gainfcu.com Open in urlscan Pro
20.22.186.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://burbankcitymortgage.com/
Effective URL:
https://gainfcu.com/loans/home.html
Submission: On February 27 via manual (February 27th 2024, 2:47:20 pm UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 48 IPs in 6 countries across 44 domains to perform 124 HTTP transactions. The main IP is 20.22.186.114, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is gainfcu.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 17th 2023. Valid for: a year.

This is the only time gainfcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 33	20.22.186.114 20.22.186.114	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:6000:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.255.245.71 34.255.245.71	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	23.38.98.99 23.38.98.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	204.16.247.177 204.16.247.177	20326 (TERASWITCH) (TERASWITCH)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	104.126.37.203 104.126.37.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
4 9	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	18.238.17.128 18.238.17.128	16509 (AMAZON-02) (AMAZON-02)
5	52.8.216.80 52.8.216.80	16509 (AMAZON-02) (AMAZON-02)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
19 25	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:de00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:2e8c:cdc6:e8e1:713a	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.120.19.20 3.120.19.20	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.79.91 3.122.79.91	16509 (AMAZON-02) (AMAZON-02)
1	18.239.69.49 18.239.69.49	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.45.42.225 52.45.42.225	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.35.74.224 63.35.74.224	16509 (AMAZON-02) (AMAZON-02)
1	63.34.193.120 63.34.193.120	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	204.16.247.184 204.16.247.184	20326 (TERASWITCH) (TERASWITCH)
1 1	204.16.247.182 204.16.247.182	20326 (TERASWITCH) (TERASWITCH)
1	2600:9000:264... 2600:9000:2646:e000:7:ea59:6a00:93a1	16509 (AMAZON-02) (AMAZON-02)
124	48

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

burbankcitymortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 20.22.186.114 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.fitmortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gainfcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:6000:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.245.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-245-71.eu-west-1.compute.amazonaws.com

us-21305-adswizz.attribution.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.98.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-99.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 204.16.247.177 (Pittsburgh, United States)

ASN20326 (TERASWITCH, US)
PTR: dns.nextdns.io

play.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-203.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.197.193.217 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.17.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-17-128.ams58.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.8.216.80 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-216-80.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.91.62.186 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:2e8c:cdc6:e8e1:713a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.19.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-20.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.79.91 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-79-91.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-49.ams58.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.42.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-42-225.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.74.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-74-224.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.193.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-193-120.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.16.247.184 (Pittsburgh, United States)

ASN20326 (TERASWITCH, US)

html5-player.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.16.247.182 (Pittsburgh, United States) 1 redirects

ASN20326 (TERASWITCH, US)

assets.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:e000:7:ea59:6a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gainfcu.com gainfcu.com	407 KB
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4479 i.simpli.fi — Cisco Umbrella Rank: 3863 um.simpli.fi — Cisco Umbrella Rank: 825	12 KB
9	adsrvr.org 4 redirects insight.adsrvr.org — Cisco Umbrella Rank: 621	1 KB
9	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 85 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 258	3 KB
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5923 api.livechatinc.com — Cisco Umbrella Rank: 5389 secure.livechatinc.com — Cisco Umbrella Rank: 6661 accounts.livechatinc.com — Cisco Umbrella Rank: 7246	339 KB
8	libsyn.com 1 redirects play.libsyn.com — Cisco Umbrella Rank: 79395 html5-player.libsyn.com — Cisco Umbrella Rank: 55807 assets.libsyn.com — Cisco Umbrella Rank: 57464 static.libsyn.com — Cisco Umbrella Rank: 51020	893 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 69	978 KB
7	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 16811 adservices.brandcdn.com — Cisco Umbrella Rank: 12474	9 KB
6	gstatic.com fonts.gstatic.com	156 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 jnn-pa.googleapis.com — Cisco Umbrella Rank: 228	43 KB
4	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	3 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2464 pbid.pro-market.net — Cisco Umbrella Rank: 8293	1 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 590 region1.google-analytics.com — Cisco Umbrella Rank: 2124	18 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 259	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	20 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1877	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 564 d.agkn.com — Cisco Umbrella Rank: 768	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 515	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 561	712 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	69 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 235	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 91	29 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 543	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 382	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 6553	455 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 136	589 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 479	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 894	205 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 947	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1136	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1638	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 960
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6587	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1279	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 703	237 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 802	395 B
1	t.co t.co — Cisco Umbrella Rank: 660	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 783	15 KB
1	adswizz.com us-21305-adswizz.attribution.adswizz.com	176 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	83 KB
1	fitmortgage.com 1 redirects www.fitmortgage.com	478 B
1	burbankcitymortgage.com 1 redirects burbankcitymortgage.com	298 B
124	44

	Domain	Requested by
32	gainfcu.com	gainfcu.com
25	um.simpli.fi	19 redirects gainfcu.com
9	insight.adsrvr.org	4 redirects gainfcu.com d1eoo1tco6rr5e.cloudfront.net
7	www.youtube.com	gainfcu.com www.youtube.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
5	play.libsyn.com	gainfcu.com play.libsyn.com
4	jnn-pa.googleapis.com	www.youtube.com
4	cm.g.doubleclick.net	4 redirects
4	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
4	cdn.livechatinc.com	gainfcu.com secure.livechatinc.com
3	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	api.livechatinc.com	cdn.livechatinc.com
2	ib.adnxs.com	1 redirects gainfcu.com
2	www.google.com	1 redirects www.youtube.com
2	loadm.exelator.com	1 redirects gainfcu.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects gainfcu.com
2	sync.1rx.io	2 redirects
2	connect.facebook.net	gainfcu.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects gainfcu.com
2	fonts.googleapis.com	gainfcu.com play.libsyn.com
2	tag.brandcdn.com	gainfcu.com
1	static.libsyn.com
1	assets.libsyn.com	1 redirects
1	html5-player.libsyn.com	play.libsyn.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.facebook.com	gainfcu.com
1	static.doubleclick.net	www.youtube.com
1	us-u.openx.net	gainfcu.com
1	pixel.rubiconproject.com	gainfcu.com
1	www.google.de	gainfcu.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	gainfcu.com
1	ce.lijit.com	gainfcu.com
1	bcp.crwdcntrl.net	gainfcu.com
1	stags.bluekai.com	gainfcu.com
1	sync.bfmio.com	gainfcu.com
1	pbid.pro-market.net	gainfcu.com
1	sync.intentiq.com	gainfcu.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	gainfcu.com
1	eb2.3lift.com	gainfcu.com
1	sync.targeting.unrulymedia.com	gainfcu.com
1	s.ad.smaato.net	gainfcu.com
1	i.simpli.fi	tag.simpli.fi
1	analytics.twitter.com	gainfcu.com
1	t.co	gainfcu.com
1	tag.simpli.fi	tag.brandcdn.com
1	stats.g.doubleclick.net	gainfcu.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.ads-twitter.com	gainfcu.com
1	us-21305-adswizz.attribution.adswizz.com	gainfcu.com
1	www.googletagmanager.com	gainfcu.com
1	www.fitmortgage.com	1 redirects
1	burbankcitymortgage.com	1 redirects
124	60

This site contains links to these domains. Also see Links.

Domain
gainfcu.mortgagewebcenter.com
podcasts.apple.com
podcasts.google.com
www.stitcher.com
open.spotify.com
mbr411.com
apps.hud.gov
www.facebook.com
twitter.com
www.instagram.com
ncua.gov
www.hud.gov

Subject Issuer	Validity	Valid
gainfcu.com Go Daddy Secure Certificate Authority - G2	`2023-08-17` - `2024-08-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
attribution.adswizz.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.libsyn.com Sectigo ECC Organization Validation Secure Server CA	`2023-06-14` - `2024-07-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-06` - `2024-03-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://gainfcu.com/loans/home.html
Frame ID: AC36CF5142D75A1722945416D8F5E0C0
Requests: 80 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
Frame ID: 4DBB68CDFE5C9E604D6520167B52F276
Requests: 17 HTTP requests in this frame

Frame: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Frame ID: D87C756D150195B982C6D1C098066F37
Requests: 9 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Frame ID: B923958AE7AB208182AA45BB1C273A66
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Frame ID: FAA54D700E1A311CF48FAB3394D263D2
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Frame ID: 08D8A364687044A8B8C62D1C21FB91C5
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Frame ID: 80A69B8980D2F17BFA6862C49B6DF554
Requests: 2 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=9585835&group=3&embedded=1&widget_version=3&unique_groups=0
Frame ID: 1F42FD86DDD84D516415D9448F523B69
Requests: 5 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Frame ID: D462A487F794F603A07260687989FD5B
Requests: 2 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Frame ID: F2D7075EC1D06947C89973224884FCDE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Loans - Gain Federal Credit Union

Page URL History Show full URLs

http://burbankcitymortgage.com/ HTTP 301
https://www.fitmortgage.com/ HTTP 301
https://gainfcu.com/loans/home.html Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

