www.blueoxcu.org Open in urlscan Pro
74.204.78.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.blueoxcu.org/
Effective URL:
https://www.blueoxcu.org/
Submission: On December 11 via api (December 11th 2024, 11:00:53 pm UTC) from US — Scanned from US

Summary HTTP 136 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 48 IPs in 2 countries across 46 domains to perform 136 HTTP transactions. The main IP is 74.204.78.22, located in Grand Rapids, United States and belongs to SECURE-24-AS, US. The main domain is www.blueoxcu.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 11th 2024. Valid for: a year.

This is the only time www.blueoxcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	74.204.78.22 74.204.78.22	46746 (SECURE-24-AS) (SECURE-24-AS)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
3	2600:9000:230... 2600:9000:2305:9a00:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
6	35.245.15.98 35.245.15.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.251.179.103 142.251.179.103	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.203.75.253 52.203.75.253	14618 (AMAZON-AES) (AMAZON-AES)
1	63.150.21.23 63.150.21.23	19031 (WESCO) (WESCO)
2	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20 27	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:f13b:83e0:4d64:f0d7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	13.249.39.110 13.249.39.110	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:26c... 2600:9000:26c1:d600:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:207... 2600:9000:2073:aa00:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	63.251.28.230 63.251.28.230	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	216.22.16.72 216.22.16.72	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2001:4998:60:... 2001:4998:60:807::1	14196 (YAHOO-CHA) (YAHOO-CHA)
1	3.219.153.34 3.219.153.34	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.228.175.96 34.228.175.96	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.194.79.112 34.194.79.112	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	142.251.179.156 142.251.179.156	15169 (GOOGLE) (GOOGLE)
1 2	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::ac40:983b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
6	34.168.224.78 34.168.224.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:25d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.162.125.100 3.162.125.100	16509 (AMAZON-02) (AMAZON-02)
1	172.253.122.97 172.253.122.97	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.167.138 142.251.167.138	15169 (GOOGLE) (GOOGLE)
136	48

52 74.204.78.22 (Grand Rapids, United States)

ASN46746 (SECURE-24-AS, US)
PTR: customer-74-204-78-22.host.ussignalcom.net

www.blueoxcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2305:9a00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.245.15.98 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.15.245.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.203.75.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-75-253.compute-1.amazonaws.com

sharpenchat.iz1.sharpen.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-current.iz1.sharpen.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.150.21.23 (Harrisburg, United States)

ASN19031 (WESCO, US)
PTR: itsme247.com

beta.itsme247.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 35.194.66.159 (Washington, United States) 20 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:f13b:83e0:4d64:f0d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-110.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26c1:d600:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2073:aa00:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.230 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.72 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:60:807::1 (United States) 1 redirects

ASN14196 (YAHOO-CHA, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.153.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-153-34.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.228.175.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-175-96.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.79.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-79-112.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.156 (Farmingdale, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.156 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:983b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fonticons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com

ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fault.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:25d3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.125.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-100.iad61.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	blueoxcu.org www.blueoxcu.org	2 MB
33	simpli.fi 20 redirects tag.simpli.fi — Cisco Umbrella Rank: 5206 i.simpli.fi — Cisco Umbrella Rank: 4244 um.simpli.fi — Cisco Umbrella Rank: 878	22 KB
9	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 16426 ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com fault.rlets.com — Cisco Umbrella Rank: 289671	92 KB
6	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 284 td.doubleclick.net — Cisco Umbrella Rank: 182	4 KB
5	sharpen.cx sharpenchat.iz1.sharpen.cx — Cisco Umbrella Rank: 774212 api-current.iz1.sharpen.cx — Cisco Umbrella Rank: 864416	202 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	384 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 466 fonts.googleapis.com — Cisco Umbrella Rank: 29	198 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	245 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 19383	590 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 525	506 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333	898 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 476	831 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 973	895 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	836 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	531 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2185	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1526	887 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2363	901 B
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1052	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 550 d.agkn.com — Cisco Umbrella Rank: 758	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 429	970 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4811 forms.hscollectedforms.net — Cisco Umbrella Rank: 4960	26 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	26 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4839	916 B
1	fortawesome.com use.fortawesome.com — Cisco Umbrella Rank: 26939	113 KB
1	fonticons.com use.fonticons.com — Cisco Umbrella Rank: 176778	4 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	1 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 96	23 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 805	633 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1532	421 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 619	654 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 886	551 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784	175 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 513	99 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	itsme247.com beta.itsme247.com — Cisco Umbrella Rank: 691733
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370	17 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
0	bluekai.com Failed stags.bluekai.com Failed
0	smaato.net Failed s.ad.smaato.net Failed
136	46

	Domain	Requested by
52	www.blueoxcu.org	www.blueoxcu.org
27	um.simpli.fi	20 redirects www.blueoxcu.org cdn.rlets.com
5	ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com	cdn.rlets.com
5	tag.simpli.fi	www.blueoxcu.org cdn.rlets.com
5	www.googletagmanager.com	www.blueoxcu.org www.googletagmanager.com cdn.rlets.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	sharpenchat.iz1.sharpen.cx	www.blueoxcu.org sharpenchat.iz1.sharpen.cx
4	www.google.com	www.blueoxcu.org www.googletagmanager.com
4	maps.googleapis.com	www.blueoxcu.org maps.googleapis.com
3	cm.g.doubleclick.net	3 redirects
3	cdn.rlets.com	www.blueoxcu.org cdn.rlets.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	us-u.openx.net	1 redirects www.blueoxcu.org
2	ib.adnxs.com	1 redirects www.blueoxcu.org
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	px.ads.linkedin.com	1 redirects www.blueoxcu.org
2	idsync.rlcdn.com	2 redirects
2	ce.lijit.com	1 redirects www.blueoxcu.org
2	bcp.crwdcntrl.net	1 redirects www.blueoxcu.org
2	ups.analytics.yahoo.com	1 redirects www.blueoxcu.org
2	loadm.exelator.com	1 redirects www.blueoxcu.org
2	sync.smartadserver.com	1 redirects www.blueoxcu.org
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	1 redirects www.blueoxcu.org
2	pixel.tapad.com	1 redirects www.blueoxcu.org
2	eb2.3lift.com	1 redirects www.blueoxcu.org
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	www.blueoxcu.org sharpenchat.iz1.sharpen.cx
1	td.doubleclick.net	www.googletagmanager.com
1	fault.rlets.com	www.blueoxcu.org
1	forms.hsforms.com	www.blueoxcu.org
1	use.fortawesome.com	use.fonticons.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api-current.iz1.sharpen.cx	sharpenchat.iz1.sharpen.cx
1	use.fonticons.com	sharpenchat.iz1.sharpen.cx
1	pixel.rubiconproject.com	www.blueoxcu.org
1	www.googleadservices.com	1 redirects
1	pippio.com	1 redirects
1	sync.bfmio.com	www.blueoxcu.org
1	ads.stickyadstv.com	www.blueoxcu.org
1	image2.pubmatic.com	www.blueoxcu.org
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	www.blueoxcu.org
1	sync.1rx.io	www.blueoxcu.org
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	i.simpli.fi	tag.simpli.fi
1	www.gstatic.com	www.google.com
1	beta.itsme247.com	www.blueoxcu.org
1	js.hs-scripts.com	www.blueoxcu.org
1	fonts.googleapis.com	www.blueoxcu.org
1	stackpath.bootstrapcdn.com	www.blueoxcu.org
1	code.jquery.com	www.blueoxcu.org
0	stags.bluekai.com Failed	www.blueoxcu.org
0	s.ad.smaato.net Failed	www.blueoxcu.org
136	57

This site contains links to these domains. Also see Links.

Domain
forms.joinmycu.com
loans.itsme247.com
obc.itsme247.com
portal.hud.gov
www.ncua.gov

Subject Issuer	Validity	Valid
www.blueoxcu.org Sectigo RSA Domain Validation Secure Server CA	`2024-11-11` - `2025-11-12`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.rlets.com Amazon RSA 2048 M02	`2024-09-29` - `2025-10-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-13` - `2025-12-14`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
hs-scripts.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.iz1.sharpen.cx Gandi RSA Domain Validation Secure Server CA 3	`2024-05-15` - `2025-05-28`	a year	crt.sh
*.itsme247.com Go Daddy Secure Certificate Authority - G2	`2023-12-16` - `2025-01-16`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
hs-analytics.net WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
hs-banner.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
hscollectedforms.net WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
fonticons.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
captureapi.localiq.com R11	`2024-12-11` - `2025-03-11`	3 months	crt.sh
fortawesome.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
hsforms.com WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
*.reachlocalservices.com Amazon RSA 2048 M02	`2024-10-03` - `2025-11-01`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.blueoxcu.org/
Frame ID: 7CA4E4851FADE5B800452059A06F0928
Requests: 126 HTTP requests in this frame

Frame: https://beta.itsme247.com/169/authentication/username
Frame ID: 9915B6E7613B6E4150828FD432E2186E
Requests: 1 HTTP requests in this frame

Frame: https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html
Frame ID: 0F9FB7ADF462D30A672E81F5972CB8FC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: B13BA0FE5F683B286D029B86A6046264
Requests: 2 HTTP requests in this frame

Frame: https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html
Frame ID: 350EED0068EF2B43C83BEE2299A1FC95
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10879647916?random=1733958047907&cv=11&fst=1733958047907&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.blueoxcu.org%2F&hn=www.googleadservices.com&frm=0&tiba=BlueOx%20Credit%20Union&npa=0&pscdl=noapi&auid=2098935712.1733958048&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E3D90E046E4B662C4959DF6B78B467B3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.blueoxcu.org
Frame ID: 7EF92AB0A21832A8E86605986C4D5FE2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 35DED119466BF94C91626CCA2F304540
Requests: 1 HTTP requests in this frame

Frame: https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html
Frame ID: D1EF846A5BA3E8B14C2BDDC110F36890
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BlueOx Credit Union

Page URL History Show full URLs

http://www.blueoxcu.org/ HTTP 307
https://www.blueoxcu.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

136
Requests

84 %
HTTPS

38 %
IPv6

46
Domains

57
Subdomains

48
IPs

2
Countries

3162 kB
Transfer

5909 kB
Size

77
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://forms.joinmycu.com/mop/169/mop3/promotional
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://loans.itsme247.com/169/Home/Start/
Title: Apply for a Loan

Search URL Search Domain Scan URL

URL: https://obc.itsme247.com/169/
Title: Online Banking Login

Search URL Search Domain Scan URL

URL: https://portal.hud.gov/hudportal/documents/huddoc?id=DOC_7802.pdf

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/support-services/share-insurance-fund

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.blueoxcu.org/ HTTP 307
https://www.blueoxcu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=FAC737BA10EC451CA93542DBD521E946

Request Chain 75

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/FAC737BA10EC451CA93542DBD521E946

Request Chain 76

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 77

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=FAC737BA10EC451CA93542DBD521E946

Request Chain 78

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946

Request Chain 79

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://d.agkn.com/pixel/10751/?che=1733958047024&ip=38.132.118.69&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214520605093332323574 HTTP 302
https://um.simpli.fi/aa_px?sk=214520605093332323574 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 80

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946&ckls=true&ci=WCYCVL9yIW&nc=false&trid=-1972037894

Request Chain 81

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FAC737BA10EC451CA93542DBD521E946

Request Chain 82

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=FAC737BA10EC451CA93542DBD521E946

Request Chain 83

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=FAC737BA10EC451CA93542DBD521E946;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=FAC737BA10EC451CA93542DBD521E946;mimetype=img;sr HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

