www.nefcu.com Open in urlscan Pro
52.170.194.123  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- HTTP 307
   https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://sync.1rx.io/usersync/smaato/71c886b9c5?gdpr=0&gdpr_consent= HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005

Request Chain 78

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://sync.1rx.io/usersync/simplifi/48BBEA3995674DA4A354CB2D58A877A7?zcc=1&cb=1718567012993 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005

Request Chain 79

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 80

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 81

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 82

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1718567016159&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213340604915011807116 HTTP 302
• https://um.simpli.fi/aa_px?sk=213340604915011807116 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 83

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7&ckls=true&ci=iyY1RjC4XR&nc=false&trid=262269104

Request Chain 84

• https://um.simpli.fi/pubmatic HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:48BBEA3995674DA4A354CB2D58A877A7

Request Chain 85

• https://um.simpli.fi/freewheel HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 86

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=48BBEA3995674DA4A354CB2D58A877A7;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=48BBEA3995674DA4A354CB2D58A877A7;mimetype=img;sr HTTP 302
• https://idsync.rlcdn.com/400646.gif?partner_uid=-4290029238069672695

Request Chain 87

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0&xl8blockcheck=1

Request Chain 88

• https://um.simpli.fi/yahoo HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7&verify=true

Request Chain 89

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 90

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 91

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 92

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7&dnr=1

Request Chain 93

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=48BBEA3995674DA4A354CB2D58A877A7 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNDhCQkVBMzk5NTY3NERBNEEzNTRDQjJENThBODc3QTcQABoNCOiAvbMGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874&expected_cookie=67fa8371-71fc-4c33-9b73-908c259f40c7

Request Chain 94

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1718567015803&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIlv2IhPHghgMVcayDCB3PbAxgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vd3d3Lm5lZmN1LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIlv2IhPHghgMVcayDCB3PbAxgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vd3d3Lm5lZmN1LmNvbS8&is_vtc=1&cid=CAQSGwDaQooLN30qiyyo56c-mGoqM3NUxGY3lLNKtg&random=2800520775

Request Chain 96

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=48BBEA3995674DA4A354CB2D58A877A7 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D48BBEA3995674DA4A354CB2D58A877A7

Request Chain 97

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=48BBEA3995674DA4A354CB2D58A877A7&expires=365

Request Chain 98

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7

Request Chain 99

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEPAYP9Wknhfk2rcHYn3Xzwo&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BBEA3995674DA4A354CB2D58A877A7 HTTP 302
• https://um.simpli.fi/g_match?id=

