urlscan.io logo urlscan.io
SecurityTrails logo

my.pfm.us Open in urlscan Pro
66.36.26.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.pfm.us/forgot
Effective URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Submission: On June 27 via api from CZ — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 27 HTTP transactions. The main IP is 66.36.26.140, located in United States and belongs to AS17378, US. The main domain is my.pfm.us.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on December 18th 2023. Valid for: a year.
This is the only time my.pfm.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 29 66.36.26.140 17378 (AS17378)
27 1
Apex Domain
Subdomains		 Transfer
29 pfm.us
my.pfm.us
5 MB
27 1
Domain Requested by
29 my.pfm.us 2 redirects my.pfm.us
27 1

This site contains no links.

Subject Issuer Validity Valid
*.pfm.us
RapidSSL TLS RSA CA G1		 2023-12-18 -
2025-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Frame ID: 1730D761FB73D75643E4A302156F58E9
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

my.pfm.us

Page URL History Show full URLs

  1. https://my.pfm.us/forgot HTTP 302
    https://my.pfm.us/accounts/Reset HTTP 302
    https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false Page URL

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

5233 kB
Transfer

5220 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.pfm.us/forgot HTTP 302
    https://my.pfm.us/accounts/Reset HTTP 302
    https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authVerify
my.pfm.us/accounts/
Redirect Chain
  • https://my.pfm.us/forgot
  • https://my.pfm.us/accounts/Reset
  • https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
9a4a1cedee41c978a8774944b7660dd6af0f96df32effc997517ba18f0fbb23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Allow
GET, POST, OPTIONS
Cache-Control
no-store
Connection
keep-alive
Content-Length
3222
Content-Type
text/html;charset=UTF-8
Date
Thu, 27 Jun 2024 14:54:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=60
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Origin
*
Allow
GET, POST, OPTIONS
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 27 Jun 2024 14:54:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=60
Location
/accounts/authVerify?operation=reset&isGina=false
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
vendor.css
my.pfm.us/selfservice/assets/ 		0
481 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/vendor.css?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 08 Sep 2021 00:21:32 GMT
Server
nginx
ETag
W/"0-1631060492947"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
0
X-XSS-Protection
1; mode=block
selfservice.css
my.pfm.us/selfservice/assets/ 		724 KB
725 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
db6ad75846eacfed0b642c838917b542cd3eba8034411a70a8c5a0d17b140dda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"741632-1675133838324"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
741632
X-XSS-Protection
1; mode=block
app_overwrite.css
my.pfm.us/selfservice/assets/ 		53 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/app_overwrite.css?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
7ca96c882e05450dfbe8196c6d88481dceee3c45f327420e14e3466e70364179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"54755-1675133838355"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
54755
X-XSS-Protection
1; mode=block
customer-styles.css
my.pfm.us/styles/ 		75 B
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/styles/customer-styles.css?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
c437f079d04a23b9b657cb50f03ae76cc756e830f54a683b4a84dd7137045005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 08 Sep 2021 00:23:47 GMT
Server
nginx
ETag
W/"75-1631060627307"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
75
X-XSS-Protection
1; mode=block
vendor.js
my.pfm.us/selfservice/assets/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/vendor.js?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
5f3443c255d6d3708c356754ff87501608b241dec8c6503fcd419c2306636f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"1344974-1675133838340"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1344974
X-XSS-Protection
1; mode=block
selfservice.js
my.pfm.us/selfservice/assets/ 		845 KB
845 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/selfservice.js?buildNo=6216
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
25a35e11f8f5b78705d8b9d592eb2a8f2cb90c95d8a880535cd5cc92100aebd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"864935-1675133838355"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
864935
X-XSS-Protection
1; mode=block
security-core.js
my.pfm.us/adsf/js/common/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/security-core.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
3808747bd0248d39e1049658cf8ef1a9d280cca7c252f6a71ea82ff3705d7f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 08 Sep 2021 00:20:07 GMT
Server
nginx
ETag
W/"10102-1631060407088"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
10102
X-XSS-Protection
1; mode=block
security-url-validator.min.js
my.pfm.us/adsf/js/common/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/security-url-validator.min.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b54b984be293315de6023c490eb8deee91688945e4661947becec78708320a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 01 Nov 2022 18:21:39 GMT
Server
nginx
ETag
W/"4452-1667326899523"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
4452
X-XSS-Protection
1; mode=block
FormFields.js
my.pfm.us/adsf/js/common/components/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/components/FormFields.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
0c7d32282443f2d6375adba5502b1668ebe934712e51eeac647162813cc54d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"9415-1675133838449"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
9415
X-XSS-Protection
1; mode=block
JumpTo.js
my.pfm.us/adsf/js/common/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/JumpTo.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
def087be2c9773d432865acaf7c0c689fac3be294bfddd17dfe903fafa68f69e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"31771-1675133838449"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
31771
X-XSS-Protection
1; mode=block
CustomSSO.js
my.pfm.us/adsf/js/common/sso/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/sso/CustomSSO.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
317ad4b582bbb9cce02905060630e2c73af78031850714dc1dddaa66c0a28abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 01 Nov 2022 18:21:39 GMT
Server
nginx
ETag
W/"4898-1667326899538"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
4898
X-XSS-Protection
1; mode=block
WindowHandler.js
my.pfm.us/adsf/js/common/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/WindowHandler.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
05f421fc55f9a5485ded5ea41f4087dd638f96cc2615774ce5f0b30a83894146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 01 Nov 2022 18:21:39 GMT
Server
nginx
ETag