Request Chain 84

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0&xl8blockcheck=1

Request Chain 85

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946&verify=true

Request Chain 86

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=FAC737BA10EC451CA93542DBD521E946

Request Chain 87

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=FAC737BA10EC451CA93542DBD521E946

Request Chain 88

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946

Request Chain 89

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946&dnr=1

Request Chain 90

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=FAC737BA10EC451CA93542DBD521E946 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRkFDNzM3QkExMEVDNDUxQ0E5MzU0MkRCRDUyMUU5NDYQABoNCJ-z6LoGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416&expected_cookie=ebcaa547-639b-4805-96e8-54ebc7c89cb1

Request Chain 91

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733958046598&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIyLK-i-mgigMV-EtHAR0Q6Qr0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5ibHVlb3hjdS5vcmcv HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIyLK-i-mgigMV-EtHAR0Q6Qr0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5ibHVlb3hjdS5vcmcv&is_vtc=1&cid=CAQSGwCa7L7dpSqkXrT1rmRIyiqZ9nvuSmu7p9Tp0g&random=3984442374

Request Chain 93

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=FAC737BA10EC451CA93542DBD521E946 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DFAC737BA10EC451CA93542DBD521E946

Request Chain 94

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FAC737BA10EC451CA93542DBD521E946&expires=365

Request Chain 95

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946&cc=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEPVPPfveIkTjEBfSU8T8yaQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAC737BA10EC451CA93542DBD521E946 HTTP 302
https://um.simpli.fi/g_match?id=

136 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.blueoxcu.org/
Redirect Chain

http://www.blueoxcu.org/
https://www.blueoxcu.org/

56 KB
14 KB

736ms
358ms

Document
text/html

74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),

Reverse DNS

customer-74-204-78-22.host.ussignalcom.net

Software

CUSG_Web /

Resource Hash

9b26d65d19399f4540f43021c3cc38eca51395059973ce549b85617ef50c1bc6

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 13756
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 23:00:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: autoplay=(self), document-domain=*, fullscreen=*, geolocation=(self), microphone=(self)
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: CUSG_Web
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.blueoxcu.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 107ms
32ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15851"
age: 1409987
x-cache: HIT, HIT
date: Wed, 11 Dec 2024 23:00:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 46, 55019
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21965-LGA, cache-mia-kmia1760082-MIA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1733958046.791176,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30638
server: nginx

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 86ms
42ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-520c"
age: 83337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQW4z2r5BNuo0BBCJo%2BFgiLf%2F%2F91Qt78W62pkQLzt6wbcbhDIaVSlIj68eIZ7GMAkFf2L9dndJAOHMPImsrPrRfCjtjOhtHyQ4RDJd7Sv3CaV4qdva5LzyJ08%2Fq%2BZqRyn%2F2P1ZkR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 23:00:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 23:00:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0917b9fecb7454-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6646
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
17 KB 131ms
48ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
age: 35090
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:49:09
cdn-requestpullcode: 200
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7831376b08b852e0224b1b7f5f27d42c
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f0917ba3ba27436-MIA
access-control-allow-origin: *
cdn-edgestorageid: 975
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jqueriness.js Show response
www.blueoxcu.org/templates/blueox_2019/js/ 4 KB
1 KB 237ms
226ms Script
application/javascript 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/blueox_2019/js/jqueriness.js
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 45dbb33b996ac591357f7ce8e5c26c56ee6a29f9a07aebf8e1e3f664ba86e725

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "eaf-59830ccd85b68-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 1052
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 25 Nov 2019 19:30:46 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/javascript

GET
H2 200 universal_template.css
www.blueoxcu.org/admin/css/ 2 KB
766 B 123ms
112ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/admin/css/universal_template.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 54b94cc73d9d2d16dce491e990f52b642c583007b24cfb372f93e37e0e348057

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "6f7-60f89c4684947-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 610
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 22 Jan 2024 14:37:20 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 248 KB
84 KB 227ms
82ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDNnLqqlvFVicPs-6hZiiohT0pN4XGVUbw&callback=initMap

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

84c20badf64873220f99a4c4913d527bc4ec20a6ce3b1a52e68b31f7eab931a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 16f1bc23
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85371
date: Wed, 11 Dec 2024 23:00:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 new_loc.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 4 KB
2 KB 126ms
116ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/new_loc.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: bf09fb8ef8f8928281e212416feb4829aec212ae8d1211f838693571ea5df863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "1154-626acee160ac2-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 1479
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Tue, 12 Nov 2024 01:13:50 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 gallery.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 1 KB
527 B 128ms
118ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/gallery.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 42344ad1563220f6bf6291922c034e5e6730af24a707d35331e7105e47c0aa02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "4de-5f80b654a7769-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 388
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Wed, 29 Mar 2023 15:11:51 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 default_form.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 1 KB
664 B 126ms
117ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/default_form.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: ec257f0a20130831eed9009de1a02abf48f0e7e9473df14d1e7feae19c2a3731

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "4c7-5f7b625470d38-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 525
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Sat, 25 Mar 2023 09:29:25 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 default_form_side.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 1 KB
712 B 127ms
117ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/default_form_side.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 3822246d7282851a6fd48d2835b9935d156268b63aa301a082d58bb7577e5017

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "55b-5f7b6253e81bc-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 573
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Sat, 25 Mar 2023 09:29:24 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 default_table.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 394 B
383 B 124ms
115ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/default_table.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: a8f4b8045c283f81fadbfec952e2543b05a6ba1833031b115798d8462ab5a8ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "18a-57fbe17e5ddfd-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 244
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Fri, 18 Jan 2019 16:35:05 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 jquery.cookie.js Show response
www.blueoxcu.org/templates/COMMON_JS/ 1 KB
949 B 125ms
118ms Script
application/javascript 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/jquery.cookie.js
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: cd0fbfcf9f0ad89eaede388cfea68c9658006d6a0aa724901ac73766d5cb37f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "598-5f7cee57f1169-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 793
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Sun, 26 Mar 2023 15:01:09 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/javascript

GET
H2 200 8594bfd862b681be5c39f5f.js Show response
cdn.rlets.com/capture_configs/ce3/afe/e79/ 221 KB
46 KB 326ms
87ms Script
text/javascript 2600:9000:2305:9a00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2305:9a00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

532fe0339825d72d2599e4919b8d60943f57b53b49e59d699da080ac0f110d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: 2de5bc821e0c13606022230e0da32736
content-encoding: br
etag: W/"532fe0339825d72d2599e4919b8d6094"
age: 29107
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6Fp5dnJrayU3mC5jawzbanfvPsprZCttAf8FA5N3ANn7VcNeUwr4KQ==
date: Wed, 11 Dec 2024 14:55:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.083850
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD89-P2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 233ms
89ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y91YZ680BR

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ffdfa5b2cc494af81486e662d95f8cce3226248884a0124b24c3eb7ec3b11a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 11 Dec 2024 23:00:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104583
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 698d8aab-a05a-414a-82d3-e77ac61328c0 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 212ms
56ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/698d8aab-a05a-414a-82d3-e77ac61328c0
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 64ab43a343addbc62bd188aacee4f67b14750d0a81ed25abcf8ea6d85691dcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: GBBBqAimX55s_D1iYD8E
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 1335f826-c3ce-4ade-bf72-5a61541b63f9 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 258ms
103ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/1335f826-c3ce-4ade-bf72-5a61541b63f9
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 454fed5045a6bddb5617feb6bf3f5ceba1474fdf67076110f8102ae48d38f9ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: GBBBqAivF9osMDSfwt3E
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 b30f474c-613c-46ad-965e-60f18f4f2801 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 211ms
56ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/b30f474c-613c-46ad-965e-60f18f4f2801
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: f711ef12c779f46cf982dc6b2b5eb48141e771b6f63f19d92c5b8c8127ac9571

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: GBBBqAiioQoCDTsI5jHI
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 e7510ef1-d792-422f-9de3-e9910c8b7cec Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 210ms
55ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/e7510ef1-d792-422f-9de3-e9910c8b7cec
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: a64dc9e3b991a52df4b3aaddbc60dfd701142354989d7a251bb2e7aef5078bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: GBBBqAitlHuRQPu5B1aG
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 all.min.css
www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/ 170 KB
33 KB 128ms
121ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/all.min.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "2a8fd-5bd35720d844c-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 33544
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Wed, 10 Mar 2021 21:35:27 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 frontend.js Show response
www.blueoxcu.org/admin/js/ 2 KB
692 B 126ms
119ms Script
application/javascript 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/admin/js/frontend.js
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 221a4070b8203bf0b2a7d759fbfe4cdcb2465bda1cd106c72d35b4bf6f763a1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "78a-62478ae1eacc0-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 554
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Tue, 15 Oct 2024 00:03:16 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/javascript

GET
H2 200 uniValidate.js Show response
www.blueoxcu.org/form_system/js/ 2 KB
913 B 237ms
114ms Script
application/javascript 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/form_system/js/uniValidate.js
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: f636dc003b7e4d9489d5dc15d259bbf55941783ba225a51d0d8781540718026a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "846-58cde80050ff0-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 774
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Thu, 04 Jul 2019 17:42:21 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/javascript

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 196ms
71ms Script
text/javascript 142.251.179.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f103.1e100.net

Software

ESF /

Resource Hash

b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 23:00:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 11 Dec 2024 23:00:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 192ms
73ms Stylesheet
text/css 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d25435b6877389e8273be8cd67b1c351aede0b990d76fbb4f375724707fe7d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 23:00:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 11 Dec 2024 22:55:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.css
www.blueoxcu.org/templates/blueox_2019/css/ 19 KB
5 KB 233ms
115ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/blueox_2019/css/style.css?version=25Aug2023
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 855f8954dd045766f4593ccc8a7b8c03d3b530b1d8f95720925f55bc438247dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "4a2f-61ba7f1799291-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 5260
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 24 Jun 2024 19:39:45 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 responsive.css
www.blueoxcu.org/templates/blueox_2019/css/ 5 KB
2 KB 234ms
113ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/blueox_2019/css/responsive.css?version=8Nov2023
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 3283562d878e1cf90864ac074a7ae394ce6f3d62150d7bb6bc79caaf2dd48602

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "1274-61ba7f17c1326-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 1425
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 24 Jun 2024 19:39:45 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 styles_2024.css
www.blueoxcu.org/templates/blueox_2019/css/ 2 KB
657 B 235ms
114ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/blueox_2019/css/styles_2024.css?version=24June2024
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 0ec450deb233c7e954954f2a939a51bb70be6004f4f5aebac0e731c9a330892d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "61e-61ba815e9e526-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 518
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Mon, 24 Jun 2024 19:49:56 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H2 200 19990341.js Show response
js.hs-scripts.com/ 2 KB
1 KB 240ms
111ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/19990341.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d10188386735192dc99030e6c5b105d479ecece7cf35b5704f01df7d5b55f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 23:02:16 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
x-hubspot-correlation-id: b5eb54fe-b005-429f-b1fe-304ac79804ef
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Wed, 11 Dec 2024 22:59:59 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8f0917be5fc2743c-MIA
accept-ranges: bytes
access-control-allow-origin: https://www.blueoxcu.org
content-length: 608
server: cloudflare

GET
H2 200 tagline_logo2.png
www.blueoxcu.org/templates/blueox_2019/images/ 17 KB
17 KB 235ms
115ms Image
image/png 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/templates/blueox_2019/images/tagline_logo2.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 5b03b2a4b0640b7ff933ad2da5b55e27d7105ca198b7c66555f276600082d63b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "4458-61a25b3f27b98-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 17452
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Wed, 05 Jun 2024 14:51:35 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/png