124
Requests

82 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

48
IPs

6
Countries

3078 kB
Transfer

8092 kB
Size

42
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://gainfcu.mortgagewebcenter.com/
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://gainfcu.mortgagewebcenter.com/ApplyNow
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://gainfcu.mortgagewebcenter.com/Account/Login
Title: Apply for a Mortgage Online

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/the-better-banking-podcast/id1642368360
Title: Subscribe on Apple Podcasts

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5saWJzeW4uY29tLzQyNjI1NC9yc3M
Title: Subscribe on Google Podcasts

Search URL Search Domain Scan URL

URL: https://www.stitcher.com/show/the-better-banking-podcast
Title: Follow us on Stitcher

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/3NJve45sT41kd1yOluU5YS?si=54df494c4fb1452a
Title: Follow us on Spotify

Search URL Search Domain Scan URL

URL: https://mbr411.com/9f8ng
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://apps.hud.gov/offices/hsg/sfh/hcc/fc/
Title: Avoiding Foreclosure

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GainCreditUnion/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/gainfcu
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gainfcu/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://ncua.gov/

Search URL Search Domain Scan URL

URL: http://www.hud.gov/fairhousing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://burbankcitymortgage.com/ HTTP 301
https://www.fitmortgage.com/ HTTP 301
https://gainfcu.com/loans/home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1511734465&utmhn=gainfcu.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20Loans%20-%20Gain%20Federal%20Credit%20Union&utmhid=1608943697&utmr=-&utmp=%2Floans%2Fhome.html&utmht=1709045235017&utmac=UA-18434615-1&utmcc=__utma%3D20327086.234302949.1709045235.1709045235.1709045235.1%3B%2B__utmz%3D20327086.1709045235.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1697872278&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18434615-1&cid=234302949.1709045235&jid=1697872278&_v=5.7.2&z=1511734465

Request Chain 48

https://insight.adsrvr.org/tags/imp7svn/wkf6whh/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

Request Chain 50

https://insight.adsrvr.org/tags/imp7svn/gj17fmc/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

Request Chain 62

https://insight.adsrvr.org/tags/imp7svn/wkf6whh/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

Request Chain 63

https://insight.adsrvr.org/tags/imp7svn/gj17fmc/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

Request Chain 65

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 66

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/D11028D2E7304CB0A218D9BC2424D96B HTTP 302
https://sync.1rx.io/usersync/simplifi/D11028D2E7304CB0A218D9BC2424D96B?zcc=1&cb=1709045235508 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003

Request Chain 67

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=D11028D2E7304CB0A218D9BC2424D96B&dongle=yf3

Request Chain 68

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 69

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 70

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D11028D2E7304CB0A218D9BC2424D96B HTTP 302
https://d.agkn.com/pixel/10751/?che=1709045235274&ip=81.95.5.36&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217203104805002979296 HTTP 302
https://um.simpli.fi/aa_px?sk=217203104805002979296 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 71

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 74

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D11028D2E7304CB0A218D9BC2424D96B;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D11028D2E7304CB0A218D9BC2424D96B;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MzkyNzg3MTY1Mzk4Nzc2MjUzMg== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENP-oZrIufuMPIuFBrVVav8&google_cver=1

Request Chain 75

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0&xl8blockcheck=1

Request Chain 77

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 78

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 79

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 80

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 81

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 82

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1709045235137&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskAQ&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI9uqa0eHLhAMVoEYeAh0uPgtCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskAQ&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI9uqa0eHLhAMVoEYeAh0uPgtCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSKQB7FLtqy7bHfErYdutuy3_3aeneeGWKuRsrJOPNkO-gFSYLW43-PoGB&random=2154032425 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskAQ&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI9uqa0eHLhAMVoEYeAh0uPgtCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSKQB7FLtqy7bHfErYdutuy3_3aeneeGWKuRsrJOPNkO-gFSYLW43-PoGB&random=2154032425&ipr=y

Request Chain 84

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=D11028D2E7304CB0A218D9BC2424D96B HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD11028D2E7304CB0A218D9BC2424D96B

Request Chain 85

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D11028D2E7304CB0A218D9BC2424D96B&expires=365

Request Chain 86

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D11028D2E7304CB0A218D9BC2424D96B

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEPBtXyM2nymTjE9SsSfrbW0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D11028D2E7304CB0A218D9BC2424D96B HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 88

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 122

https://assets.libsyn.com/item/26794440 HTTP 302
https://static.libsyn.com/p/assets/5/e/f/7/5ef7a151b183144ce5bbc093207a2619/s3-podcast-1400x1400-logo.png

124 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request home.html Show response
gainfcu.com/loans/
Redirect Chain

http://burbankcitymortgage.com/
https://www.fitmortgage.com/
https://gainfcu.com/loans/home.html

70 KB
15 KB

610ms
402ms

Document
text/html

20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

7de88d9c95aa41a688c89709d93083788376b890b97ece8b1520237277dc94bb

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14686
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Feb 2024 14:47:13 GMT
Keep-Alive: timeout=5, max=100
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: no-referrer-when-downgrade
Server: Apache/2.4.52 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

Connection: Keep-Alive
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 27 Feb 2024 14:47:13 GMT
Keep-Alive: timeout=5, max=100
Location: https://gainfcu.com/loans/home.html
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Server: Apache/2.4.52 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK jquery-ui.css
gainfcu.com/jquery/jquery_custom/ui-theme/ 35 KB
9 KB 158ms
97ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0f11b4233d591e1d733753c44fab03f975ef8acbaf3781ed5d8ceb81f7ee3e36

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 8510
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 21 Mar 2018 20:20:50 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8dd6-567f1ed536c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.timepicker-addon.css
gainfcu.com/jquery/jquery_plugins/ 2 KB
1 KB 252ms
94ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.timepicker-addon.css

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 519
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Mar 2018 13:30:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "798-568004e26af00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK voice.css
gainfcu.com/css/ 74 KB
18 KB 287ms
99ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/voice.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

cd24221ae7b2c2de7e68ad8b9a8533331d0a65845795e39c6c55527e7ff96a90

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 17273
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 25 Jul 2023 20:40:25 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "12669-60155bd988040-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK fonts.css
gainfcu.com/css/ 392 B
1 KB 283ms
94ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/fonts.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0ac8cf41678327d5312abf66448bc002687d6a9a9c11f5ef8af5d695e18df9a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 292
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 19 Jun 2018 15:56:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "188-56f00b94bf7c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK layout.css
gainfcu.com/css/ 29 KB
8 KB 285ms
96ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/layout.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8aa3be65862c05b5b197a7b75b80afb835f046e4fa1819d66204e6bebba4180f

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7247
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 20 Jun 2018 19:26:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "74a0-56f17c561b880-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK content.css
gainfcu.com/css/ 4 KB
2 KB 288ms
97ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/content.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

54948fca4882b9fe056441edea1713051a4587a1e1867d6965bdcdfc99246030

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1486
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 13 Jul 2018 15:00:47 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "10fe-570e2bea5a5c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK rates.css
gainfcu.com/css/ 4 KB
2 KB 287ms
96ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/rates.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

49d372b68c2e94a6b0226a0a85579e1346f334a26ba50a8229615441a2c64a98

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1326
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 31 Aug 2021 20:01:35 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f85-5cae06ab0a5c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bits.css
gainfcu.com/css/ 29 KB
7 KB 347ms
95ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/bits.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

857fb56f3fc02a61fc4de25d40f147df5e7c39871f94b7e0e7eaa61b7a02990f

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6584
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Dec 2023 14:50:44 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "74e1-60c79687f1900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK iconic.css
gainfcu.com/css/ 61 KB
9 KB 378ms
95ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/iconic.css?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

5dd26d79a322117aa09d1e6248db551296a013bbf7ab2803f962c05438d28bba

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 8162
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 19 Sep 2016 18:24:26 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f5b8-53ce06c028a80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
gainfcu.com/jquery/jquery_custom/js/ 87 KB
31 KB 384ms
99ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_custom/js/jquery-3.5.1.min.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 30910
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 23:02:39 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "15d84-5a4da870aa1c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery-ui.min.js Show response
gainfcu.com/jquery/jquery_custom/ui-theme/ 314 KB
76 KB 393ms
105ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_custom/ui-theme/jquery-ui.min.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

cada70d07e8e32ed5ca32fd9ae87f4d8be60eb13c60c6e3e9fcbb7c8b7b6854d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Apr 2018 18:38:56 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4e817-56a4c00247000-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.json.min.js Show response
gainfcu.com/jquery/jquery_plugins/ 2 KB
2 KB 383ms
95ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.json.min.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1033
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 23 Mar 2018 12:10:36 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7f0-568134fcc2700-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.timepicker-addon.l9.js Show response
gainfcu.com/jquery/jquery_plugins/ 77 KB
19 KB 446ms
98ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.timepicker-addon.l9.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18987
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 07 May 2018 13:39:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13315-56b9dcdb85340-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK jquery.validate.min.js Show response
gainfcu.com/jquery/jquery_plugins/ 23 KB
8 KB 474ms
95ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.validate.min.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7502
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Mar 2018 16:44:11 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5add-56803045dccc0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.flexslider.l9.js Show response
gainfcu.com/jquery/jquery_plugins/ 55 KB
13 KB 475ms
96ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.flexslider.l9.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12349
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 15 Jun 2018 17:21:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "dde9-56eb173d292c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK jquery.placeholder.js Show response
gainfcu.com/jquery/jquery_plugins/ 5 KB
2 KB 542ms
95ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/jquery/jquery_plugins/jquery.placeholder.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1748
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 07 May 2015 19:12:16 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "14e3-51582b0946400-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK main.js Show response
gainfcu.com/scripts/ 23 KB
7 KB 577ms
100ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/scripts/main.js?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

