baf950510e6ee69b4c3ebc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f2c34ad12852a599a1b08f708d432af59a258aad41116ba096d52a33b66e01
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ed6e66b6e95b95146d4c4bc04d2865c3e4d9269f3158c63699584528ce2f95c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f37a2b3b8ff20ea4f89b92dff427b9464e57496701a2879e9d945e4b3475aa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f88d470131a01a1964fee26367d043da81d0c33ca1211ca57f7c7ecef15729fe
fef142f83461f4b76699695213d63e48decc62b52c20e2b6fa19c5ad0321861a

bfsfcu.org Open in urlscan Pro 2606:4700::6812:5d6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

73 %HTTPS

48 %IPv6

36 Domains

49 Subdomains

37 IPs

5 Countries

2345 kBTransfer

6373 kBSize

30 Cookies

14 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bfsfcu.org Open in urlscan Pro
2606:4700::6812:5d6 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

73 %
HTTPS

48 %
IPv6

36
Domains

49
Subdomains

37
IPs

5
Countries

2345 kB
Transfer

6373 kB
Size

30
Cookies

148 HTTP transactions
3 data transactions