GET
H2 200 online-banking-label.png
www.blueoxcu.org/templates/blueox_2019/images/ 2 KB
2 KB 237ms
116ms Image
image/png 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/templates/blueox_2019/images/online-banking-label.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: fb594cb573e0069f41c995826db8632f614a20e1ae428455462dd2e80c586447

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "8e3-591d18b682d9d-gzip"
expires: Wed, 18 Dec 2024 23:00:45 GMT
accept-ranges: bytes
content-length: 2248
date: Wed, 11 Dec 2024 23:00:45 GMT
last-modified: Thu, 05 Sep 2019 17:20:56 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/png

GET
H2 200 Untitled_design_-_2024-11-05T120258_989.791.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 259 KB
255 KB 122ms
121ms Image
image/jpeg 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Untitled_design_-_2024-11-05T120258_989.791.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 97ea1d5a3893e1a7aa8676a2230b0e98852a2f7e3591b7c1180730f5aa87de4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "40c2c-626303df3b45c-gzip"
expires: Wed, 18 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 05 Nov 2024 20:28:19 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/jpeg

GET
H2 200 HELOC_Promo_-_DesktopTablet_977.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 36 KB
37 KB 120ms
120ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/HELOC_Promo_-_DesktopTablet_977.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 2fa3868e60d61db1469082119c8b4d08ee6814d94dfdd883b8e861e50f25cc3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "90c2-6236b7588485f-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 37086
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 01 Oct 2024 14:51:40 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Skip_a_Pay_2021_home-banner_565.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 106 KB
107 KB 212ms
211ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Skip_a_Pay_2021_home-banner_565.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 00008d1723f959a8a87b121c50719fa934aaa0a408e60e59958451d3d0135644

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "1a8ac-60b34d02548c4-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 28 Nov 2023 11:35:18 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 BO-Special-Add-On-CD--tablet-banner-new_895.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 36 KB
37 KB 125ms
112ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/BO-Special-Add-On-CD--tablet-banner-new_895.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 6692b34781e943a71d1a244593e39bae7bac4b162be5c5fd99797d9f400fc12b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9064-6114470cde136-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 36992
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 13 Feb 2024 14:45:08 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 DesktopTablet_973.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 39 KB
40 KB 127ms
114ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/DesktopTablet_973.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: a1347ad94882bc0f734e42cbe2ecb1d5333678b5a2390e219cf741f3308f1f64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9dd6-621653d84e830-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 40434
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Thu, 05 Sep 2024 20:36:07 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 eXclusive-_Saviongs_tablet-banner-new_951.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 37 KB
37 KB 230ms
217ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/eXclusive-_Saviongs_tablet-banner-new_951.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: d5d30bd954d6119dbd1a95d4b630a8a7ab13816563f084877ffa252068fe6bbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9326-61305e905e974-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 37698
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Wed, 06 Mar 2024 22:59:25 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Untitled_design_-_2024-11-05T120258_991.791.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 259 KB
255 KB 231ms
219ms Image
image/jpeg 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Untitled_design_-_2024-11-05T120258_991.791.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 97ea1d5a3893e1a7aa8676a2230b0e98852a2f7e3591b7c1180730f5aa87de4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "40c2c-6263043763633-gzip"
expires: Wed, 18 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 05 Nov 2024 20:29:52 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/jpeg

GET
H2 200 HELOC_Promo_-_DesktopTablet_979.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 36 KB
37 KB 231ms
219ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/HELOC_Promo_-_DesktopTablet_979.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 2fa3868e60d61db1469082119c8b4d08ee6814d94dfdd883b8e861e50f25cc3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "90c2-6236b7a1df91f-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 37086
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 01 Oct 2024 14:52:57 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Skip_a_Pay_2021_tablet-banner_567.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 107 KB
108 KB 228ms
218ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Skip_a_Pay_2021_tablet-banner_567.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 4c37cb1c3bb29f0920d1605ec10f3f590b87c623950f5d4cf26a9af06d7e95e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "1ade4-60b34d026f673-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 28 Nov 2023 11:35:18 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 BO-Special-Add-On-CD--tablet-banner-new_899.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 36 KB
37 KB 226ms
216ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/BO-Special-Add-On-CD--tablet-banner-new_899.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 6692b34781e943a71d1a244593e39bae7bac4b162be5c5fd99797d9f400fc12b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9064-611447a592d95-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 36992
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 13 Feb 2024 14:47:48 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 DesktopTablet_975.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 39 KB
40 KB 228ms
218ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/DesktopTablet_975.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: a1347ad94882bc0f734e42cbe2ecb1d5333678b5a2390e219cf741f3308f1f64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9dd6-621654a552e5d-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 40434
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Thu, 05 Sep 2024 20:39:42 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 eXclusive-_Saviongs_tablet-banner-new_955.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 37 KB
37 KB 414ms
188ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/eXclusive-_Saviongs_tablet-banner-new_955.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: d5d30bd954d6119dbd1a95d4b630a8a7ab13816563f084877ffa252068fe6bbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "9326-61305f7b5c4d8-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 37698
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Wed, 06 Mar 2024 23:03:31 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Skip_a_Pay_2021_home-banner-mobile_569.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 78 KB
79 KB 448ms
219ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Skip_a_Pay_2021_home-banner-mobile_569.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 37d01f858184927bebd78c462daec782121d811414931bec53362ff60cd4ec9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "13822-60b34d02836c5-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 28 Nov 2023 11:35:18 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 HELOC_Promo_-_Mobile_App_981.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 40 KB
41 KB 449ms
215ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/HELOC_Promo_-_Mobile_App_981.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: bbf197e1132b49b12d7463ad30ede562d3b32941d8ab34287e2110dfb9ae3ef0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "a1e6-6236b7ead414d-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 41474
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 01 Oct 2024 14:54:14 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 BO-Special-Add-On-CD--home-banner-mobile_897.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 35 KB
36 KB 564ms
224ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/BO-Special-Add-On-CD--home-banner-mobile_897.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: ee82f49971e0b2264359a500f9669e5d500a47da0163a70b892737f6efb1427f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "8d32-61144780e5300-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 36174
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 13 Feb 2024 14:47:09 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Mobile-BlueOx-Early-Direct-Deposit_513.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 36 KB
36 KB 779ms
213ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Mobile-BlueOx-Early-Direct-Deposit_513.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 24999196ab0c829cba7924f444438f6a36969bf237c46e38ae160a8f7195444c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "8f9c-60b34cff305a9-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 36792
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 28 Nov 2023 11:35:15 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 eXclusive-_Saviongs_home-banner-mobile_953.jpg
www.blueoxcu.org/files/blueoxcu19/1/banners/ 32 KB
33 KB 779ms
121ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/eXclusive-_Saviongs_home-banner-mobile_953.jpg
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 7bd527cd51375e0dd7bc1abda25fa67c1a5e6539ae689005f71fddbfb1c9ef6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "812a-61305f1edae6d-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 33094
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Wed, 06 Mar 2024 23:01:54 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 exclusivechecking5_855.webp
www.blueoxcu.org/files/blueoxcu19/1/banners/ 4 KB
4 KB 788ms
118ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/exclusivechecking5_855.webp
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 5bdad9ddda8386edc24d7baeb08148f9a8db2a20eac3d34bac731bbe6ada8b8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "e78-6044b52b980b0-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 3727
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Fri, 01 Sep 2023 12:30:17 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 youthcertrate299_857.webp
www.blueoxcu.org/files/blueoxcu19/1/banners/ 4 KB
4 KB 1008ms
224ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/youthcertrate299_857.webp
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: b125d7a87314ae31deb78de23cf7606c1c82197f5dd5bfccfa9d7bd0fafa5ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "10a6-601dc4ffb84b4-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 4285
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 01 Aug 2023 13:13:26 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 11-month_CD_rate_1_971.webp
www.blueoxcu.org/files/blueoxcu19/1/banners/ 3 KB
3 KB 1007ms
224ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/11-month_CD_rate_1_971.webp
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: adb71caee2ee8d176241110644df6e28cd70caffb00ad1eb93047c035cc7a300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "ce8-6201e3664f90a-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 3327
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 20 Aug 2024 14:26:33 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 facebook_123.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 1 KB
1 KB 1235ms
113ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/facebook_123.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: fbca955bb0cf1a4fdfbd6bed435844db290bd2195de22431289cefb399e39e78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "474-60b34cf800feb-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1163
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:07 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 twitter_125.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 1 KB
2 KB 1116ms
214ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/twitter_125.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 5ed9f083c4dfc2d4445fff7c35a638c534a1cf46196b56475d24c4ac627d1028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "5e4-60b34cf88262e-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1531
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:08 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Instagram_124.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 1 KB
1 KB 1121ms
116ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Instagram_124.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 9e11e19b7de7258c73f7b931c7c2fa280897201d672dc34587585716bea5379e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "532-60b34cf0b06dd-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1353
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:00 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 youtube_126.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 2 KB
2 KB 1124ms
115ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/youtube_126.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 6f96cd72b39b40145c7156afce7bcd664f1e0587023d4cafb22467d33cdccf6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "60e-60b34cf884189-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1573
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:08 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 tiktok_icon_497.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 2 KB
2 KB 1224ms
113ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/tiktok_icon_497.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 4ceeba2abf7fb16206cce21fd5fcbcbc7bceb21f7c55fba306a32359ef7078d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "770-60b34cfea9933-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1927
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:14 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 BlueOx-Credit-Union-LinkedIn-Icon-NEW_601.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 1 KB
2 KB 1228ms
114ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/BlueOx-Credit-Union-LinkedIn-Icon-NEW_601.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 867abb72f638ce592a1b1b037be13e22aca4dd51765a0aff5669f1d36ac596b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "5ca-60b34d1c2434d-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1505
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:35:45 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 Pinterest_small_icon2_887.png
www.blueoxcu.org/files/blueoxcu19/1/banners/ 2 KB
2 KB 1228ms
113ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/banners/Pinterest_small_icon2_887.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 9765721d3d9143d7c25e8ad2d3f7d6bc6cc09a9a23aa49c2274089e4e98b3c40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "7da-5f8c17b8f07ec-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 2033
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Fri, 07 Apr 2023 16:26:08 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 EHO.png
www.blueoxcu.org/files/blueoxcu19/1/image/BlueOx/ 978 B
1 KB 1230ms
113ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/image/BlueOx/EHO.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 432c5d6f63ef62e7d57a97cdc340063bdb3d62ed93b641106492c4e647abb6e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "3d2-60b34bf7ad5c8-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 1001
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:30:38 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 NCUA_white.png
www.blueoxcu.org/files/blueoxcu19/1/image/BlueOx/ 2 KB
2 KB 1233ms
113ms Image
image/webp 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/files/blueoxcu19/1/image/BlueOx/NCUA_white.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: a711af9343c896ffb47bac2607e59a4b40730c7517fa4084c7e6262fb0dfd41d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "814-60b34bf7aaad0-gzip"
expires: Thu, 12 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 2091
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 28 Nov 2023 11:30:38 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/webp

GET
H2 200 / Show response
sharpenchat.iz1.sharpen.cx/ 30 KB
30 KB 268ms
56ms Script
application/javascript 52.203.75.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sharpenchat.iz1.sharpen.cx/
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.203.75.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-75-253.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2f1a2ddb3c46820feaf9c3639966aa9ed7821a3540fcfd346a728184eee2c60f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=0
etag: W/"77af-18a28f9fef8"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30639
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Aug 2023 19:16:27 GMT
x-powered-by: Express

GET
H2 404 chrisdomroll.js
www.blueoxcu.org/ 0
0 348ms
329ms Script
text/html 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueoxcu.org/chrisdomroll.js