81d6cb3daf366efa83b3fa9975d464a9d37ef9d2b09de92db947a87928c680c4

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6248
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Feb 2022 17:31:15 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5b72-5d720804cdec0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK menu-mobile.js Show response
gainfcu.com/scripts/ 2 KB
1 KB 575ms
99ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/scripts/menu-mobile.js?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d941290853308c540ca93dbe89435a84833bfc11c1a3b47501c075a719b6ed68

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 612
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 06 Jun 2018 14:54:13 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "69c-56dfa5708cf40-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK main_custom.js Show response
gainfcu.com/scripts/ 16 KB
5 KB 576ms
99ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/scripts/main_custom.js?ver=202312220000

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f23601b799258b4bc9086900b68186ebce36cbe89e092f6b0b17a7bd1f29a972

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4338
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Dec 2023 14:31:43 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3fc2-60c79247cd1c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK rates.js Show response
gainfcu.com/scripts/ 4 KB
2 KB 577ms
98ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/scripts/rates.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0a4497d06973d8de86df15625ff83418fabc108b0993bfa90a4e4e45cf4e1a6a

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1045
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 24 May 2018 19:31:08 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "10bf-56cf8b16db700-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK comments.js Show response
gainfcu.com/scripts/ 11 KB
3 KB 637ms
95ms Script
text/javascript 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/scripts/comments.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8a7c0bbf650b679130c697c572c14667d82423329b7d3cdb43a49b59ea0a72db

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1970
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 19 Sep 2019 12:20:34 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2a60-592e6faf44880-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK Gain-logo-simplified-color.svg
gainfcu.com/img/ 8 KB
8 KB 97ms
97ms Image
image/svg+xml 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/img/Gain-logo-simplified-color.svg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

04971749014ddf65909b23f2633f37901b4f124958c29975058089d57a9caaac

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Mon, 25 Jul 2022 14:23:11 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "1e75-5e4a1ec6d31c0"
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7797

GET
H/1.1 200
OK Bank-With-Us.jpg
gainfcu.com/content/images/230/ 14 KB
14 KB 191ms
191ms Image
image/jpeg 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/content/images/230/Bank-With-Us.jpg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d629e9c6c2d8c447b5995cdbe2861764d9d8c723dc10459e70f2c958e5e1dea2

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Mon, 12 Jul 2021 17:48:42 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "36ab-5c6f0bb6597d7"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 13995

GET
H/1.1 200
OK GainFCU_MC_05_Classic_3000x3000.jpg
gainfcu.com/content/images/230/ 17 KB
17 KB 95ms
94ms Image
image/jpeg 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/content/images/230/GainFCU_MC_05_Classic_3000x3000.jpg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

fd8890000a017d7287f418d11dad25b5c87cc36516be379acda1b7934d37bd37

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Wed, 07 Feb 2024 18:26:36 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "4316-610ced5ca82aa"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 17174

GET
H/1.1 200
OK Car_Couple.jpg
gainfcu.com/content/images/230/ 19 KB
20 KB 96ms
95ms Image
image/jpeg 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/content/images/230/Car_Couple.jpg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

b09c7f89efb95677aa298197028cf5c102b829cbe6682e082dae7632188b6acd

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Mon, 09 Jul 2018 18:39:13 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "4b43-570955475d640"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19267

GET
H/1.1 200
OK mobilepay_megamenupromo_900x600.jpg
gainfcu.com/content/images/230/ 11 KB
12 KB 97ms
96ms Image
image/jpeg 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/content/images/230/mobilepay_megamenupromo_900x600.jpg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

e09943a9cc4cd82ac949bd7bcaab408e325a909a0e11330e46fb8ef3b0366086

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Tue, 29 Jun 2021 20:09:52 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "2df1-5c5ed304ff76b"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11761

GET
H/1.1 200
OK logo-footer-ncua.png
gainfcu.com/img/ 5 KB
6 KB 98ms
97ms Image
image/png 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/img/logo-footer-ncua.png

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

3320e6577fd5af40e03a29526ac81233acf9ccde213b7f02e9bf1a03f08bb607

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Wed, 21 Sep 2016 19:40:11 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "137b-53d09b6987cc0"
Content-Type: image/png
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4987

GET
H/1.1 200
OK logo-footer-ehl.png
gainfcu.com/img/ 2 KB
3 KB 95ms
95ms Image
image/png 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/img/logo-footer-ehl.png

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0018af04f7b3b8b540b9d475bd60a3ce46724ea8891074b12810aa393a1d1099

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Wed, 21 Sep 2016 19:51:22 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "9a9-53d09de972280"
Content-Type: image/png
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2473

GET
H/1.1 200
OK Gain-logo-simplified-white.svg
gainfcu.com/img/ 8 KB
8 KB 96ms
96ms Image
image/svg+xml 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gainfcu.com/img/Gain-logo-simplified-white.svg

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

67ed1d484c5aee7263822e39f50335b7d158142f409cb6682650a20dff5cac64

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Mon, 25 Jul 2022 14:24:10 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "1e69-5e4a1eff17680"
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7785

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
83 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CE8NCGEK4X

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69f30d790e0785e9c4bdc04c1ab6db560284310afca8ae7559cd51cb5a9ed581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85071
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 14:47:14 GMT

GET
H2 200 Gain_Federal_Credit_Union.js Show response
tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/ 1 KB
2 KB 102ms
25ms Script
text/javascript 2600:9000:225e:6000:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6000:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d7ccc0cfb8ea193f6211f027b259c0016b4756851dec10f463782fd3839feb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:54:21 GMT
x-amz-version-id: 8WZa0X5bycqCwrksEuCrQwRrZVzGx9A4
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 00:49:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85975
etag: "689eda045e27381bbfa60f76a45e9d9d"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1310
x-amz-cf-id: Q5j6NCseo6KRyPAOmnBCaCTq6jsbeZaCEskiurDOMmwZ4Fjgx00cRQ==

GET
H2 200 fire
us-21305-adswizz.attribution.adswizz.com/ 68 B
176 B 131ms
41ms Image
image/png 34.255.245.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-21305-adswizz.attribution.adswizz.com/fire?pixelId=927d8efc-07ef-4f5c-a86f-40db1d1349e3&type=sitevisit&subtype=HomePage&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb20vaWRzeW5jL2V4L3JlY2VpdmU_cGFydG5lcl9pZD0yOTk0JjwjaWYgcmVxdWVzdC5saXN0ZW5lcklkP21hdGNoZXMoJ1swLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfScpPnBhcnRuZXJfdHlwZWRfZGlkPSU3QiUyMkhBUkRXQVJFX0FORFJPSURfQURfSUQlMjIlM0ElMjIke3JlcXVlc3QubGlzdGVuZXJJZH0lMjIlN0Q8I2Vsc2VpZiByZXF1ZXN0Lmxpc3RlbmVySWQ_bWF0Y2hlcygnWzAtOUEtRl17OH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17MTJ9Jyk-cGFydG5lcl90eXBlZF9kaWQ9JTdCJTIySEFSRFdBUkVfSURGQSUyMiUzQSUyMiR7cmVxdWVzdC5saXN0ZW5lcklkfSUyMiU3RDwjZWxzZT5wYXJ0bmVyX2RldmljZV9pZD0ke3JlcXVlc3QubGlzdGVuZXJJZCF9PC8jaWY-
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.245.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-71.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
x-envoy-upstream-service-time: 12
server: istio-envoy
content-length: 68
content-type: image/png

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Nunito:300,400

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/css/fonts.css?ver=202312220000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f965103000bd74108aa70ffdbeb7009062d145cd0f212d3d49754c21e48cb97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/css/fonts.css?ver=202312220000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 14:47:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 14:47:14 GMT

GET
H/1.1 200
OK font-awesome.min.css
gainfcu.com/css/ 28 KB
7 KB 100ms
95ms Stylesheet
text/css 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/font-awesome.min.css

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/css/voice.css?ver=202312220000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

1188269b4bb77df6f5ae55f5d8038b3cfc46f4e76e3157e961e04ad14709db05

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/css/voice.css?ver=202312220000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6593
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 16 Jun 2016 16:31:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7062-53567c3a7a200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
27 KB 48ms
10ms Script
application/javascript 23.38.98.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-99.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 16f89c3b0a0290083390766a8d204c69e7867a6c4364da6ab91ff7a696c75e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: IGWgvBMdI3g0SRmkkwQsw6JI2nm2NtLs
content-encoding: br
date: Tue, 27 Feb 2024 14:47:14 GMT
last-modified: Thu, 22 Feb 2024 15:08:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"9389b73cfa6e96432dfca7b04b37b1dd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: Bu1C5THpcc2BkNOQt7XmuwKhLkjTM1kIGcqqDm39pRmomjvp5nOBXw==
content-length: 27453
expires: Tue, 27 Feb 2024 22:47:14 GMT