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Show response www.nefcu.com//RK=2/ Redirect Chain http://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs-	58 KB 59 KB	305ms 139ms	Document text/html	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash e2f2d5b166e8c2d629f4a6ace07f4b2dff42c5d45fd49043b7607787d337f3b1 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sun, 16 Jun 2024 19:43:33 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Redirect headers Location https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	Spring_Mobile_1221.jpg www.nefcu.com/content/images/original/	57 KB 58 KB	230ms 57ms	Image image/jpeg	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/content/images/original/Spring_Mobile_1221.jpg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash fc144bfc9ffad77f4a49b7f74cdd0a4088629c88124931622853d082dad18037 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Sun, 06 Mar 2022 19:20:59 GMT Server Apache/2.4.41 (Ubuntu) ETag "e5fd-5d991a5d273b0" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 58877
GET H/1.1	200 OK	nefcu-logo-ball.png www.nefcu.com/img/	5 KB 5 KB	236ms 57ms	Image image/png	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/nefcu-logo-ball.png Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 647005fbba153b48190008b9cbc1c5600f79271a24fdfde01683003c6b0b4562 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Wed, 17 Feb 2021 19:19:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "129e-5bb8d180029c0" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4766
GET H/1.1	200 OK	2022-comment-reg-white.svg www.nefcu.com/img/	771 B 1 KB	62ms 59ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/2022-comment-reg-white.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash b1a00667db5907bbb10358cf9b01d9556868353f252667e070d537af819800f4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Mon, 22 Aug 2022 17:55:31 GMT Server Apache/2.4.41 (Ubuntu) ETag "303-5e6d82758aac0" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 771
GET H/1.1	200 OK	2022-phone-reg-white.svg www.nefcu.com/img/	1 KB 1 KB	61ms 58ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/2022-phone-reg-white.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash cab255f4933eee5af93669c6f9286709a3cd81e13fdf76da147f7a0dc0929b95 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Mon, 22 Aug 2022 17:48:32 GMT Server Apache/2.4.41 (Ubuntu) ETag "4c5-5e6d80e5f3c00" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1221
GET H/1.1	200 OK	2022-magnify-reg-white.svg www.nefcu.com/img/	560 B 848 B	58ms 58ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/2022-magnify-reg-white.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 4da722d50326c9eb81e6319a299d4e3b097c0073a4f1855f08eabe51f22a35f8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Mon, 22 Aug 2022 18:42:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "230-5e6d8ce3d46c0" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 560
GET H/1.1	200 OK	2022-calendar-plus-reg-white.svg www.nefcu.com/img/	728 B 1016 B	62ms 59ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/2022-calendar-plus-reg-white.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash b2c5dc88f244ab8766e540e1a6bb479815a79d5c44ed0b2928e86237bb22c48d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Mon, 22 Aug 2022 17:58:13 GMT Server Apache/2.4.41 (Ubuntu) ETag "2d8-5e6d831009740" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 728
GET H/1.1	200 OK	angle-left-solid.svg www.nefcu.com/img/	466 B 754 B	62ms 59ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/angle-left-solid.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 6201fca2da5c03a8342f50d9d6c1762ed19933059f177acfd96742b440b059bd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Thu, 18 Aug 2022 20:03:00 GMT Server Apache/2.4.41 (Ubuntu) ETag "1d2-5e68977e5a500" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 466
GET H/1.1	200 OK	angle-right-solid.svg www.nefcu.com/img/	465 B 753 B	60ms 59ms	Image image/svg+xml	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/angle-right-solid.svg Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash f66768e361b68ba1b57c26897594f398b7061e50ea754be19268aa7471f439a0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Thu, 18 Aug 2022 20:09:29 GMT Server Apache/2.4.41 (Ubuntu) ETag "1d1-5e6898f155040" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 465
GET H2	200	salemove_integration.js Show response api.glia.com/	9 KB 9 KB	256ms 70ms	Script application/javascript	2600:9000:2511:c200:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/salemove_integration.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:c200:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 17493614f297b2d52572a9b0fa2d766814aa14278ed06e1f897d4fbc21def6dc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000; includeSubdomains; preload date Sun, 16 Jun 2024 19:30:27 GMT via 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront) last-modified Fri, 14 Jun 2024 20:52:03 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 787 x-amz-server-side-encryption AES256 etag "21b897c21ac964e33b65c353861a853f" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 9240 x-amz-cf-id n8qAU5Y7oQ9ILBxtz2Th_3l8CEUUdAypQlzuXwk_Fy1r4JoOetFb6w==
GET H2	200	gtm.js Show response www.googletagmanager.com/	204 KB 72 KB	241ms 101ms	Script application/javascript	2607:f8b0:4006:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MMR4LJC5 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e333eca325a17251308c75dfb29d84868f68b55eeb71578ad07bec33e6c5a4ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73658 x-xss-protection 0 last-modified Sun, 16 Jun 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 16 Jun 2024 19:43:34 GMT
GET H2	200	41846edb1587babc85a365f.js Show response cdn.rlets.com/capture_configs/a22/c80/be5/	285 KB 49 KB	267ms 72ms	Script text/javascript	2600:9000:247b:a00:6:9a19:88c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:a00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 10516280e32ae8b6ba01bcfd3aa04d5dc2159cd655f9fefb6ccbabf8620d9fca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff date Sun, 16 Jun 2024 15:14:50 GMT via 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop JFK52-P2 age 16224 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 41d7e090b4f0942389ab6a38a683c391 x-runtime 0.127846 referrer-policy strict-origin-when-cross-origin etag W/"10516280e32ae8b6ba01bcfd3aa04d5d" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control x-amz-cf-id GhTlJ-0oR8r6I2QgyxZjy5KgbozVRmhnUhsZrm5oIvgdP_hRmqX92g==
GET H/1.1	200 OK	site.css www.nefcu.com/css/min/	159 KB 31 KB	126ms 69ms	Stylesheet text/css	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/css/min/site.css?ver=202406140000 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 64c1f88441fe494cbb54dfdd49477866dea6d2f53588438735c4f627ae2db574 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Fri, 20 Oct 2023 17:29:03 GMT Server Apache/2.4.41 (Ubuntu) ETag "27cb5-608293568b5c0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 31901