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),

Reverse DNS

customer-74-204-78-22.host.ussignalcom.net

Software

CUSG_Web /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: autoplay=(self), document-domain=*, fullscreen=*, geolocation=(self), microphone=(self)
content-length: 11258
date: Wed, 11 Dec 2024 23:00:46 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: CUSG_Web

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
82 KB 200ms
74ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMJGDBJ

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be939a367a27d6c3f570f7b4b17301d1741307082efc988d6eb33fa687e9524a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 11 Dec 2024 23:00:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 22:05:17 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83131
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bootstrap.min.css
www.blueoxcu.org/templates/COMMON_JS/CSS/ 152 KB
23 KB 226ms
226ms Stylesheet
text/css 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/CSS/bootstrap.min.css
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/templates/blueox_2019/css/style.css?version=25Aug2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 3f027dae8ac39b3c427239120781ef1c16b1c49834bb8940054615db4340eab4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/templates/blueox_2019/css/style.css?version=25Aug2023

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "26045-597b41b16e881-gzip"
expires: Wed, 18 Dec 2024 23:00:46 GMT
accept-ranges: bytes
content-length: 23201
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Tue, 19 Nov 2019 14:44:47 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: text/css

GET
H/1.1 200
OK username
beta.itsme247.com/169/authentication/ Frame 9915 0
0 375ms
156ms Document
text/html 63.150.21.23
WESCO

General

Check archive.org

Show headers Download Go to

Full URL

https://beta.itsme247.com/169/authentication/username

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.150.21.23 Harrisburg, United States, ASN19031 (WESCO, US),

Reverse DNS

itsme247.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Referer: https://www.blueoxcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 11 Dec 2024 23:00:45 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Name: Web06 Web06

GET
H2 200 online-banking-bg.png
www.blueoxcu.org/templates/blueox_2019/images/ 3 KB
3 KB 1232ms
112ms Image
image/png 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/templates/blueox_2019/images/online-banking-bg.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: d1395a5b6871eda72c636170f1d2435592648e4212411d73cac51456fd50496d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "d9f-591d18b6320b2-gzip"
expires: Wed, 18 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 3371
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Thu, 05 Sep 2019 17:20:56 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/png

GET
H2 200 corner-lines.png
www.blueoxcu.org/templates/blueox_2019/images/ 557 B
695 B 1230ms
111ms Image
image/png 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blueoxcu.org/templates/blueox_2019/images/corner-lines.png
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/templates/blueox_2019/css/style.css?version=25Aug2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 2b392009b4c50ef91dd6c4868ae1e18dbd8160a7400ea68c851eb0d93a2eb12d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/templates/blueox_2019/css/style.css?version=25Aug2023

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: "22d-591d18b5cd358-gzip"
expires: Wed, 18 Dec 2024 23:00:47 GMT
accept-ranges: bytes
content-length: 556
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Thu, 05 Sep 2019 17:20:55 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: image/png

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 115ms
57ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://fonts.googleapis.com/

Response headers

age: 409540
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 05:15:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 05:15:06 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/webfonts/ 138 KB
139 KB 211ms
115ms Font
application/font-woff2 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/webfonts/fa-solid-900.woff2
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/all.min.css

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "226c4-5bd3575ce245b-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Wed, 10 Mar 2021 21:36:30 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/font-woff2

GET
H2 200 fa-regular-400.woff2
www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/webfonts/ 170 KB
171 KB 315ms
118ms Font
application/font-woff2 74.204.78.22
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/webfonts/fa-regular-400.woff2
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.204.78.22 Grand Rapids, United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS: customer-74-204-78-22.host.ussignalcom.net
Software: CUSG_Web /
Resource Hash: 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/templates/COMMON_JS/fontawesome-pro-5.15.1-web/css/all.min.css

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "2a61c-5bd3575a6f116-gzip"
expires: Thu, 12 Dec 2024 23:00:46 GMT
accept-ranges: bytes
date: Wed, 11 Dec 2024 23:00:46 GMT
last-modified: Wed, 10 Mar 2021 21:36:28 GMT
vary: Accept-Encoding
server: CUSG_Web
content-type: application/font-woff2

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 130ms
72ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://fonts.googleapis.com/

Response headers

age: 454228
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 16:50:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 16:50:18 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
216 KB 176ms
56ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: gzip
age: 7402
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 20:57:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 20:57:24 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220753
x-xss-protection: 0
server: sffe

GET
H2 200 p Show response
i.simpli.fi/ 798 B
763 B 98ms
54ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=463379&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/698d8aab-a05a-414a-82d3-e77ac61328c0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 453a76b648cbf74439f105c2c73bbd19a23bd2020aecd96f67ac842a644d4e70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H2 200 19990341.js Show response
js.hs-analytics.net/analytics/1733957700000/ 68 KB
25 KB 156ms
89ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1733957700000/19990341.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/19990341.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0738ab316e737e3c4b3750ce91937eb3df74c7edef3468cdc21158adc12b794

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: a0ffd5a5-e046-45a4-a094-61d234df81b3
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fa8b4d05b35bddf3ae6907a0825dfcdf"
x-amz-version-id: null
expires: Wed, 11 Dec 2024 23:02:02 GMT
x-evy-trace-listener: listener_https
date: Wed, 11 Dec 2024 23:00:46 GMT
x-hubspot-correlation-id: a0ffd5a5-e046-45a4-a094-61d234df81b3
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:59:24 GMT
vary: origin, Accept-Encoding
x-amz-id-2: P7lRKu4bt+DB15fBNYPDQp6FJAZNCTEyJLXCyStsVZ8VbN1P/ffw6coWzBX/dgchbLdx3XG8jd98Ayu2CBinlxfFcv7UM4FA8+5DDBIQG1g=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-xw2ts
x-envoy-upstream-service-time: 22
access-control-allow-credentials: false
x-amz-request-id: HP4NEA8RY96CX6J0
cf-ray: 8f0917bf7829da8f-MIA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/19990341/ 71 KB
26 KB 213ms
145ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/19990341/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/19990341.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f027e24a92ec9bd572255522f0ca9793c06ba5ef063198397543cc1a9f4a7d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 329a6d60-eb95-470f-aa7e-07ac50a96351
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"528616deb785ffc7b9f9aba86c661019"
x-amz-version-id: X333NXqCCYYZNf1wVqI3pHOMpzxz_15P
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Wed, 11 Dec 2024 23:05:46 GMT
x-evy-trace-listener: listener_https
date: Wed, 11 Dec 2024 23:00:46 GMT
x-hubspot-correlation-id: 329a6d60-eb95-470f-aa7e-07ac50a96351
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Apr 2024 15:48:15 GMT
vary: origin, Accept-Encoding
x-amz-id-2: T2TbiCfcxvotUpdbtJMs4W8+zXYG9anNvY8V4y0sY9Q1ixL8ogSvyYJ62RuA89xSrYCVnq9AmUo=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-jg42k
x-envoy-upstream-service-time: 66
access-control-allow-credentials: true
x-amz-request-id: FX9HPM8WH3D8DWSZ
cf-ray: 8f0917bf7d695c79-MIA
access-control-allow-origin: https://www.blueoxcu.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 70 KB
25 KB 127ms
55ms Script
application/javascript 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/19990341.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: d4fab96f-e484-43b3-94d1-4ff4423fcfd9
content-encoding: gzip
cf-cache-status: HIT
etag: W/"ceb8bcb73e5536d8416735a3977d227a"
x-amz-version-id: 8IiNiFnnn0n9avBP.k8Mr32sZxpD8Dx_
age: 419
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ywLt8hLRygNH6MhUtZ4e2A_hwhTpZR5lXZRSoTzAH6v2rOvG_fbH1A==
x-hubspot-correlation-id: d4fab96f-e484-43b3-94d1-4ff4423fcfd9
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Dec 2024 13:03:17 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-n6bxn
x-envoy-upstream-service-time: 0
x-hs-target-asset: collected-forms-embed-js/static-1.1112/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Wed, 11 Dec 2024 23:00:46 GMT
vary: accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.1112/bundles/project.js&cfRay=8f090d82a88d1357-MIA
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-ray: 8f0917bf9a6a74c8-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=FAC737BA10EC451CA93542DBD521E946

0
0

GET
H2

204

FAC737BA10EC451CA93542DBD521E946
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/FAC737BA10EC451CA93542DBD521E946

0
99 B

235ms
58ms

Image
text/plain

69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/simplifi/FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
date: Wed, 11 Dec 2024 23:00:47 GMT
pragma: no-cache

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.1rx.io/usersync/simplifi/FAC737BA10EC451CA93542DBD521E946
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

64ms
64ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /xuid?ld=1&mid=7969&xuid=FAC737BA10EC451CA93542DBD521E946&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 11 Dec 2024 23:00:47 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=FAC737BA10EC451CA93542DBD521E946

43 B
175 B

250ms
57ms

Image
image/gif

2600:1f18:612b:4280:f13b:83e0:4d64:f0d7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 2600:1f18:612b:4280:f13b:83e0:4d64:f0d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=FAC737BA10EC451CA93542DBD521E946
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946

95 B
428 B

55ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FAC737BA10EC451CA93542DBD521E946
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 11 Dec 2024 23:00:46 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FAC737BA10EC451CA93542DBD521E946
https://d.agkn.com/pixel/10751/?che=1733958047024&ip=38.132.118.69&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214520605093332323574
https://um.simpli.fi/aa_px?sk=214520605093332323574
https://um.simpli.fi/empty.gif

43 B
361 B

55ms
54ms

Image
image/gif

35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946&ckls=true&ci=WCYCVL9yIW&nc=false&trid=-1972037894

43 B
1 KB

84ms
83ms

Image
image/gif

2600:9000:2073:aa00:1b:6b7d:2300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946&ckls=true&ci=WCYCVL9yIW&nc=false&trid=-1972037894
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 2600:9000:2073:aa00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 ec809871438c11b540493503de981368.cloudfront.net (CloudFront)
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length: 43
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
x-amz-cf-pop: IAD50-C2
x-amz-cf-id: WMJjkHaPmPsVLfXciDgbpcDY1FbS3RulLZ6inQbTOm4r3KnICsaf5Q==

Redirect headers

patent: https://www.almondnet.com/ip
cache-control: no-cache, no-store, must-revalidate
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FAC737BA10EC451CA93542DBD521E946&ckls=true&ci=WCYCVL9yIW&nc=false&trid=-1972037894
pragma: no-cache
via: 1.1 ec809871438c11b540493503de981368.cloudfront.net (CloudFront)
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
x-amz-cf-pop: IAD50-C2
x-amz-cf-id: GDI5SFgLL2ySNVrl2hCVBLIOEVJowaSFBmOGQUodavMyce_9NlVN3Q==

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FAC737BA10EC451CA93542DBD521E946

42 B
551 B

325ms
91ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-store, no-cache, private
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 11 Dec 2024 22:50:03 GMT
content-type: image/gif; charset=utf-8
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FAC737BA10EC451CA93542DBD521E946
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

200

user-registering
ads.stickyadstv.com/
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=FAC737BA10EC451CA93542DBD521E946

43 B
654 B

473ms
68ms

Image
image/gif

63.251.28.230
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: HTTP/1.1
Server: 63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1733958047303084-52
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Wed, 11 Dec 2024 23:00:47 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=FAC737BA10EC451CA93542DBD521E946
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=FAC737BA10EC451CA93542DBD521E946;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=FAC737BA10EC451CA93542DBD521E946;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
256 B

58ms
58ms

Image
text/plain

216.22.16.72
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 11 Dec 2024 23:00:46 GMT
pragma: no-cache