GET
H2 200 IutiMbXFPtE Show response
www.youtube.com/embed/ Frame 4DBB 91 KB
40 KB 138ms
115ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c6c07c760bdb0f697c695930372ac3efd4d6d0db95bc1604569819efbd995cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-7S3sCS_4giirgpNSYwKONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 14:47:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 yes Show response
play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/ Frame D87C 1 KB
744 B 307ms
100ms Document
text/html 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e9897d06c87987816d4e6e94c81d86461f5aec644c8626198db377b653e5868d

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 503
content-type: text/html
date: Tue, 27 Feb 2024 14:47:15 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
x-libsyn-host: (null)

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 14:02:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2657
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 27 Feb 2024 16:02:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Feb 2024 14:47:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: DNdnzOvh4V7M2BnLDbV3FJKmBjo+9aChvU2zs9jFXLe9h+Qu/+VsuEZJ9hIK3oRNt1q4ds7lU2B0P1HEBT2DaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 30ms
7ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:14 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-muc13980-MUC

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gainfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:49:36 GMT
x-content-type-options: nosniff
age: 21458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:49:36 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
gainfcu.com/css/fonts/ 69 KB
70 KB 122ms
94ms Font
font/woff2 20.22.186.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gainfcu.com/css/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/css/font-awesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.22.186.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gainfcu.com/css/font-awesome.min.css
Origin: https://gainfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:47:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Last-Modified: Thu, 16 Jun 2016 16:31:13 GMT
Server: Apache/2.4.52 (Ubuntu)
Referrer-Policy: no-referrer-when-downgrade
ETag: "11448-53567c430f640"
Content-Type: font/woff2
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 70728

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 43ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gainfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:08:27 GMT
x-content-type-options: nosniff
age: 20327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20432
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:08:27 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 46ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gainfcu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:56 GMT
x-content-type-options: nosniff
age: 21498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:48:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 42ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CE8NCGEK4X&gtm=45je42q0v9130269928za220&_p=1709045234913&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=234302949.1709045235&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709045234&sct=1&seg=0&dl=https%3A%2F%2Fgainfcu.com%2Floans%2Fhome.html&dt=Home%20Loans%20-%20Gain%20Federal%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1873
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE8NCGEK4X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gainfcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 334 B
534 B 202ms
165ms Script
application/javascript 104.126.37.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9585835&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fgainfcu.com%2Floans%2Fhome.html&channel_type=code&jsonp=__a6ppfbdgyva

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c539c510edb58cfece758560e458a63f0452cc67f7a9e3bcf047916918d1eb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://gainfcu.com/loans/home.html;
X-Frame-Options	allow-from https://gainfcu.com/loans/home.html

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://gainfcu.com/loans/home.html;
date: Tue, 27 Feb 2024 14:47:15 GMT
content-length: 334
vary: Accept-Encoding
x-frame-options: allow-from https://gainfcu.com/loans/home.html
content-type: application/javascript; charset=UTF-8

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1511734465&utmhn=gainfcu.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20L...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18434615-1&cid=234302949.1709045235&jid=1697872278&_v=5.7.2&z=1511734465

35 B
337 B

299ms
19ms

Image
image/gif

2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18434615-1&cid=234302949.1709045235&jid=1697872278&_v=5.7.2&z=1511734465

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Feb 2024 14:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18434615-1&cid=234302949.1709045235&jid=1697872278&_v=5.7.2&z=1511734465
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2666397306927167 Show response
connect.facebook.net/signals/config/ 49 KB
11 KB 120ms
119ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2666397306927167?v=2.9.147&r=stable&domain=gainfcu.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a31535988c3f3ab29b16ac07762d2f5ce557e9d0f4a2e2c176fe5e090d7f5a08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Feb 2024 14:47:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: PsLkdZCmQ6weTAKzfncH20V75RQnFo1OnSkMSt7qam6tQ1vsNGAdNYFmvXw3hTa3yTSINLgE+IyPU4aAWB1VZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/ Frame B923
Redirect Chain

https://insight.adsrvr.org/tags/imp7svn/wkf6whh/iframe
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

133 B
663 B

90ms
36ms

Document
text/html

18.238.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.17.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-17-128.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d48a47cbed94310ef3951dc794e3ae6ee5e4a161ba26d302ac5a59838adb2d4e

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 10294
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Tue, 27 Feb 2024 11:55:42 GMT
ETag: "e2695a705d2896e93c8b0c933c9d0c42"
Last-Modified: Fri, 01 Oct 2021 23:43:25 GMT
Server: AmazonS3
Via: 1.1 5ca3eb318b3d637b6c83037daa75f174.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7gvvEHja8hLiDUHi6134JBxz5QFTxsHxfgrMvr5t-uvdyE_5USZV6A==
X-Amz-Cf-Pop: AMS58-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Tue, 27 Feb 2024 14:47:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 760ms
370ms Script
text/javascript 52.8.216.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-80.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "613-5f9d69bae4944-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 745

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/ Frame FAA5
Redirect Chain

https://insight.adsrvr.org/tags/imp7svn/gj17fmc/iframe
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

133 B
663 B

89ms
12ms

Document
text/html

18.238.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.17.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-17-128.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d7ec235015bff1eec61ed60bb7eadf96f1fb99565a85f8b42a8b09f2531584a

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 65461
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Mon, 26 Feb 2024 20:36:15 GMT
ETag: "8ee01171bfd60b4711e89a9605333121"
Last-Modified: Fri, 01 Oct 2021 23:43:25 GMT
Server: AmazonS3
Via: 1.1 9929448596fb4faec2a082aabe759212.cloudfront.net (CloudFront)
X-Amz-Cf-Id: oOzQXbJH9zMetm2JhxZGR2gAbgI5uaBKCgTJ-MlbqXUhShaA5xOQdw==
X-Amz-Cf-Pop: AMS58-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Tue, 27 Feb 2024 14:47:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

GET
H2 200 353dfe70-815d-013a-c5d6-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 64ms
17ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/353dfe70-815d-013a-c5d6-06a60fe5fe77
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9bed5692fafafa579d0d31898fd9b083a534e712dc66c84096373d239a281033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F7e_lh7YLg_WqGfpzFRB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
148 B 100ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=imp7svn&ct=0:gj17fmc&fmt=3
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 adsct
t.co/i/ 43 B
377 B 142ms
116ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b7f23111-7fc8-4e27-ac6c-b840b583d1a4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c7132c69-a143-42c8-a7e9-ae5599d94f20&tw_document_href=https%3A%2F%2Fgainfcu.com%2Floans%2Fhome.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3sca&type=javascript&version=2.3.29

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 27 Feb 2024 14:47:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e8b0c59ec1b0f54
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 6bfe2a402522480b925f738e3db2868e72cee02038ffb1804035f46b0ab707c5
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 138ms
109ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b7f23111-7fc8-4e27-ac6c-b840b583d1a4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c7132c69-a143-42c8-a7e9-ae5599d94f20&tw_document_href=https%3A%2F%2Fgainfcu.com%2Floans%2Fhome.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3sca&type=javascript&version=2.3.29

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4d59bb9708d2af39
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 5cb97dc430cb90e7d3a7f22e9e84957a4847ae00142d8b0e8068c0e2ee75a617
content-length: 43

GET
H2 200 Gain_Federal_Credit_Union.js Show response
tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/ 1 KB
2 KB 9ms
9ms Script
text/javascript 2600:9000:225e:6000:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6000:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d7ccc0cfb8ea193f6211f027b259c0016b4756851dec10f463782fd3839feb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:54:21 GMT
x-amz-version-id: 8WZa0X5bycqCwrksEuCrQwRrZVzGx9A4
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 00:49:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85975
etag: "689eda045e27381bbfa60f76a45e9d9d"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1310
x-amz-cf-id: NBzQRGMwbTo-xdGjlR7lQqhUQrstTRkAxUGaeqyHZ5OUiZROPcrq0Q==

GET
H2 200 www-player.css
www.youtube.com/s/player/3ffefd71/ Frame 4DBB 367 KB
47 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3ffefd71/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c6664535088c169d1900c7b4f749d59530506ba2f16bc07c131027a30662897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48273
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 05:19:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 09:18:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DBB 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:49:09 GMT
x-content-type-options: nosniff
age: 21486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:49:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DBB 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 20138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:11:37 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/ Frame 4DBB 54 KB
17 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ebf4dfd788bc640091d63e609fe3e5302ddf933a31ad9eea4759ce857906e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16888
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 05:19:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 09:08:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/3ffefd71/www-embed-player.vflset/ Frame 4DBB 318 KB
95 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3ffefd71/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a0d0f8e57f9d3e02b5ed9a3b2def0e26ff8bf1ba600fb89dc94194e8254fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 13:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97125
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 05:19:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 13:38:19 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/ Frame 4DBB 2 MB
779 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