W/"3852-1667326899538"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
3852
X-XSS-Protection
1; mode=block
SingleSignOut.js
my.pfm.us/adsf/js/common/ssout/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/ssout/SingleSignOut.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
093d2bcc84c67a0af8571a5577b5d864445478db3bd1af0d7176ff0abb6291dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 01 Nov 2022 18:21:39 GMT
Server
nginx
ETag
W/"3018-1667326899523"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
3018
X-XSS-Protection
1; mode=block
AppsPane.js
my.pfm.us/adsf/js/common/appspane/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/adsf/js/common/appspane/AppsPane.js
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ffd64fa7703309f300216720f967df64fdb4441b87656111a800f2526308ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"45225-1675133838433"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
45225
X-XSS-Protection
1; mode=block
custom-color-theme.less
my.pfm.us/selfservice/assets/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/custom-color-theme.less
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/vendor.js?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
906b5d2040e22b4cfc95f7a3bca9254a611b1e233df2aee63b402f88e9513abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/less
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 08 Sep 2021 00:25:44 GMT
Server
nginx
ETag
W/"10071-1631060744651"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
10071
X-XSS-Protection
1; mode=block
getI18NKeys
my.pfm.us/ServletAPI/i18n/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/ServletAPI/i18n/getI18NKeys
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/vendor.js?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
182df195c58146f33439adb901ca10ec23b8d7154eb3f1d9efbfa21f48638cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Allow
GET, POST, OPTIONS
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getHeaderElements
my.pfm.us/ServletAPI/header/ 		641 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/ServletAPI/header/getHeaderElements
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/vendor.js?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
0f91fbd6744008d85b891b6b7defcfd02bedda7cacfdfec9a3551b2f0466494f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
641
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
favicon.ico
my.pfm.us/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
79a676756e27eff0674852c60982fef36ab417dcd2acd573defcfaf6d4b935a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:41 GMT
X-maint-flag
no
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sat, 02 Apr 2022 03:08:52 GMT
Server
nginx
ETag
"6247be44-8be"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
2238
X-XSS-Protection
1; mode=block
X-moved-flag
xyes
initApplication
my.pfm.us/ServletAPI/accounts/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/ServletAPI/accounts/initApplication
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/vendor.js?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
df379ebc4974813f63c4a50ddf8ee64662d0aaae896707598ed06067975121f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
3944
X-XSS-Protection
1; mode=block
customLogo.png
my.pfm.us/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.pfm.us/images/logos/customLogo.png?random=1719500081981
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
4dd12934eb1a7d4a0c28b446e9d2fb8693784eea87b5ee9de4f8aaef0dcd7e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 10 Nov 2022 23:43:15 GMT
Server
nginx
ETag
W/"2954-1668123795261"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
2954
X-XSS-Protection
1; mode=block
upload_ffef9def_3917_4bc7_8199_fd1fe668bb7a_00000000.tmp
my.pfm.us//images/logos/ 		132 KB
133 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us//images/logos/upload_ffef9def_3917_4bc7_8199_fd1fe668bb7a_00000000.tmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
d2d220ceafcaa931e57b33129cbab1c8d532a56a832226018266b5720175c56f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
ssp-sprite@2x.png
my.pfm.us/images/ 		697 KB
698 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.pfm.us/images/ssp-sprite@2x.png?buildNo=6215
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
736515634df53bdaaa9d8ac01b88d3fc2b463ac3ffb2ef9942620572f79d4031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 31 Jan 2023 02:57:18 GMT
Server
nginx
ETag
W/"714203-1675133838433"
X-Frame-Options
SAMEORIGIN
Allow
GET, POST, OPTIONS
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
714203
X-XSS-Protection
1; mode=block
Lato-Semibold.woff2
my.pfm.us/selfservice/assets/fonts/lato/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.woff2
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Origin
https://my.pfm.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
hip.jpg
my.pfm.us/static/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.pfm.us/static/hip.jpg?t=216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
6d3cd92b6042b2be1e25f66dc313537d2b9585c2bd405fdc658544cabc192c96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/accounts/authVerify?operation=reset&isGina=false
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Allow
GET, POST, OPTIONS
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Lato-Semibold.woff
my.pfm.us/selfservice/assets/fonts/lato/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.woff
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Origin
https://my.pfm.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
Lato-Semibold.ttf
my.pfm.us/selfservice/assets/fonts/lato/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.ttf
Requested by
Host: my.pfm.us
URL: https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.36.26.140 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://my.pfm.us/selfservice/assets/selfservice.css?buildNo=6216
Origin
https://my.pfm.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 14:54:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests function| createDeprecatedModule object| EmberENV function| $ function| jQuery object| Ember object| Em string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile boolean| mCustomScrollbar function| AudioCaptchaAudioManager function| AudioCaptchaAudio object| less function| JSEncrypt object| CryptoJS boolean| NO_EMBER_DEBUG undefined| codePointAt undefined| stringFromCharCode undefined| floor undefined| fromCodePoint function| FormFields object| showStatus object| parentAppName object| adsSecurityToken object| appspaneNavParams object| reverseProxyTag object| reverseProxyTagsSet object| jumpToObject function| showJumpToProductStatus function| JumpTo function| CustomSSO object| originHandler function| WindowHandler object| RequestConstants function| SingleSignOut function| AppsPane object| currentPane object| currentProductName object| sortableCache object| loadURL object| parenturl object| silentLoadParams boolean| isFullScreenEnabled boolean| isAppspaneOpen function| adsjQuery boolean| insideAppsPane object| audioContext