Redirect headers

cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 11 Dec 2024 23:00:46 GMT
pragma: no-cache

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0&xl8blockcheck=1

0
775 B

73ms
70ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0&xl8blockcheck=1
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 11 Dec 2024 23:00:47 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=FAC737BA10EC451CA93542DBD521E946&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946
https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946&verify=true

0
123 B

102ms
102ms

Image
text/html

2001:4998:60:807::1
YAHOO-CHA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946&verify=true

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 11 Dec 2024 23:00:47 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=FAC737BA10EC451CA93542DBD521E946&verify=true
age: 0
referrer-policy: no-referrer-when-downgrade
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/html
server: ATS

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=FAC737BA10EC451CA93542DBD521E946

0
421 B

273ms
56ms

Image
text/plain

3.219.153.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: HTTP/1.1
Server: 3.219.153.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-153-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

Date: Wed, 11 Dec 2024 23:00:46 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=FAC737BA10EC451CA93542DBD521E946
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=FAC737BA10EC451CA93542DBD521E946

0
0

GET
H2

200

tpid=FAC737BA10EC451CA93542DBD521E946
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946

49 B
545 B

66ms
65ms

Image
image/gif

34.228.175.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 34.228.175.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-175-96.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
x-server: 10.40.11.201
server: Jetty(9.4.38.v20210224)

Redirect headers

cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FAC737BA10EC451CA93542DBD521E946
pragma: no-cache
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 0
date: Wed, 11 Dec 2024 23:00:47 GMT
x-server: 10.40.58.118
server: Jetty(9.4.38.v20210224)

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946
https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946&dnr=1

43 B
511 B

64ms
62ms

Image
image/gif

34.194.79.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946&dnr=1
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 34.194.79.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-79-112.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://ce.lijit.com/merge?pid=2&3pid=FAC737BA10EC451CA93542DBD521E946&dnr=1
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 11 Dec 2024 23:00:47 GMT
vary: Accept-Encoding

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=FAC737BA10EC451CA93542DBD521E946
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRkFDNzM3QkExMEVDNDUxQ0E5MzU0MkRCRDUyMUU5NDYQABoNCJ-z6LoGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416&expected_cookie=ebcaa547-639b-4805-96e8-54ebc7c89cb1

0
141 B

103ms
102ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416&expected_cookie=ebcaa547-639b-4805-96e8-54ebc7c89cb1
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DC88E884613247F68134543EF2A4247B Ref B: MIAEDGE1707 Ref C: 2024-12-11T23:00:47Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYpBpF6Phpr4YpTM9sq/w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 11 Dec 2024 23:00:47 GMT

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: /db_sync?pid=10339&puuid=3177d97c6c0940d3cedd0e544628c0f20562f410e3da4512a0c40daa6d635c21791426b5417dce21&rand=08466416&expected_cookie=ebcaa547-639b-4805-96e8-54ebc7c89cb1
x-msedge-ref: Ref A: 690913EC1C514B77B2138EBEF64D3C30 Ref B: MIAEDGE1707 Ref C: 2024-12-11T23:00:47Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYpBpF4qehfx5eY25FBKg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 11 Dec 2024 23:00:46 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733958046598&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrF...

42 B
64 B

70ms
70ms

Image
image/gif

142.251.179.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIyLK-i-mgigMV-EtHAR0Q6Qr0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5ibHVlb3hjdS5vcmcv&is_vtc=1&cid=CAQSGwCa7L7dpSqkXrT1rmRIyiqZ9nvuSmu7p9Tp0g&random=3984442374

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

142.251.179.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=2111386222&cv=7&fst=1733958046598&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIyLK-i-mgigMV-EtHAR0Q6Qr0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5ibHVlb3hjdS5vcmcv&is_vtc=1&cid=CAQSGwCa7L7dpSqkXrT1rmRIyiqZ9nvuSmu7p9Tp0g&random=3984442374
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 106ms
105ms Image
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:46 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=FAC737BA10EC451CA93542DBD521E946
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DFAC737BA10EC451CA93542DBD521E946

43 B
1 KB

90ms
90ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DFAC737BA10EC451CA93542DBD521E946

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

68.67.160.132 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 2a9feecf-335e-46ee-abb3-f44ca94f7762
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DFAC737BA10EC451CA93542DBD521E946
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 8e836389-9075-4dd6-9831-3672c630ba05
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FAC737BA10EC451CA93542DBD521E946&expires=365

42 B
1 KB

281ms
77ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FAC737BA10EC451CA93542DBD521E946&expires=365
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
Pragma: no-cache
content-length: 42
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FAC737BA10EC451CA93542DBD521E946&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 10 Dec 2024 23:00:46 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946&cc=1

43 B
171 B

46ms
44ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946&cc=1
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 38.132.118.69
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: image/gif
vary: Accept

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=FAC737BA10EC451CA93542DBD521E946&cc=1
x-forwarded-for: 38.132.118.69
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEPVPPfveIkTjEBfSU8T8yaQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAC737BA10EC451CA93542DBD521E946
https://um.simpli.fi/g_match?id=

0
320 B

54ms
53ms

Image
text/plain

35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 23:00:47 GMT
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:47 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control: no-cache, must-revalidate
location: https://um.simpli.fi/g_match?id=
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 229
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 sharpenChat.css
sharpenchat.iz1.sharpen.cx/public/ 32 KB
32 KB 61ms
58ms Stylesheet
text/css 52.203.75.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sharpenchat.iz1.sharpen.cx/public/sharpenChat.css
Requested by: Host: sharpenchat.iz1.sharpen.cx
URL: https://sharpenchat.iz1.sharpen.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.203.75.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-75-253.compute-1.amazonaws.com
Software: / Express
Resource Hash: b51af1acbac5283d5967862b6e56912dfab7536eda5ae2b844836e98f24eabc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=0
etag: W/"808b-18a28f75b30"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32907
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 24 Aug 2023 19:13:34 GMT
x-powered-by: Express

GET
H2 200 edbab041.js Show response
use.fonticons.com/ 10 KB
4 KB 158ms
41ms Script
application/javascript 2606:4700:4400::ac40:983b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fonticons.com/edbab041.js
Requested by: Host: sharpenchat.iz1.sharpen.cx
URL: https://sharpenchat.iz1.sharpen.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:983b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbd4d366735911663e4e488b15591438d57c9bd6bcc6f9e9c159aa02f79b5e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8e4ed6503a1496229bbf4f7e9a66d19d"
age: 6048
x-amz-request-id: 1Y3AWMABNNSCTRVX
expires: Thu, 11 Dec 2025 23:00:46 GMT
cf-ray: 8f0917c12fad02f1-MIA
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript
last-modified: Mon, 03 Aug 2020 20:03:17 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: SoQxRjAaxAcxFX/EqRvTjzR5a61yc2/lhneQLxwa7E+l0sj3iQyfC6CZiVzjKCK3OZXXqTiNp4VzgzUwVGdtoQlU6hQk9EcR

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/ 60 KB
19 KB 45ms
43ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment.min.js

Requested by

Host: sharpenchat.iz1.sharpen.cx
URL: https://sharpenchat.iz1.sharpen.cx/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f26-ef85"
age: 562590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvPyxMwxKecEIRarZiosTPdYC7EjL7e32b0J3vkZOk1X1ayM9gFH2NRA1UMjOGtnXoockFNblqIHAYNai01SOOhQua6Xta9dw3prE0saZH23pNsyX3nrPTjLB5dmXLWIbHAa0u0Z"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 23:00:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:26 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0917bf8f16da13-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18876
server: cloudflare

GET
H2 200 validator.min.js Show response
sharpenchat.iz1.sharpen.cx/public/validator/ 18 KB
18 KB 62ms
59ms Script
application/javascript 52.203.75.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sharpenchat.iz1.sharpen.cx/public/validator/validator.min.js
Requested by: Host: sharpenchat.iz1.sharpen.cx
URL: https://sharpenchat.iz1.sharpen.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.203.75.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-75-253.compute-1.amazonaws.com
Software: / Express
Resource Hash: 44507b361de00b059fe763ae73541a2e327e0e53a5ca83c3f9cd87a3e597bc4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=0
etag: W/"4628-18a28f75b30"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17960
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Aug 2023 19:13:34 GMT
x-powered-by: Express

POST
H2 200 / Show response
api-current.iz1.sharpen.cx/V2/sharpenChat/themes/getThemes/ 6 KB
1 KB 281ms
93ms Fetch
text/html 52.203.75.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-current.iz1.sharpen.cx/V2/sharpenChat/themes/getThemes/

Requested by

Host: sharpenchat.iz1.sharpen.cx
URL: https://sharpenchat.iz1.sharpen.cx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.75.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-75-253.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6912396a54a26a91e3a95f16710127e375ded19a5905e6882c43a0965d5d3a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniffâ
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
x-content-type-options: nosniffâ
access-control-allow-origin: *
content-length: 936
date: Wed, 11 Dec 2024 23:00:46 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 206 sharpenChat.wav
sharpenchat.iz1.sharpen.cx/public/ 120 KB
120 KB 106ms
106ms Media
audio/wav 52.203.75.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sharpenchat.iz1.sharpen.cx/public/sharpenChat.wav
Requested by: Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.203.75.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-75-253.compute-1.amazonaws.com
Software: / Express
Resource Hash: b627966683ff3b0a43f8052debe61bf1b1a48b8d6d71d176a342d085e51caad3

Request headers

Referer: https://www.blueoxcu.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: public, max-age=0
etag: W/"1e0e2-18a28f75b30"
Content-Range: bytes 0-123105/123106
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 123106
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: audio/wav
last-modified: Thu, 24 Aug 2023 19:13:34 GMT
x-powered-by: Express

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 177ms
71ms XHR
application/json 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNnLqqlvFVicPs-6hZiiohT0pN4XGVUbw&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.blueoxcu.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Wed, 11 Dec 2024 23:00:46 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 storage.html
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/ Frame 0F9F 0
0 318ms
98ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.blueoxcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 10 Dec 2024 22:51:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 162ms
55ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMJGDBJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: gzip
age: 4641
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 23:43:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 21:43:26 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 84ms
80ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y91YZ680BR&l=dataLayer&cx=c&gtm=45He4ca0v830540901za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMJGDBJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c70c80281264c75c9e719de8fdc395a172b7844828e7b9dea0fc07ff35e722d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 11 Dec 2024 23:00:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104589
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
676 B 119ms
118ms XHR
application/json 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=19990341&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f8a64154011868280eae5e32bb4b38ce925e6e6d0c145b31170a27256055a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.blueoxcu.org/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: a9142b25-0b17-4b8c-8fe8-b43978b57259
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Wed, 11 Dec 2024 23:00:46 GMT
x-hubspot-correlation-id: a9142b25-0b17-4b8c-8fe8-b43978b57259
content-type: application/json;charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: *
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-56k8s
x-envoy-upstream-service-time: 10
cf-ray: 8f0917c0dc1f74c8-MIA
access-control-allow-origin: https://www.blueoxcu.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 226ms
107ms Fetch
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y91YZ680BR&gtm=45je4ca0h1v892634274za200zb830540901&_p=1733958045941&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=518759430.1733958047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733958046&sct=1&seg=0&dl=https%3A%2F%2Fwww.blueoxcu.org%2F&dt=BlueOx%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2012
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y91YZ680BR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.blueoxcu.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/plain
server: Golfe2

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/edbab041/publications/107066/ 152 KB
113 KB 180ms
58ms Stylesheet
text/css 2606:4700:4400::6812:25d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/edbab041/publications/107066/woff2.css
Requested by: Host: use.fonticons.com
URL: https://use.fonticons.com/edbab041.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:25d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca13f7d4db7ca0f0126cea72a12ad0718c9f98af683dafd760bbe5b5352a794