820b29106d1cbb3fbe35c4afc2224d51f689b9cafd0f29c66d780eae8a5cc583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 797343
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 05:19:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 09:00:07 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/ Frame 08D8
Redirect Chain

https://insight.adsrvr.org/tags/imp7svn/wkf6whh/iframe
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

133 B
663 B

91ms
37ms

Document
text/html

18.238.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.17.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-17-128.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d48a47cbed94310ef3951dc794e3ae6ee5e4a161ba26d302ac5a59838adb2d4e

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 10294
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Tue, 27 Feb 2024 11:55:42 GMT
ETag: "e2695a705d2896e93c8b0c933c9d0c42"
Last-Modified: Fri, 01 Oct 2021 23:43:25 GMT
Server: AmazonS3
Via: 1.1 80870c148d8c8f3b510fdacf10500460.cloudfront.net (CloudFront)
X-Amz-Cf-Id: PHpNkOSLLQFhmoYZoZZ1EJL3DicLZLsECmg1RcUofxmxDMdYFoAAJg==
X-Amz-Cf-Pop: AMS58-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Tue, 27 Feb 2024 14:47:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/ Frame 80A6
Redirect Chain

https://insight.adsrvr.org/tags/imp7svn/gj17fmc/iframe
https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

133 B
663 B

78ms
24ms

Document
text/html

18.238.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/gainfederalcreditunion_vfzssk1rnuvzekk9/Gain_Federal_Credit_Union.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.17.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-17-128.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d7ec235015bff1eec61ed60bb7eadf96f1fb99565a85f8b42a8b09f2531584a

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 65461
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Mon, 26 Feb 2024 20:36:15 GMT
ETag: "8ee01171bfd60b4711e89a9605333121"
Last-Modified: Fri, 01 Oct 2021 23:43:25 GMT
Server: AmazonS3
Via: 1.1 6cbc993371a5407a8b834ea22f7fcbd2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fRE1ERfrZhar0_ii__-3FzREpBRDZSSZ7jQ8K6mHOqlpP0Pdz6OxEw==
X-Amz-Cf-Pop: AMS58-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Tue, 27 Feb 2024 14:47:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe

GET
H2 200 p Show response
i.simpli.fi/ 804 B
768 B 41ms
15ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=362942&cb=sifi_att_35464505214._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/353dfe70-815d-013a-c5d6-06a60fe5fe77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7800a025e484143e31303719d219c7732478a5e56d5ced91b97e4dabecb20761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D11028D2E7304CB0A218D9BC2424D96B

0
237 B

65ms
20ms

Image
text/plain

2600:9000:211e:de00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 2600:9000:211e:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
cache-control: no-cache, must-revalidate
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: LiDn2r1ynWtFsE-iwFD-TiKUkyVvb83xPgMD1iJxkpRwuL3GDwQmwA==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/D11028D2E7304CB0A218D9BC2424D96B
https://sync.1rx.io/usersync/simplifi/D11028D2E7304CB0A218D9BC2424D96B?zcc=1&cb=1709045235508
https://sync.targeting.unrulymedia.com/csync/RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003

43 B
378 B

277ms
233ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003
pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=D11028D2E7304CB0A218D9BC2424D96B&dongle=yf3

37 B
140 B

32ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=D11028D2E7304CB0A218D9BC2424D96B&dongle=yf3
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=D11028D2E7304CB0A218D9BC2424D96B&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=D11028D2E7304CB0A218D9BC2424D96B

43 B
175 B

354ms
90ms

Image
image/gif

2600:1f18:612b:4232:2e8c:cdc6:e8e1:713a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 2600:1f18:612b:4232:2e8c:cdc6:e8e1:713a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 27 Feb 2024 14:47:15 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B

95 B
427 B

25ms
25ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D11028D2E7304CB0A218D9BC2424D96B
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D11028D2E7304CB0A218D9BC2424D96B
https://d.agkn.com/pixel/10751/?che=1709045235274&ip=81.95.5.36&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217203104805002979296
https://um.simpli.fi/aa_px?sk=217203104805002979296
https://um.simpli.fi/empty.gif

43 B
361 B

19ms
18ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D11028D2E7304CB0A218D9BC2424D96B

0
0

64ms
12ms

Image
text/html

18.239.69.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 18.239.69.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-49.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 18ms
17ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 19ms
18ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=D11028D2E7304CB0A218D9BC2424D96B;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=D11028D2E7304CB0A218D9BC2424D96B;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MzkyNzg3MTY1Mzk4Nzc2MjUzMg==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENP-oZrIufuMPIuFBrVVav8&google_cver=1

43 B
380 B

39ms
19ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENP-oZrIufuMPIuFBrVVav8&google_cver=1
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENP-oZrIufuMPIuFBrVVav8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0&xl8blockcheck=1

0
771 B

44ms
44ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0&xl8blockcheck=1
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=D11028D2E7304CB0A218D9BC2424D96B&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 20ms
19ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=D11028D2E7304CB0A218D9BC2424D96B

0
421 B

557ms
244ms

Image
text/plain

52.45.42.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: HTTP/1.1
Server: 52.45.42.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-42-225.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 27 Feb 2024 14:47:15 GMT

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=D11028D2E7304CB0A218D9BC2424D96B

62 B
445 B

212ms
162ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 27 Feb 2024 14:47:15 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

404

tpid=D11028D2E7304CB0A218D9BC2424D96B
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D11028D2E7304CB0A218D9BC2424D96B

49 B
265 B

98ms
29ms

Image
image/gif

63.35.74.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 63.35.74.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-74-224.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.7.217
content-length: 49
expires: 0

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=D11028D2E7304CB0A218D9BC2424D96B

0
205 B

113ms
28ms

Image
text/plain

63.34.193.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 63.34.193.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-193-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=D11028D2E7304CB0A218D9BC2424D96B

0
98 B

42ms
18ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1709045235137&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvysk...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskA...

42 B
455 B

56ms
35ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskAQ&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI9uqa0eHLhAMVoEYeAh0uPgtCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSKQB7FLtqy7bHfErYdutuy3_3aeneeGWKuRsrJOPNkO-gFSYLW43-PoGB&random=2154032425&ipr=y

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1839335339&cv=7&fst=1709045235137&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8_XdZbalDqCN-cAPrvyskAQ&sscte=1&crd=COy7sQII4b2xAg&pscrd=IhMI9uqa0eHLhAMVoEYeAh0uPgtCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&cid=CAQSKQB7FLtqy7bHfErYdutuy3_3aeneeGWKuRsrJOPNkO-gFSYLW43-PoGB&random=2154032425&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 21ms
20ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=D11028D2E7304CB0A218D9BC2424D96B
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD11028D2E7304CB0A218D9BC2424D96B

43 B
1 KB

17ms
16ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD11028D2E7304CB0A218D9BC2424D96B

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
an-x-request-uuid: 698bc4d7-ef1c-4d89-8a16-ed31f9d12166
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
an-x-request-uuid: 6a19e6a1-69f6-4c41-8059-47a9821e7cf1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD11028D2E7304CB0A218D9BC2424D96B
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D11028D2E7304CB0A218D9BC2424D96B&expires=365

0
239 B

90ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D11028D2E7304CB0A218D9BC2424D96B&expires=365
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D11028D2E7304CB0A218D9BC2424D96B&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D11028D2E7304CB0A218D9BC2424D96B

43 B
264 B

53ms
18ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D11028D2E7304CB0A218D9BC2424D96B
Requested by: Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D11028D2E7304CB0A218D9BC2424D96B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 26 Feb 2024 14:47:15 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEPBtXyM2nymTjE9SsSfrbW0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D11028D2E7304CB0A218D9BC2424D96B
https://um.simpli.fi/g_match?id=

0
320 B

16ms
16ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 26 Feb 2024 14:47:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4DBB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
16ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0d4f51e6582180554f71f7a857e47b958f8807671d8f9381c00230e814ebef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 27 Feb 2024 14:47:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4DBB 29 B
494 B 27ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3ffefd71/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:45:40 GMT
x-content-type-options: nosniff
age: 95
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 15:00:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2666397306927167&ev=PageView&dl=https%3A%2F%2Fgainfcu.com&rl=&if=false&ts=1709045235189&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4124&fbp=fb.1.1709045235187.1370883743&pm=1&hrl=60eeeb&ler=empty&cdl=API_unavailable&it=1709045235034&coo=false&cs_cc=1&cas=2916328968481122&exp=e1&rqm=GET

Requested by

Host: gainfcu.com
URL: https://gainfcu.com/loans/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Feb 2024 14:47:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
15ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 Feb 2024 14:47:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DBB 87 KB
40 KB 26ms
25ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d41651feb4ad74c4db5875a32ae4f3df3a879050923f4ed37f9fb0185be7840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40803
x-xss-protection: 0