3 Cookies

Domain/Path Name / Value
my.pfm.us/ Name: adscsrf
Value: 973d2f3a-ecd9-4697-ab96-1cd2a90ffe0d
my.pfm.us/ Name: _zcsr_tmp
Value: 973d2f3a-ecd9-4697-ab96-1cd2a90ffe0d
my.pfm.us/ Name: JSESSIONIDADSSP
Value: E5615F8BEB0330D7A312A4E740F155CC

5 Console Messages

Source Level URL
Text
network error URL: https://my.pfm.us//images/logos/upload_ffef9def_3917_4bc7_8199_fd1fe668bb7a_00000000.tmp
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://my.pfm.us/selfservice/assets/selfservice.js?buildNo=6216(Line 288)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://my.pfm.us/selfservice/assets/fonts/lato/Lato-Semibold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my.pfm.us
66.36.26.140
05f421fc55f9a5485ded5ea41f4087dd638f96cc2615774ce5f0b30a83894146
093d2bcc84c67a0af8571a5577b5d864445478db3bd1af0d7176ff0abb6291dd
0c7d32282443f2d6375adba5502b1668ebe934712e51eeac647162813cc54d8b
0f91fbd6744008d85b891b6b7defcfd02bedda7cacfdfec9a3551b2f0466494f
182df195c58146f33439adb901ca10ec23b8d7154eb3f1d9efbfa21f48638cf7
25a35e11f8f5b78705d8b9d592eb2a8f2cb90c95d8a880535cd5cc92100aebd6
317ad4b582bbb9cce02905060630e2c73af78031850714dc1dddaa66c0a28abf
3808747bd0248d39e1049658cf8ef1a9d280cca7c252f6a71ea82ff3705d7f96
4dd12934eb1a7d4a0c28b446e9d2fb8693784eea87b5ee9de4f8aaef0dcd7e1c
5f3443c255d6d3708c356754ff87501608b241dec8c6503fcd419c2306636f3c
6d3cd92b6042b2be1e25f66dc313537d2b9585c2bd405fdc658544cabc192c96
736515634df53bdaaa9d8ac01b88d3fc2b463ac3ffb2ef9942620572f79d4031
79a676756e27eff0674852c60982fef36ab417dcd2acd573defcfaf6d4b935a9
7ca96c882e05450dfbe8196c6d88481dceee3c45f327420e14e3466e70364179
906b5d2040e22b4cfc95f7a3bca9254a611b1e233df2aee63b402f88e9513abc
9a4a1cedee41c978a8774944b7660dd6af0f96df32effc997517ba18f0fbb23a
a5ffd64fa7703309f300216720f967df64fdb4441b87656111a800f2526308ca
c0b54b984be293315de6023c490eb8deee91688945e4661947becec78708320a
c437f079d04a23b9b657cb50f03ae76cc756e830f54a683b4a84dd7137045005
d2d220ceafcaa931e57b33129cbab1c8d532a56a832226018266b5720175c56f
db6ad75846eacfed0b642c838917b542cd3eba8034411a70a8c5a0d17b140dda
def087be2c9773d432865acaf7c0c689fac3be294bfddd17dfe903fafa68f69e
df379ebc4974813f63c4a50ddf8ee64662d0aaae896707598ed06067975121f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855