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5f62ee02957f8532a0e5a9e7c939ff16"
age: 3136
x-amz-request-id: Q9R9XY4MVCMEDFZA
expires: Thu, 11 Dec 2025 23:00:47 GMT
cf-ray: 8f0917c24d4e31fb-MIA
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/css
last-modified: Mon, 03 Aug 2020 20:03:18 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: fm/BPJ+4mX6ovtKRzp5NwNTqRSA6+0UUt5jN/dHZftoLvDn1ZIXJ4l1mmLsdBSq+/QpF8vgN9s8=

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
916 B 129ms
77ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-robots-tag: none
x-request-id: 98530437-c7fb-4e2d-8ba3-98a629bcc46b
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Wed, 11 Dec 2024 23:00:47 GMT
x-hubspot-correlation-id: 98530437-c7fb-4e2d-8ba3-98a629bcc46b
content-type: image/gif
vary: origin
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-q5dzg
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8f0917c209642251-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
306 B 64ms
63ms XHR
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=698210742&t=pageview&_s=1&dl=https%3A%2F%2Fwww.blueoxcu.org%2F&ul=en-us&de=UTF-8&dt=BlueOx%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1442922209&gjid=53751289&cid=518759430.1733958047&tid=UA-42864915-1&_gid=109478995.1733958047&_r=1&_slc=1&gtm=45He4ca0n81WMJGDBJv830540901za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=761367403

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.blueoxcu.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.blueoxcu.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 36 B
590 B 139ms
138ms XHR
application/json 3.162.125.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-100.iad61.r.cloudfront.net
Software: /
Resource Hash: 9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.blueoxcu.org/

Response headers

x-amz-apigw-id: CpjxAHYIPHcEYtw=
x-amzn-trace-id: Root=1-675a199f-7805b6582bb22ab51ca80da0;Parent=043899109778d79a;Sampled=0;Lineage=1:a245b58f:0
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid: 88a0de2e-e7c0-4633-9837-1a77e53bbca2
via: 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 36
x-amz-cf-id: aXJ6YTFa-kJtEUIWzyX5zkJV3B0qepYct5tuUvCom2d6QKC5btBsHg==
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: application/json
x-amz-cf-pop: IAD61-P3
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 420ms
251ms Preflight
application/json 3.162.125.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-100.iad61.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.blueoxcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 11 Dec 2024 23:00:47 GMT
via: 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cpjw_Ee8vHcEFQw=
x-amz-cf-id: UKJnmFjF7FYNaMdp2hAt5HDTIH-0iqxT5souTnD99mHCtb7ZWEhVWA==
x-amz-cf-pop: IAD61-P3
x-amzn-requestid: ef53eac5-f0c9-4b32-8054-f5b2a8d6ce4c
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c213f431199b10158efd2ba445e7d17e6c20307be4060093666eebd8452ac2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320ad76060a64e9a6b1a5e6deed8aaaf601e5deb5e1e1865d9f34a0c8e739d84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.blueoxcu.org
Referer

Response headers

Content-Type: application/font-woff2;charset=utf-8

OPTIONS
H2 200 gannett
um.simpli.fi/ Frame 0
0 163ms
53ms Preflight
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://um.simpli.fi/gannett

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.blueoxcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/plain; charset=UTF-8
date: Wed, 11 Dec 2024 23:00:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 gannett Show response
um.simpli.fi/ 33 B
587 B 54ms
53ms XHR
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://um.simpli.fi/gannett

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e4a2b7ebbc348d122248fdcde90f66f48de836fb4ce47b6896fe46e1cd7aacb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.blueoxcu.org/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 _.gif
fault.rlets.com/static/ 43 B
440 B 369ms
120ms Image
image/gif 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fault.rlets.com/static/_.gif?s=ce3afee7-9859-4bfd-862b-681be5c39f5f&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-frame-options: ALLOWALL
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 541e5cee3ae8eab69bcbdcfb77448c66
cache-control: max-age=0, private, must-revalidate
etag: W/"42b976597a2d977d0e300f6d06bc903d"
content-transfer-encoding: binary
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:48 GMT
content-type: image/gif
content-disposition: inline
x-runtime: 0.002482
access-control-allow-headers: Content-Type

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame B13B 175 KB
45 KB 87ms
86ms Script
text/javascript 2600:9000:2305:9a00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:9a00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9cdd322e6832594a26813a0068e156ade500086257a2809bad22e9065824fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop: IAD89-P2
content-encoding: br
etag: W/"2cbdf502bae7e4ec5488aae66650a23c"
age: 11776
via: 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 33CDHQQldmuemfPoYmPG_iGEtWkjSNGmUwI3b2kCLcEdqT6jed6qHA==
date: Wed, 11 Dec 2024 19:44:32 GMT
content-type: text/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 09 Dec 2024 17:45:06 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 70ms
70ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10879647916

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f251b44d941dd5ad954d69636298004f93a8436377d3ec4c3429d8fd98ea5990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 11 Dec 2024 23:00:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 22:45:08 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99860
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Show response
tag.simpli.fi/sifitag/ 3 KB
1 KB 55ms
54ms Script
application/javascript 35.245.15.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.15.245.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 80b2b66c15e12e819f1ddd5edc105cff199c756544f6aaee4736e156aaaa22c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

x-request-id: GBBBqFOIxdc5r89iYE3E
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 storage.html
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/ Frame 350E 0
0 0ms
0ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.224.168.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 10 Dec 2024 22:51:08 GMT

GET
H2 200 gannett Show response
um.simpli.fi/ Frame B13B 33 B
585 B 82ms
69ms XHR
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://um.simpli.fi/gannett

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

60cbbfad190367dc14c6bb63d2130b703085453664dbad8a63192eddeff47533

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:47 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

OPTIONS
H2 200 gannett
um.simpli.fi/ Frame 0
0 53ms
52ms Preflight
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://um.simpli.fi/gannett

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.blueoxcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/plain; charset=UTF-8
date: Wed, 11 Dec 2024 23:00:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H3 200 collect
www.google.com/ccm/ 0
0 85ms
85ms Ping
text/plain 142.251.179.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.blueoxcu.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=269640670.1733958048&auid=2098935712.1733958048&npa=0&gtm=45be4ca0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733958047915&tfd=3054&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10879647916
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.179.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10879647916/ 4 KB
2 KB 89ms
89ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10879647916/?random=1733958047907&cv=11&fst=1733958047907&bg=ffffff&guid=ON&async=1&gtm=45be4ca0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.blueoxcu.org%2F&hn=www.googleadservices.com&frm=0&tiba=BlueOx%20Credit%20Union&npa=0&pscdl=noapi&auid=2098935712.1733958048&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10879647916

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

60280eb0f251438a906ce6ab23181b66515d6121aa29b7f5a5d034d0dad91383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2243
date: Wed, 11 Dec 2024 23:00:47 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10879647916
td.doubleclick.net/td/rul/ Frame E3D9 0
0 211ms
72ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10879647916?random=1733958047907&cv=11&fst=1733958047907&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.blueoxcu.org%2F&hn=www.googleadservices.com&frm=0&tiba=BlueOx%20Credit%20Union&npa=0&pscdl=noapi&auid=2098935712.1733958048&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10879647916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blueoxcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 23:00:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 7EF9 0
0 70ms
69ms Document
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.blueoxcu.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10879647916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 23:00:47 GMT
expires: Thu, 11 Dec 2025 23:00:47 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 visits Show response
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/api/v1/ 0
382 B 107ms
105ms XHR
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/api/v1/visits

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.blueoxcu.org/

Response headers

x-frame-options: ALLOWALL
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: f7c24ead775bd69e122a7368c95416c1
cache-control: no-cache
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
date: Wed, 11 Dec 2024 23:00:48 GMT
content-type: text/html
x-runtime: 0.005156
access-control-allow-headers: Content-Type

OPTIONS
H2 200 visits
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/api/v1/ Frame 0
0 296ms
100ms Preflight
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/api/v1/visits

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.blueoxcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html
date: Wed, 11 Dec 2024 23:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOWALL
x-request-id: f9f4de3c6495479c381fbc484f00877f
x-runtime: 0.001816

GET
H3 200 /
www.google.com/pagead/1p-user-list/10879647916/ 42 B
64 B 71ms
71ms Image
image/gif 142.251.179.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10879647916/?random=1733958047907&cv=11&fst=1733958000000&bg=ffffff&guid=ON&async=1&gtm=45be4ca0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.blueoxcu.org%2F&hn=www.googleadservices.com&frm=0&tiba=BlueOx%20Credit%20Union&npa=0&pscdl=noapi&auid=2098935712.1733958048&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dmvx3tczMkamXwrzd1ZanoPFEQcSaP94piIMYXOIQmJQ2NRwo&random=1796683163&rmt_tld=0&ipr=y

Requested by

Host: www.blueoxcu.org
URL: https://www.blueoxcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 11 Dec 2024 23:00:48 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame 35DE 175 KB
0 87ms
86ms Script
text/javascript 2600:9000:2305:9a00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/ce3/afe/e79/8594bfd862b681be5c39f5f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:9a00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9cdd322e6832594a26813a0068e156ade500086257a2809bad22e9065824fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop: IAD89-P2
content-encoding: br
etag: W/"2cbdf502bae7e4ec5488aae66650a23c"
age: 11776
via: 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 33CDHQQldmuemfPoYmPG_iGEtWkjSNGmUwI3b2kCLcEdqT6jed6qHA==
date: Wed, 11 Dec 2024 19:44:32 GMT
content-type: text/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 09 Dec 2024 17:45:06 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 storage.html
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/ Frame D1EF 0
0 0ms
0ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.224.168.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Wed, 11 Dec 2024 23:00:47 GMT
last-modified: Tue, 10 Dec 2024 22:51:08 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/3/ 268 KB
55 KB 59ms
57ms Script
text/javascript 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/3/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNnLqqlvFVicPs-6hZiiohT0pN4XGVUbw&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

sffe /

Resource Hash

249e85b9792cdfb9ce084d58830b251befb8fbeb9dae85fd252a3b252de6897f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
age: 1787
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 22:31:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 22:31:04 GMT
last-modified: Mon, 09 Dec 2024 22:26:07 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56513
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/3/ 189 KB
57 KB 69ms
68ms Script
text/javascript 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/3/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNnLqqlvFVicPs-6hZiiohT0pN4XGVUbw&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

sffe /

Resource Hash

27820100d08e461dd54756f0890ea58534683b436a3d5b5767ad82b50b761c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

content-encoding: br
age: 20
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 23:00:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:31 GMT
last-modified: Mon, 09 Dec 2024 22:26:07 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 58749
x-xss-protection: 0
server: sffe

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 62ms
62ms Fetch
text/plain 142.251.167.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y91YZ680BR&gtm=45je4ca0h1v892634274za200zb830540901&_p=1733958045941&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=518759430.1733958047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733958046&sct=1&seg=0&dl=https%3A%2F%2Fwww.blueoxcu.org%2F&dt=BlueOx%20Credit%20Union&en=scroll&epn.percent_scrolled=90&_et=16&tfd=7030
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y91YZ680BR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f138.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.blueoxcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.blueoxcu.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 23:00:51 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.ad.smaato.net
URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=FAC737BA10EC451CA93542DBD521E946

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/29931?id=FAC737BA10EC451CA93542DBD521E946