GET
H2 200 QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js Show response
www.google.com/js/th/ Frame 4DBB 51 KB
20 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 19:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 19:41:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/IutiMbXFPtE/ Frame 4DBB 28 KB
29 KB 84ms
62ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IutiMbXFPtE/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGEMgTyhyMA8=&rs=AOn4CLBWVP7Kpr48TSOzl4BQwGQqXSVtIw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e864061f95a3c64d6acc3cd3c29a6666f68f850782ce30612383bf47cccf60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28925
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Feb 2024 16:47:15 GMT

GET
DATA 200
OK truncated
/ Frame 4DBB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIdro_kKyxZ7Qj20LmdlLh102LeDkChweoITKvyx7hxy5Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4DBB 4 KB
4 KB 49ms
27ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIdro_kKyxZ7Qj20LmdlLh102LeDkChweoITKvyx7hxy5Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

922973f29edcedb4fc237e22a2877113a7dc0039c5200c225d47233187229e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v316"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
expires: Wed, 28 Feb 2024 14:47:15 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 80A6 70 B
148 B 30ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=imp7svn&ct=0:gj17fmc&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ Frame D87C 11 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Requested by

Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:56:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 14:47:15 GMT

GET
H2 200 index-e38a2923.js Show response
play.libsyn.com/assets/ Frame D87C 655 KB
213 KB 196ms
196ms Script
text/javascript 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/assets/index-e38a2923.js
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d78d17cd4fb36f6a8f3b40249b9fe5429f89e3cf1a58d7b05ac3e6591f35f885

Request headers

Referer: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Origin: https://play.libsyn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-libsyn-host: (null)
accept-ranges: bytes
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 vendor-c69516f0.js Show response
play.libsyn.com/assets/ Frame D87C 238 KB
82 KB 296ms
296ms Script
text/javascript 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/assets/vendor-c69516f0.js
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8c63fbb0e24d99bb8e9649bbebb866d6d5ea93f4ec34a556a24451e9e1676ef0

Request headers

Referer: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Origin: https://play.libsyn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-libsyn-host: (null)
accept-ranges: bytes
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 index-7d834d9e.css
play.libsyn.com/assets/ Frame D87C 82 KB
18 KB 99ms
99ms Stylesheet
text/css 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/assets/index-7d834d9e.css
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7d834d9eb39e772fd2a11b417718c61f8b2e859eb47ab44086b7e57a7f874b10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-libsyn-host: (null)
accept-ranges: bytes
content-length: 17928
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame FAA5 70 B
148 B 30ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=imp7svn&ct=0:gj17fmc&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/gj17fmc/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame B923 70 B
148 B 30ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=imp7svn&ct=0:wkf6whh&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 08D8 70 B
148 B 30ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=imp7svn&ct=0:wkf6whh&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/imp7svn/wkf6whh/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
2 KB 197ms
197ms Script
application/javascript 104.126.37.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=6e45e19d-350e-4043-bb0d-b145966a8e06&version=2342.8.8.1122.17.48.21.13.5.45.5.88.1&group_id=3&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2759a2e11efac83f1470607e670099e652da4baaa095e4e9c682aa37eb639380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1576
expires: Tue, 27 Feb 2024 14:57:15 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4DBB 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oK72wA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 Feb 2024 14:47:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DBB 90 B
134 B 27ms
27ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3ffefd71/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a032ad54341df43d7f9f0e5c438eab8466641a93b28429db840336e3e5ddc470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 1F42 9 KB
3 KB 333ms
322ms Document
text/html 104.126.37.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9585835&group=3&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 034230f3b8ee3efbc242458078dcce0431ee9efe454821329a6f92b0082c2446

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 2612
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 14:47:15 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 529ms
528ms Script
application/javascript 104.126.37.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=6e45e19d-350e-4043-bb0d-b145966a8e06&version=8b4136637a184fd9fc32b59b8d4ec45a&language=en&group_id=3&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10620c905f13a3f3af6a35efe1f9bd38018a6a15e7e6144855aab5c0543a66b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gainfcu.com/loans/home.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 3894
expires: Tue, 27 Feb 2024 14:57:15 GMT

GET
H2 200 0.36010c68.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1F42 210 KB
65 KB 61ms
57ms Script
application/javascript 23.38.98.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.36010c68.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9585835&group=3&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-99.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7076fc2f2aa2504e1aeebe26c504e53485257de32e7eecb4b10bc560534813cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: p7x_TsIOttLH._j8BHtRNyM0Zl0vlfg9
content-encoding: br
date: Tue, 27 Feb 2024 14:47:15 GMT
last-modified: Thu, 22 Feb 2024 10:38:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"85ed495db243857cd8c24bfc3a820c97"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 7DbBraqEl6ht10EpPS8Pj8XEW4l6qPc3CFo6cD3rzpzzlkAu-rp2HQ==
content-length: 66494
expires: Wed, 26 Feb 2025 14:47:15 GMT

GET
H2 200 1.a5eff93c.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1F42 328 KB
93 KB 11ms
7ms Script
application/javascript 23.38.98.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.a5eff93c.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9585835&group=3&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-99.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 34d79d4b2d0785d12b96c15404c85e4c97c82332f5e0609fbef3c9bc001df952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: _hgUFU86t9cZNMIYGJsZy38BAD6BB31P
content-encoding: br
date: Tue, 27 Feb 2024 14:47:15 GMT
last-modified: Thu, 22 Feb 2024 15:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"c3346d87925c6864ed546293cbe5a431"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: OKz3U45EILEBh4Xm8jvofeZ8dg6pDzJmO4iwii_OAj8mWljGgaqpng==
content-length: 94911
expires: Wed, 26 Feb 2025 14:47:15 GMT

GET
H2 200 iframe.5c56b7ae.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1F42 532 KB
143 KB 11ms
7ms Script
application/javascript 23.38.98.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.5c56b7ae.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9585835&group=3&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-99.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b75c1442b596528367018e043a0b70bdd7dd236606a0f2ca0928f77951c5d8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: B9BXDBvw4sClbvwo4A2qv8uDVTWAj5s4
content-encoding: br
date: Tue, 27 Feb 2024 14:47:15 GMT
last-modified: Thu, 22 Feb 2024 15:08:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"65d77c8c53affb52cbcd7227c3ba40a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: c8s2u1TkiDZ8E6HaLN9R8F1XYvBMwYCdU7fNpohimHfvh-35BaHSDQ==
content-length: 145958
expires: Wed, 26 Feb 2025 14:47:15 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/v2/customer/ Frame 1F42 195 B
1 KB 145ms
144ms XHR
application/json 104.126.37.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/v2/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.36010c68.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 147dbc677533dc49c5268aff4f6799f9ff4c6b22e75b9592224839beac4d170b

Request headers

Referer: https://secure.livechatinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:16 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 195
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cv Show response
adservices.brandcdn.com/pixel/ Frame D462 4 KB
2 KB 168ms
167ms Document
text/html 52.8.216.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-80.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Tue, 27 Feb 2024 14:47:16 GMT
etag: "1002-5f9d69bae4944;5f9d69bae4944
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 cv Show response
adservices.brandcdn.com/pixel/ Frame F2D7 4 KB
2 KB 168ms
168ms Document
text/html 52.8.216.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-80.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

Referer: https://gainfcu.com/loans/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Tue, 27 Feb 2024 14:47:16 GMT
etag: "1002-5f9d69bae4944;5f9d69bae4944
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 26794440 Show response
html5-player.libsyn.com/api/episode/id/ Frame D87C 2 KB
3 KB 979ms
230ms XHR
application/json 204.16.247.184
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-player.libsyn.com/api/episode/id/26794440
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/assets/vendor-c69516f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.184 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: c72c7330c4497f47a4e6f8566083386f11f59e6efdc3915b04abb76a0e6d967a

Request headers

Accept: application/json, text/plain, */*
Referer: https://play.libsyn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:16 GMT
server: Apache
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-libsyn-host: v74pl-02
content-length: 2239
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cv_confirm.png
adservices.brandcdn.com/pixel/ Frame D462 68 B
556 B 175ms
175ms Image
image/png 52.8.216.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=126476&buid=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=&oid=71563595
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-80.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:16 GMT
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
accept-ranges: bytes
etag: "44-5f9d69bae4944"
content-length: 68
content-type: image/png

GET
H2 200 cv_confirm.png
adservices.brandcdn.com/pixel/ Frame F2D7 68 B
559 B 938ms
938ms Image
image/png 52.8.216.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=126476&buid=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=&oid=34301148
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.216.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-216-80.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adservices.brandcdn.com/pixel/cv?aid=126476&cv_ck=1abf2b95-fe2d-47d4-af41-162ed7d80292&m=gainfcu.com&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:47:17 GMT
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
accept-ranges: bytes
etag: "44-5f9d69bae4944"
content-length: 68
content-type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame D87C 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.libsyn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 557720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 03:51:57 GMT

GET
H2 200 libsyn-logo.png
play.libsyn.com/assets/ Frame D87C 26 KB
26 KB 97ms
97ms Image
image/png 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.libsyn.com/assets/libsyn-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 1a004f20eaa9867518c2ab5965800a0b6b9dc697e80bac33f41b26ceea547024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/26794440/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/4804db/time-start/00:00:00/hide-playlist/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 14:47:17 GMT
server: Apache/2.4.52 (Ubuntu)
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-libsyn-host: (null)
accept-ranges: bytes
content-length: 26728
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2

200

s3-podcast-1400x1400-logo.png
static.libsyn.com/p/assets/5/e/f/7/5ef7a151b183144ce5bbc093207a2619/ Frame D87C
Redirect Chain

https://assets.libsyn.com/item/26794440
https://static.libsyn.com/p/assets/5/e/f/7/5ef7a151b183144ce5bbc093207a2619/s3-podcast-1400x1400-logo.png

549 KB
550 KB

175ms
116ms

Image
image/png

2600:9000:2646:e000:7:ea59:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.libsyn.com/p/assets/5/e/f/7/5ef7a151b183144ce5bbc093207a2619/s3-podcast-1400x1400-logo.png
Protocol: H2
Server: 2600:9000:2646:e000:7:ea59:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12b42d0a676c01f560d282c9c816b2064ea50a6077d786683bcafb91484f20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: 3OH9w0IWSJTJ8roYz.AaACB2xYF9Wnyf
date: Tue, 27 Feb 2024 14:47:17 GMT
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 20:34:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 1562
x-amz-server-side-encryption: AES256
etag: "229f3afed50622b9365bf47bfb757af0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 562631
x-amz-cf-id: 0uzeakRNVEIlRKl7zvuYjDukM4L4F2BCmFSCrYOwg85xmZPNjlgO_w==

Redirect headers

location: https://static.libsyn.com/p/assets/5/e/f/7/5ef7a151b183144ce5bbc093207a2619/s3-podcast-1400x1400-logo.png
access-control-allow-origin: *
date: Tue, 27 Feb 2024 14:47:17 GMT
x-libsyn-host: vweben-01
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4DBB 28 B
50 B 23ms
23ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3ffefd71/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
X-Goog-Request-Time: 1709045237343
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/IutiMbXFPtE?rel=0&controls=0&&loop=1&modestbranding=1
X-YouTube-Client-Version: 1.20240220.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtlRlNHbmUyU19USSjy6_euBjIKCgJERRIEEgAgIw%3D%3D
X-YouTube-Ad-Signals: dt=1709045235114&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C520%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 27 Feb 2024 14:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 04:20:05	Name: __lc_cid Value: 301fa35c-ab15-47a9-b178-b36e9c494392
.accounts.livechatinc.com/v2/customer/token	1970-01-21 04:20:05	Name: __lc_cst Value: a43ff7c282bca803c9045176ec1d93df9b184e9e9d1c1ae6cdab4cbea9bee7f4aa12cbb3d7e8fcb098714bf7a7243910b57f036ec2a127563c25ff5ffc73
.accounts.livechatinc.com/customer/token	1970-01-21 04:20:05	Name: __lc_cid Value: 301fa35c-ab15-47a9-b178-b36e9c494392
.accounts.livechatinc.com/customer/token	1970-01-21 04:20:05	Name: __lc_cst Value: a43ff7c282bca803c9045176ec1d93df9b184e9e9d1c1ae6cdab4cbea9bee7f4aa12cbb3d7e8fcb098714bf7a7243910b57f036ec2a127563c25ff5ffc73
.gainfcu.com/	1970-01-21 04:20:05	Name: _ga_CE8NCGEK4X Value: GS1.1.1709045234.1.0.1709045234.0.0.0
.gainfcu.com/	1970-01-21 04:20:05	Name: _ga Value: GA1.1.234302949.1709045235
.gainfcu.com/	1970-01-21 04:20:05	Name: __utma Value: 20327086.234302949.1709045235.1709045235.1709045235.1
.gainfcu.com/	1969-12-31 23:59:59	Name: __utmc Value: 20327086
.gainfcu.com/	1970-01-20 23:06:53	Name: __utmz Value: 20327086.1709045235.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.gainfcu.com/	1970-01-20 18:44:05	Name: __utmt Value: 1
.gainfcu.com/	1970-01-20 18:44:07	Name: __utmb Value: 20327086.1.10.1709045235
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VEuEvDq5kgE
.youtube.com/	1970-01-20 23:03:17	Name: VISITOR_INFO1_LIVE Value: eFSGne2S_TI
.simpli.fi/	1970-01-21 03:31:07	Name: suid Value: D11028D2E7304CB0A218D9BC2424D96B
.simpli.fi/	1970-01-20 18:54:10	Name: uid_syncd_secure Value: true
.twitter.com/	1970-01-21 04:20:05	Name: personalization_id Value: "v1_EtK0zktqCXqZNepFPTBY2A=="
.t.co/	1970-01-21 04:20:05	Name: muc_ads Value: 3bbcdebe-38c4-4d0c-be94-b955c2d6beaf
.gainfcu.com/	1970-01-20 20:53:41	Name: _fbp Value: fb.1.1709045235187.1370883743
.tapad.com/	1970-01-20 20:10:29	Name: TapAd_TS Value: 1709045235254
.tapad.com/	1970-01-20 20:10:29	Name: TapAd_DID Value: bcc6558f-04bb-40c5-9012-1aa68b5808b8
.agkn.com/	1970-01-21 03:29:41	Name: ab Value: 0001%3APSKYdGbNrLhcaOhgIETDyMI6OtfBLXCb
.tapad.com/	1970-01-20 20:10:29	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 20:53:41	Name: XANDR_PANID Value: 77hxSZOYstzIuMiy1bZnAB8jCXcKap9V7lHNE4xHXYC038GmzlzU1yryvfXhYP67vUT6p1vDkb4ikTEDNo1UWTaU9lNxeiBC8aSPnZYsB6Y.
.adnxs.com/	1970-01-21 04:20:05	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:53:41	Name: uuid2 Value: 571157031225633323
.doubleclick.net/	1970-01-21 04:05:41	Name: IDE Value: AHWqTUmFwhu5uJ7AKM-0Q6VoWRHvrPc12J7Fr4DO-JFECOLvQedGAGYPKwJzOLXP
.pro-market.net/	1970-01-20 19:27:17	Name: anHistory Value: "tubean9rj2as+2+!#7%.!^#-`("
.adnxs.com/	1970-01-20 20:53:41	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In>v^Vqj!]tbPl1N!7OnM$=BWXtireBeU9Xgk^KK^fm_@Ji+-hQfpAgVfQh)Kg]uffqlS2q/X%W#.wL4W1Qw2VtK3Vn
.agkn.com/	1970-01-21 03:29:41	Name: u Value: C\|0AAAAAAAALXCycwAAAAAA
.pro-market.net/	1970-01-20 23:03:17	Name: anProfile Value: "tubean9rj2as+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0002B00000000000000000010+s2=(s9irqr)+vm=24-D11028D2E7304CB0A218D9BC2424D96B:53-CAESENP-oZrIufuMPIuFBrVVav8"
.exelator.com/	1970-01-20 21:36:53	Name: EE Value: "131e5f702721a4811cb413e507bb479d"
.exelator.com/	1970-01-20 21:36:53	Name: ud Value: "eJxrXxzq6XKLQcHQ2DDVNM3cwMjcyDDRxMLQMDnJxNA41dTAPCnJxNwyZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIaEl%252BUWb6IhfXxUUpaQyLSopPBR%252F72gIAZ6oqMg%253D%253D"
.bluekai.com/	1970-01-20 23:06:10	Name: bku Value: blx99wwNlVVh2I93
.bluekai.com/	1970-01-20 23:06:10	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDxh1E90mWx0HEzp1eHexMOO1MWTHekYxp/61MHWmEjY9y9kxxrY
.1rx.io/	1970-01-21 03:29:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003%22%7D
.bfmio.com/	1970-01-21 03:29:41	Name: __141_cid Value: D11028D2E7304CB0A218D9BC2424D96B
.bfmio.com/	1970-01-21 03:29:41	Name: __io_cid Value: a5715c4708610792362f342e90326071cdc7d5b8
.targeting.unrulymedia.com/	1970-01-21 03:29:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-defd430a-cd0d-4e17-b7db-21c8614c492f-003%22%7D
gainfcu.com/	1970-01-21 03:29:41	Name: brandcdn_uid Value: 1abf2b95-fe2d-47d4-af41-162ed7d80292
accounts.livechatinc.com/	1970-01-20 18:44:05	Name: __oauth_redirect_detector Value: counter=1&t=1709045265&tag=4f300f89ec70296c6e04c1da730037352a7ff2e7
adservices.brandcdn.com/	1970-01-21 03:29:41	Name: brandcdn_uid Value: 1abf2b95-fe2d-47d4-af41-162ed7d80292
adservices.brandcdn.com/	1970-01-20 18:54:10	Name: AWSALBCORS Value: GpGj6gOnv+NKDs1ntTUubR2D0359iqQZvOzeKtUB7B7yXWjelyIeMrP8hoe1zRwdrVrnN+PfLyLJuM73PV6NbETw8oVYTUKCyVuBzIHDCqOVs7wUe+rKOIrEPutr