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.blueoxcu.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2sp6pbjvi0hp49el40l45u7ero
www.blueoxcu.org/	1969-12-31 23:59:59	Name: cucookie Value: !qEPDmCn53bV79QoXoZgxTO8cLicoLjlGatV2L+EZuGTM5WQdd8tDy09pADIKSG1vP+MsPUYc84Vs
.hs-scripts.com/	1970-01-21 01:39:19	Name: __cf_bm Value: U87zV_FpzMBq7cs4rLJNOF9mzrBO1s8ltHQEWNqA7pI-1733958046-1.0.1.1-2f2mTF.3qmDhASx3Kk6I_n7NlqRds9viXgPy.c59jBi7Ul2c6gpq2btEcVYnyz_vBPUjgR8coYmddfPtATXXPQ
.simpli.fi/	1970-01-21 10:26:20	Name: suid Value: FAC737BA10EC451CA93542DBD521E946
.simpli.fi/	1970-01-21 01:49:22	Name: uid_syncd_secure Value: true
.hs-analytics.net/	1970-01-21 01:39:19	Name: __cf_bm Value: NgQr4YeDOvgueKSRMZNPR7vR2nGMVWhwqeyoHcnB6PY-1733958046-1.0.1.1-oG.vwkfyZpB_dnURjnfaOANi2xK2VfWaPKngAlm9KaxVdc0vesVEMhWNKFbb.io5ausUv2iuQcbCXFF3oWMFbg
.hs-banner.com/	1970-01-21 01:39:19	Name: __cf_bm Value: QhFDjBg5gqmH3mg3LS1LluDePom03MvETYxuBstDAfo-1733958046-1.0.1.1-OU7Eaf5nPArV5cLGW0zuLEF7BBglRxPCzqkhA2u2dfoe1viq9IZFrIgVJ_6Sqvx2TPGUTLebYAyDWW.ntouktA
.blueoxcu.org/	1970-01-21 11:15:18	Name: _ga_Y91YZ680BR Value: GS1.1.1733958046.1.0.1733958046.0.0.0
.tapad.com/	1970-01-21 03:05:42	Name: TapAd_TS Value: 1733958046924
.tapad.com/	1970-01-21 03:05:42	Name: TapAd_DID Value: 8920dea0-9c2b-42ac-8e89-6106aa74298d
.tapad.com/	1970-01-21 03:05:42	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-21 11:15:18	Name: IDE Value: AHWqTUnPKLj4KLF6BDd0FT_kIIfJpBLOV3M9L_gfOGWituCk3KC7_jwSsZHYrEMHiCo
.3lift.com/	1970-01-21 03:48:54	Name: tluidp Value: 1887084637856739452130
.3lift.com/	1970-01-21 03:48:54	Name: tluid Value: 1887084637856739452130
.agkn.com/	1970-01-21 10:24:54	Name: ab Value: 0001%3AE5hq8EkLgO6rRycYoG9WF8HFOKrfXErM
.openx.net/	1970-01-21 10:24:54	Name: i Value: 873f860d-c55f-437d-bba7-b19e048a8cfe\|1733958047
.rlcdn.com/	1970-01-21 10:24:54	Name: rlas3 Value: d3AKgJSNdUrE8WcyHjM8p272c1guMa06T1xyCA+nTjU=
.lijit.com/	1970-01-21 10:24:54	Name: ljt_reader Value: J0OkAQZHN_3zXbrpQvKBxPBH
.blueoxcu.org/	1970-01-21 11:15:18	Name: _ga Value: GA1.2.518759430.1733958047
.blueoxcu.org/	1970-01-21 01:40:44	Name: _gid Value: GA1.2.109478995.1733958047
.hsforms.com/	1970-01-21 01:39:19	Name: __cf_bm Value: pIDDAQqtD8TXF_HfkZo8E5QutqDzdmdfsG1nR0Ip4p0-1733958047-1.0.1.1-vx6J1L7BZsMi1bBUMG7w1bGfIT0txgRXer8_EBXLIh0LaQbdxyvADqBETn09jJvACD9J5FDAXAlAR4qbljq8MQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: o0kc.68OuuXuW96hxG_1E_YbGhbfwmLJqTuUDs68gbM-1733958047092-0.0.1.1-604800000
.blueoxcu.org/	1970-01-21 01:39:18	Name: _gat_UA-42864915-1 Value: 1
.intentiq.com/	1970-01-21 11:15:18	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 11:15:18	Name: intentIQ Value: WCYCVL9yIW
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 01:40:44	Name: test Value: test
.rlcdn.com/	1970-01-21 03:05:42	Name: pxrc Value: CJ+z6LoGEgUI6AcQABIFCOhHEAA=
.adnxs.com/	1970-01-21 03:48:54	Name: XANDR_PANID Value: _1hOGqlCFL9Td54UPUEySZ7hI7WmBqHE9a4_k72slyZ_4IRykorvqjo9INS2coXi2SIS21g2HnEQZ3iNw5xKocXe2H0pdT_Gr5d5zPyRMuE.
.adnxs.com/	1970-01-21 11:15:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:48:54	Name: uuid2 Value: 6337287156971706087
.pubmatic.com/	1970-01-21 02:22:30	Name: KRTBCOOKIE_148 Value: 19421-uid:FAC737BA10EC451CA93542DBD521E946&KRTB&23486-uid:FAC737BA10EC451CA93542DBD521E946&KRTB&23489-uid:FAC737BA10EC451CA93542DBD521E946&KRTB&23539-uid:FAC737BA10EC451CA93542DBD521E946
.pubmatic.com/	1970-01-21 02:22:30	Name: PugT Value: 1733957403
.bfmio.com/	1970-01-21 10:24:54	Name: __141_cid Value: FAC737BA10EC451CA93542DBD521E946
.bfmio.com/	1970-01-21 10:24:54	Name: __io_cid Value: 83618590f8ce5c29693901bc48f684958b463a49
.crwdcntrl.net/	1970-01-21 08:08:06	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:08:06	Name: _cc_id Value: 7b4dd97cf6a11c01c80bc7fe076b4f56
.rubiconproject.com/	1970-01-21 10:24:54	Name: audit_p Value: 1\|zrGbj1WlZ8Innt+/nyKqP1bmTqAGICP8deY39blt8RNiFPGmwOAHU8NWHKSK4IjzKq9b8fZ9psXxodZRdeOIc9yoAuXZ1oqMMGFQl4GqSZvN+71Nbs6jZom03HiQ4XXy+RtLW5QuXElZ2PzLCqZWHuDMIKp3GB5iDn/xa7xWOlJDUbkhndEpfdAPlTu0R9RN
.rubiconproject.com/	1970-01-21 10:24:54	Name: khaos Value: M4KHUNWT-E-FO
.rubiconproject.com/	1970-01-21 10:24:54	Name: khaos_p Value: M4KHUNWT-E-FO
.rubiconproject.com/	1970-01-21 10:24:54	Name: audit Value: 1\|zrGbj1WlZ8Innt+/nyKqP1bmTqAGICP8deY39blt8RNiFPGmwOAHU8NWHKSK4IjzKq9b8fZ9psXxodZRdeOIc9yoAuXZ1oqMMGFQl4GqSZvN+71Nbs6jZom03HiQ4XXy+RtLW5QuXElZ2PzLCqZWHuDMIKp3GB5iDn/xa7xWOlJDUbkhndEpfdAPlTu0R9RN
.rubiconproject.com/	1970-01-21 03:48:54	Name: receive-cookie-deprecation Value: 1
.lijit.com/	1970-01-21 10:24:54	Name: _ljtrtb_2 Value: FAC737BA10EC451CA93542DBD521E946
.yahoo.com/	1970-01-21 10:25:15	Name: A3 Value: d=AQABBJ8ZWmcCEMX1cqShK1XNriSMs1mpBXwFEgEBAQFrW2djZ9ww0iMA_eMAAA&S=AQAAAmKFUWJ6K89T6gd6qsQW8TM
.exelator.com/	1970-01-21 04:32:06	Name: EE Value: "49f851cb4df80d2cad7ab74be8b48fe7"
.pro-market.net/	1970-01-21 05:58:30	Name: anProfile Value: "-mziuidx51l9d+1+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000008+s2=(socqlb)+vm=24-FAC737BA10EC451CA93542DBD521E946"
.pro-market.net/	1970-01-21 02:22:30	Name: anHistory Value: "-mziuidx51l9d+2+!#6wM%t!d)F"
.intentiq.com/	1970-01-21 11:15:18	Name: CSDT Value: UEQ6MTAwNDNfMCZVV2d4RzBn
.intentiq.com/	1970-01-21 11:15:18	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 11:15:18	Name: intentIQCDate Value: 1733958047153
.intentiq.com/	1970-01-21 11:15:18	Name: IQPData Value: 646215237#1733958047151#0#1733958047151
.adnxs.com/	1970-01-21 03:48:54	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GVVksLYq!]tbPl1N!7OnM$=BWr$l#g9<foNNRjd1roi.Uluk`VoaeUC-OfS(Nhe]W@ovp^c/X%W#.wL4W1Qw2FK<9KI
.exelator.com/	1970-01-21 04:32:06	Name: ud Value: "eJxrXxzq6XKLQcHEMs3C1DA5ySQlzcIgxSg5McU8McncJCnVIsnEIi3VfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6otDgxUUpaQyLSopPBZ%252B8%252FQsA54gsHQ%253D%253D"
.analytics.yahoo.com/	1970-01-21 10:24:54	Name: IDSYNC Value: 176k~2mby
.pippio.com/	1970-01-21 10:24:54	Name: did Value: _Hxy7wIluo_cqpAk
.pippio.com/	1970-01-21 10:24:54	Name: didts Value: 1733958047
.pippio.com/	1970-01-21 03:05:42	Name: nnls Value:
.pippio.com/	1970-01-21 03:05:42	Name: pxrc Value: CJ+z6LoGEgYIgr0rEAA=
.ads.stickyadstv.com/	1970-01-21 02:22:30	Name: UID Value: fe7ebf454351ae598538e4521ce524e4
.ads.stickyadstv.com/	1970-01-21 01:40:44	Name: uid-bp-26865 Value: FAC737BA10EC451CA93542DBD521E946
.agkn.com/	1970-01-21 10:24:54	Name: u Value: C\|0AAAAAAAALuzWHwAAAAAA
.linkedin.com/	1970-01-21 03:48:54	Name: li_sugr Value: ebcaa547-639b-4805-96e8-54ebc7c89cb1
.linkedin.com/	1970-01-21 10:24:54	Name: bcookie Value: "v=2&402bad53-bb83-44f8-8466-ce84bfbb7ca4"
.linkedin.com/	1970-01-21 01:40:44	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2937:u=1:x=1:i=1733958047:t=1734044447:v=2:sig=AQHvfwcuSXe1rEw-WIvE-T7Oe58Zr0EE"
.smartadserver.com/	1970-01-21 10:24:54	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 10:24:54	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/	1970-01-21 03:48:54	Name: pid Value: 7251953650333131830
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 01:39:26	Name: rl_campaign Value: {"campaign":{"scid":"","cid":"","tc":"","rl_key":"","kw":"","pub_cr_id":"","isPaidCampaign":false,"tid":"","uid":"","ohid":"","id_creative_resource":"","utm_data":"","ecid":"","marketing_policy":false},"urls":["https://www.blueoxcu.org/"]}
.blueoxcu.org/	1970-01-21 03:48:54	Name: _gcl_au Value: 1.1.2098935712.1733958048
www.blueoxcu.org/	1969-12-31 23:59:59	Name: rl_visitor_history Value: 8bd0e984-03aa-4763-81cf-a74db9313612
www.blueoxcu.org/	1969-12-31 23:59:59	Name: sifi_user_id Value: 2C51F3CEEBEB429D85EBC4544CC9C157
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: bot_type Value:
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: history_campaign Value: {"scid":"","cid":"","tc":"","rl_key":"","kw":"","pub_cr_id":"","isPaidCampaign":false,"tid":"","uid":"","ohid":"","id_creative_resource":"","utm_data":"","ecid":""}
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: history_referrer_type Value: DIRECT
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: last_activity_at Value: 1733958047948
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: visitor_id Value: 8bd0e984-03aa-4763-81cf-a74db9313612
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: sifi_user_id Value: 2C51F3CEEBEB429D85EBC4544CC9C157
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com/	1970-01-21 11:15:18	Name: visit_id Value: db7c84a4-8605-42ea-a00f-b5ee5cda5641