143 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gainfcu.com/loans/home.html(Line 909) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/2666397306927167?v=2.9.147&r=stable&domain=gainfcu.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 80) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=D11028D2E7304CB0A218D9BC2424D96B Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D11028D2E7304CB0A218D9BC2424D96B Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D11028D2E7304CB0A218D9BC2424D96B Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cdn.livechatinc.com/widget/static/js/iframe.5c56b7ae.chunk.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gainfcu.com/loans/home.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
accounts.livechatinc.com
adservices.brandcdn.com
analytics.twitter.com
api.livechatinc.com
assets.libsyn.com
bcp.crwdcntrl.net
burbankcitymortgage.com
cdn.livechatinc.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gainfcu.com
googleads.g.doubleclick.net
html5-player.libsyn.com
i.simpli.fi
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
jnn-pa.googleapis.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
play.libsyn.com
region1.google-analytics.com
s.ad.smaato.net
secure.livechatinc.com
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.ads-twitter.com
static.doubleclick.net
static.libsyn.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
t.co
tag.brandcdn.com
tag.simpli.fi
um.simpli.fi
us-21305-adswizz.attribution.adswizz.com
us-u.openx.net
www.facebook.com
www.fitmortgage.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
104.126.37.203
104.244.42.131
104.244.42.69
142.250.185.162
15.197.142.173
15.197.193.217
172.217.18.2
18.238.17.128
18.239.69.49
185.89.210.153
199.232.188.157
20.22.186.114
2001:4860:4802:32::36
204.16.247.177
204.16.247.182
204.16.247.184
23.38.98.99
2600:1901:0:8eee::
2600:1f18:612b:4232:2e8c:cdc6:e8e1:713a
2600:9000:211e:de00:1b:5138:8a40:93a1
2600:9000:225e:6000:7:e536:8b00:93a1
2600:9000:2646:e000:7:ea59:6a00:93a1
2a00:1450:4001:800::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2004
2a00:1450:4001:829::2016
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c02::9b
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.120.19.20
3.122.79.91
34.111.113.62
34.255.245.71
34.91.62.186
34.98.64.218
35.204.89.238
35.244.174.68
46.228.174.117
52.45.42.225
52.8.216.80
54.78.254.47
63.34.193.120
63.35.74.224
69.173.144.139
69.192.160.219
76.223.111.18
0018af04f7b3b8b540b9d475bd60a3ce46724ea8891074b12810aa393a1d1099
01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2
034230f3b8ee3efbc242458078dcce0431ee9efe454821329a6f92b0082c2446
04971749014ddf65909b23f2633f37901b4f124958c29975058089d57a9caaac
07a0d0f8e57f9d3e02b5ed9a3b2def0e26ff8bf1ba600fb89dc94194e8254fd8
0a4497d06973d8de86df15625ff83418fabc108b0993bfa90a4e4e45cf4e1a6a
0ac8cf41678327d5312abf66448bc002687d6a9a9c11f5ef8af5d695e18df9a1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f11b4233d591e1d733753c44fab03f975ef8acbaf3781ed5d8ceb81f7ee3e36
10620c905f13a3f3af6a35efe1f9bd38018a6a15e7e6144855aab5c0543a66b6
1188269b4bb77df6f5ae55f5d8038b3cfc46f4e76e3157e961e04ad14709db05
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
147dbc677533dc49c5268aff4f6799f9ff4c6b22e75b9592224839beac4d170b
14e864061f95a3c64d6acc3cd3c29a6666f68f850782ce30612383bf47cccf60
16f89c3b0a0290083390766a8d204c69e7867a6c4364da6ab91ff7a696c75e3f
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1a004f20eaa9867518c2ab5965800a0b6b9dc697e80bac33f41b26ceea547024
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1d7ccc0cfb8ea193f6211f027b259c0016b4756851dec10f463782fd3839feb1
2759a2e11efac83f1470607e670099e652da4baaa095e4e9c682aa37eb639380
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3320e6577fd5af40e03a29526ac81233acf9ccde213b7f02e9bf1a03f08bb607
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34d79d4b2d0785d12b96c15404c85e4c97c82332f5e0609fbef3c9bc001df952
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d7ec235015bff1eec61ed60bb7eadf96f1fb99565a85f8b42a8b09f2531584a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
49d372b68c2e94a6b0226a0a85579e1346f334a26ba50a8229615441a2c64a98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c539c510edb58cfece758560e458a63f0452cc67f7a9e3bcf047916918d1eb1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54948fca4882b9fe056441edea1713051a4587a1e1867d6965bdcdfc99246030
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c6664535088c169d1900c7b4f749d59530506ba2f16bc07c131027a30662897
5c6c07c760bdb0f697c695930372ac3efd4d6d0db95bc1604569819efbd995cb
5d41651feb4ad74c4db5875a32ae4f3df3a879050923f4ed37f9fb0185be7840
5dd26d79a322117aa09d1e6248db551296a013bbf7ab2803f962c05438d28bba
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67ed1d484c5aee7263822e39f50335b7d158142f409cb6682650a20dff5cac64
69f30d790e0785e9c4bdc04c1ab6db560284310afca8ae7559cd51cb5a9ed581
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe
7076fc2f2aa2504e1aeebe26c504e53485257de32e7eecb4b10bc560534813cd
7800a025e484143e31303719d219c7732478a5e56d5ced91b97e4dabecb20761
78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd
7d834d9eb39e772fd2a11b417718c61f8b2e859eb47ab44086b7e57a7f874b10
7de88d9c95aa41a688c89709d93083788376b890b97ece8b1520237277dc94bb
80ebf4dfd788bc640091d63e609fe3e5302ddf933a31ad9eea4759ce857906e5
81d6cb3daf366efa83b3fa9975d464a9d37ef9d2b09de92db947a87928c680c4
820b29106d1cbb3fbe35c4afc2224d51f689b9cafd0f29c66d780eae8a5cc583
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857fb56f3fc02a61fc4de25d40f147df5e7c39871f94b7e0e7eaa61b7a02990f
8a7c0bbf650b679130c697c572c14667d82423329b7d3cdb43a49b59ea0a72db
8aa3be65862c05b5b197a7b75b80afb835f046e4fa1819d66204e6bebba4180f
8c63fbb0e24d99bb8e9649bbebb866d6d5ea93f4ec34a556a24451e9e1676ef0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
922973f29edcedb4fc237e22a2877113a7dc0039c5200c225d47233187229e4a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9bed5692fafafa579d0d31898fd9b083a534e712dc66c84096373d239a281033
a032ad54341df43d7f9f0e5c438eab8466641a93b28429db840336e3e5ddc470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a31535988c3f3ab29b16ac07762d2f5ce557e9d0f4a2e2c176fe5e090d7f5a08
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b09c7f89efb95677aa298197028cf5c102b829cbe6682e082dae7632188b6acd
b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d
b75c1442b596528367018e043a0b70bdd7dd236606a0f2ca0928f77951c5d8eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942
c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a
c12b42d0a676c01f560d282c9c816b2064ea50a6077d786683bcafb91484f20d
c72c7330c4497f47a4e6f8566083386f11f59e6efdc3915b04abb76a0e6d967a
cada70d07e8e32ed5ca32fd9ae87f4d8be60eb13c60c6e3e9fcbb7c8b7b6854d
cb0d4f51e6582180554f71f7a857e47b958f8807671d8f9381c00230e814ebef
cd24221ae7b2c2de7e68ad8b9a8533331d0a65845795e39c6c55527e7ff96a90
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d48a47cbed94310ef3951dc794e3ae6ee5e4a161ba26d302ac5a59838adb2d4e
d629e9c6c2d8c447b5995cdbe2861764d9d8c723dc10459e70f2c958e5e1dea2
d78d17cd4fb36f6a8f3b40249b9fe5429f89e3cf1a58d7b05ac3e6591f35f885
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549
d941290853308c540ca93dbe89435a84833bfc11c1a3b47501c075a719b6ed68
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e09943a9cc4cd82ac949bd7bcaab408e325a909a0e11330e46fb8ef3b0366086
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9897d06c87987816d4e6e94c81d86461f5aec644c8626198db377b653e5868d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23601b799258b4bc9086900b68186ebce36cbe89e092f6b0b17a7bd1f29a972
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f965103000bd74108aa70ffdbeb7009062d145cd0f212d3d49754c21e48cb97b
fd8890000a017d7287f418d11dad25b5c87cc36516be379acda1b7934d37bd37

gainfcu.com Open in urlscan Pro 20.22.186.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

82 %HTTPS

38 %IPv6

44 Domains

60 Subdomains

48 IPs

6 Countries

3078 kBTransfer

8092 kBSize

42 Cookies

14 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gainfcu.com Open in urlscan Pro
20.22.186.114 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

82 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

48
IPs

6
Countries

3078 kB
Transfer

8092 kB
Size

42
Cookies

124 HTTP transactions
1 data transactions