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network	error	URL: https://stags.bluekai.com/site/29931?id=FAC737BA10EC451CA93542DBD521E946 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.blueoxcu.org/chrisdomroll.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.blueoxcu.org/ Message: Refused to execute script from 'https://www.blueoxcu.org/chrisdomroll.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
api-current.iz1.sharpen.cx
bcp.crwdcntrl.net
beta.itsme247.com
capture-api.reachlocalservices.com
cdn.rlets.com
cdnjs.cloudflare.com
ce.lijit.com
ce3afee7-9859-4bfd-862b-681be5c39f5f.rlets.com
cm.g.doubleclick.net
code.jquery.com
d.agkn.com
eb2.3lift.com
fault.rlets.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
loadm.exelator.com
maps.googleapis.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
s.ad.smaato.net
sharpenchat.iz1.sharpen.cx
simplifi.partners.tremorhub.com
stackpath.bootstrapcdn.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
tag.simpli.fi
td.doubleclick.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fonticons.com
use.fortawesome.com
www.blueoxcu.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
s.ad.smaato.net
stags.bluekai.com
104.17.25.14
104.18.10.207
104.19.175.188
107.178.254.65
13.249.39.110
142.251.16.156
142.251.16.94
142.251.167.138
142.251.179.103
142.251.179.156
172.253.122.95
172.253.122.97
2001:4998:60:807::1
216.22.16.72
2600:1901:0:8eee::
2600:1f18:612b:4280:f13b:83e0:4d64:f0d7
2600:9000:2073:aa00:1b:6b7d:2300:93a1
2600:9000:2305:9a00:6:9a19:88c0:93a1
2600:9000:26c1:d600:19:fc2c:a140:93a1
2606:4700:4400::6812:25d3
2606:4700:4400::6812:28f0
2606:4700:4400::ac40:983b
2606:4700::6810:6efe
2606:4700::6810:8ad1
2606:4700::6811:afc9
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::61
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::64
2607:f8b0:4004:c1f::5e
2607:f8b0:4004:c21::5f
2620:1ec:21::14
2a04:4e42:200::649
3.162.125.100
3.219.153.34
34.111.113.62
34.168.224.78
34.194.79.112
34.228.175.96
35.194.66.159
35.244.154.8
35.244.159.8
35.245.15.98
35.71.139.29
50.16.197.56
52.203.75.253
63.150.21.23
63.251.28.230
68.67.160.132
69.173.151.100
69.194.240.13
74.204.78.22
8.28.7.83
00008d1723f959a8a87b121c50719fa934aaa0a408e60e59958451d3d0135644
00d10188386735192dc99030e6c5b105d479ecece7cf35b5704f01df7d5b55f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0ec450deb233c7e954954f2a939a51bb70be6004f4f5aebac0e731c9a330892d
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
221a4070b8203bf0b2a7d759fbfe4cdcb2465bda1cd106c72d35b4bf6f763a1e
24999196ab0c829cba7924f444438f6a36969bf237c46e38ae160a8f7195444c
249e85b9792cdfb9ce084d58830b251befb8fbeb9dae85fd252a3b252de6897f
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830
27820100d08e461dd54756f0890ea58534683b436a3d5b5767ad82b50b761c20
2b392009b4c50ef91dd6c4868ae1e18dbd8160a7400ea68c851eb0d93a2eb12d
2f1a2ddb3c46820feaf9c3639966aa9ed7821a3540fcfd346a728184eee2c60f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa3868e60d61db1469082119c8b4d08ee6814d94dfdd883b8e861e50f25cc3f
320ad76060a64e9a6b1a5e6deed8aaaf601e5deb5e1e1865d9f34a0c8e739d84
3283562d878e1cf90864ac074a7ae394ce6f3d62150d7bb6bc79caaf2dd48602
37d01f858184927bebd78c462daec782121d811414931bec53362ff60cd4ec9d
3822246d7282851a6fd48d2835b9935d156268b63aa301a082d58bb7577e5017
3c70c80281264c75c9e719de8fdc395a172b7844828e7b9dea0fc07ff35e722d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f027dae8ac39b3c427239120781ef1c16b1c49834bb8940054615db4340eab4
42344ad1563220f6bf6291922c034e5e6730af24a707d35331e7105e47c0aa02
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432c5d6f63ef62e7d57a97cdc340063bdb3d62ed93b641106492c4e647abb6e3
44507b361de00b059fe763ae73541a2e327e0e53a5ca83c3f9cd87a3e597bc4d
453a76b648cbf74439f105c2c73bbd19a23bd2020aecd96f67ac842a644d4e70
454fed5045a6bddb5617feb6bf3f5ceba1474fdf67076110f8102ae48d38f9ab
45dbb33b996ac591357f7ce8e5c26c56ee6a29f9a07aebf8e1e3f664ba86e725
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c37cb1c3bb29f0920d1605ec10f3f590b87c623950f5d4cf26a9af06d7e95e3
4cbd4d366735911663e4e488b15591438d57c9bd6bcc6f9e9c159aa02f79b5e4
4ceeba2abf7fb16206cce21fd5fcbcbc7bceb21f7c55fba306a32359ef7078d2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
532fe0339825d72d2599e4919b8d60943f57b53b49e59d699da080ac0f110d61
54b94cc73d9d2d16dce491e990f52b642c583007b24cfb372f93e37e0e348057
5b03b2a4b0640b7ff933ad2da5b55e27d7105ca198b7c66555f276600082d63b
5bdad9ddda8386edc24d7baeb08148f9a8db2a20eac3d34bac731bbe6ada8b8c
5ed9f083c4dfc2d4445fff7c35a638c534a1cf46196b56475d24c4ac627d1028
60280eb0f251438a906ce6ab23181b66515d6121aa29b7f5a5d034d0dad91383
60cbbfad190367dc14c6bb63d2130b703085453664dbad8a63192eddeff47533
64ab43a343addbc62bd188aacee4f67b14750d0a81ed25abcf8ea6d85691dcef
6692b34781e943a71d1a244593e39bae7bac4b162be5c5fd99797d9f400fc12b
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6912396a54a26a91e3a95f16710127e375ded19a5905e6882c43a0965d5d3a91
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c213f431199b10158efd2ba445e7d17e6c20307be4060093666eebd8452ac2a
6f8a64154011868280eae5e32bb4b38ce925e6e6d0c145b31170a27256055a79
6f96cd72b39b40145c7156afce7bcd664f1e0587023d4cafb22467d33cdccf6d
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bd527cd51375e0dd7bc1abda25fa67c1a5e6539ae689005f71fddbfb1c9ef6d
80b2b66c15e12e819f1ddd5edc105cff199c756544f6aaee4736e156aaaa22c0
84c20badf64873220f99a4c4913d527bc4ec20a6ce3b1a52e68b31f7eab931a7
855f8954dd045766f4593ccc8a7b8c03d3b530b1d8f95720925f55bc438247dc
867abb72f638ce592a1b1b037be13e22aca4dd51765a0aff5669f1d36ac596b4
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8f027e24a92ec9bd572255522f0ca9793c06ba5ef063198397543cc1a9f4a7d7
9765721d3d9143d7c25e8ad2d3f7d6bc6cc09a9a23aa49c2274089e4e98b3c40
97ea1d5a3893e1a7aa8676a2230b0e98852a2f7e3591b7c1180730f5aa87de4d
9b26d65d19399f4540f43021c3cc38eca51395059973ce549b85617ef50c1bc6
9e11e19b7de7258c73f7b931c7c2fa280897201d672dc34587585716bea5379e
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3
9ffdfa5b2cc494af81486e662d95f8cce3226248884a0124b24c3eb7ec3b11a7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1347ad94882bc0f734e42cbe2ecb1d5333678b5a2390e219cf741f3308f1f64
a64dc9e3b991a52df4b3aaddbc60dfd701142354989d7a251bb2e7aef5078bb4
a711af9343c896ffb47bac2607e59a4b40730c7517fa4084c7e6262fb0dfd41d
a8f4b8045c283f81fadbfec952e2543b05a6ba1833031b115798d8462ab5a8ee
adb71caee2ee8d176241110644df6e28cd70caffb00ad1eb93047c035cc7a300
b0738ab316e737e3c4b3750ce91937eb3df74c7edef3468cdc21158adc12b794
b125d7a87314ae31deb78de23cf7606c1c82197f5dd5bfccfa9d7bd0fafa5ca0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
b51af1acbac5283d5967862b6e56912dfab7536eda5ae2b844836e98f24eabc4
b627966683ff3b0a43f8052debe61bf1b1a48b8d6d71d176a342d085e51caad3
b9cdd322e6832594a26813a0068e156ade500086257a2809bad22e9065824fa1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf197e1132b49b12d7463ad30ede562d3b32941d8ab34287e2110dfb9ae3ef0
be939a367a27d6c3f570f7b4b17301d1741307082efc988d6eb33fa687e9524a
bf09fb8ef8f8928281e212416feb4829aec212ae8d1211f838693571ea5df863
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd0fbfcf9f0ad89eaede388cfea68c9658006d6a0aa724901ac73766d5cb37f0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1395a5b6871eda72c636170f1d2435592648e4212411d73cac51456fd50496d
d25435b6877389e8273be8cd67b1c351aede0b990d76fbb4f375724707fe7d60
d5d30bd954d6119dbd1a95d4b630a8a7ab13816563f084877ffa252068fe6bbc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a2b7ebbc348d122248fdcde90f66f48de836fb4ce47b6896fe46e1cd7aacb8
ec257f0a20130831eed9009de1a02abf48f0e7e9473df14d1e7feae19c2a3731
ee82f49971e0b2264359a500f9669e5d500a47da0163a70b892737f6efb1427f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f251b44d941dd5ad954d69636298004f93a8436377d3ec4c3429d8fd98ea5990
f636dc003b7e4d9489d5dc15d259bbf55941783ba225a51d0d8781540718026a
f711ef12c779f46cf982dc6b2b5eb48141e771b6f63f19d92c5b8c8127ac9571
fb594cb573e0069f41c995826db8632f614a20e1ae428455462dd2e80c586447
fbca955bb0cf1a4fdfbd6bed435844db290bd2195de22431289cefb399e39e78
fca13f7d4db7ca0f0126cea72a12ad0718c9f98af683dafd760bbe5b5352a794
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

www.blueoxcu.org Open in urlscan Pro 74.204.78.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

84 %HTTPS

38 %IPv6

46 Domains

57 Subdomains

48 IPs

2 Countries

3162 kBTransfer

5909 kBSize

77 Cookies

5 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blueoxcu.org Open in urlscan Pro
74.204.78.22 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

84 %
HTTPS

38 %
IPv6

46
Domains

57
Subdomains

48
IPs

2
Countries

3162 kB
Transfer

5909 kB
Size

77
Cookies

136 HTTP transactions
3 data transactions