GET H/1.1	200 OK	print.css www.nefcu.com/css/	373 B 602 B	59ms 58ms	Stylesheet text/css	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/css/print.css?ver=202406140000 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 7aaec10ae26011a0ead3abef59f216e4658dd30a5af748471f5a55770a15506f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Mon, 21 Sep 2020 16:12:24 GMT Server Apache/2.4.41 (Ubuntu) ETag "175-5afd51da80a00-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 267
GET H/1.1	200 OK	jquery-3.5.1.min.js Show response www.nefcu.com/jquery/jquery_custom/js/	87 KB 31 KB	127ms 65ms	Script application/javascript	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/jquery/jquery_custom/js/jquery-3.5.1.min.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Mon, 04 May 2020 23:02:39 GMT Server Apache/2.4.41 (Ubuntu) ETag "15d84-5a4da870aa1c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 30910
GET H/1.1	200 OK	jquery.validate.min.js Show response www.nefcu.com/jquery/jquery_plugins/	23 KB 8 KB	124ms 62ms	Script application/javascript	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/jquery/jquery_plugins/jquery.validate.min.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Thu, 22 Mar 2018 16:44:11 GMT Server Apache/2.4.41 (Ubuntu) ETag "5add-56803045dccc0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7502
GET H/1.1	200 OK	site.js Show response www.nefcu.com/scripts/min/	39 KB 11 KB	174ms 59ms	Script application/javascript	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/scripts/min/site.js?ver=202406140000 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash b8d8b0c4322adbdebd1a54c2da3ba872dcfe869421428b4f9d28f92958af9cc2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Tue, 03 Jan 2023 16:12:18 GMT Server Apache/2.4.41 (Ubuntu) ETag "9bab-5f15e54f33c80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10510
GET H/1.1	200 OK	comments.js Show response www.nefcu.com/scripts/	11 KB 2 KB	175ms 58ms	Script application/javascript	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.nefcu.com/scripts/comments.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 8a7c0bbf650b679130c697c572c14667d82423329b7d3cdb43a49b59ea0a72db Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Content-Encoding gzip Last-Modified Thu, 19 Sep 2019 12:49:18 GMT Server Apache/2.4.41 (Ubuntu) ETag "2a60-592e761b66f80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1970
GET H2	200	f5b67c720e.js Show response kit.fontawesome.com/	12 KB 5 KB	178ms 87ms	Script text/javascript	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f5b67c720e.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a6988dc996a110cf6cd3dccbd14ea41a253b5d6a7f4ea7510367b590841a7e4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 894d4a1f3b0b21d3-MIA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F9huVHj3EcDeBfC-9PQB
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	219ms 82ms	Stylesheet text/css	2607:f8b0:4006:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=DM+Sans:400,500,700|Roboto:400,500,700|Roboto+Condensed:400&display=swap Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d3c3ca752a2ad9d6f765b7383e5511c1b9f2e7080575f832ebd22bc004a821d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 16 Jun 2024 19:43:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 Jun 2024 19:43:34 GMT
GET H/1.1	200 OK	nefcu-logo.png www.nefcu.com/img/	20 KB 20 KB	59ms 59ms	Image image/png	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/nefcu-logo.png Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash b525751d80b8c65112a0adf78db7d3513ee1952e6d2e5f3a28659013e8a5cf88 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Tue, 12 May 2020 13:47:21 GMT Server Apache/2.4.41 (Ubuntu) ETag "50bf-5a573b3dd4c40" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 20671
GET H/1.1	200 OK	foot-logo-ncua-tnspt.png www.nefcu.com/img/	3 KB 4 KB	57ms 57ms	Image image/png	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/foot-logo-ncua-tnspt.png Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 66382bff5497c95f48a881293497d94a60deac7ec9943c37d0d565c945b9dd1f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Thu, 21 May 2020 15:45:47 GMT Server Apache/2.4.41 (Ubuntu) ETag "d40-5a62a67fca0c0" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3392
GET H/1.1	200 OK	foot-logo-ehl-tnspt.png www.nefcu.com/img/	2 KB 2 KB	59ms 58ms	Image image/png	52.170.194.123 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.nefcu.com/img/foot-logo-ehl-tnspt.png Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.170.194.123 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 3f01f9a8d6ea5412b906a141f8736531fc44c9d6e68f2e7383ae4d93684f578b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 19:43:34 GMT Last-Modified Thu, 21 May 2020 15:45:46 GMT Server Apache/2.4.41 (Ubuntu) ETag "819-5a62a67ed5e80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2073
GET H2	200	5531533.js Show response js.hs-scripts.com/	1009 B 1 KB	169ms 80ms	Script application/javascript	2606:4700::6810:8dd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/5531533.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0266d27fdfadfa155424a59937b63f0d02a3a54b5c9fa47ffaa3ea1a25980023 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 39118580-8b5f-4bf5-ad66-4f00f2c2aed3 x-envoy-upstream-service-time 5 content-length 538 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 39118580-8b5f-4bf5-ad66-4f00f2c2aed3 last-modified Sun, 16 Jun 2024 19:33:19 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.nefcu.com x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-rq9gg access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 894d4a20fed3b3c7-MIA expires Sun, 16 Jun 2024 19:45:04 GMT
GET		star.gif jelly.mdhv.io/v1/	0 0
GET H2	200	pro.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	672 KB 118 KB	61ms 45ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=f5b67c720e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f5b67c720e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:26:26 GMT server cloudflare age 1543518 etag "660c23a2-1d791" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a203bf721d3-MIA content-length 120721
GET H2	200	pro-v4-shims.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	27 KB 4 KB	98ms 82ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=f5b67c720e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f5b67c720e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare age 3347382 etag "660c23a0-10e7" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a203bf521d3-MIA content-length 4327
GET H2	200	pro-v5-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	50 KB 7 KB	97ms 81ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=f5b67c720e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f5b67c720e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare age 6484666 etag "660c23a0-1c3b" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a203bfe21d3-MIA content-length 7227
GET H2	200	pro-v4-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	7 KB 2 KB	96ms 81ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=f5b67c720e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f5b67c720e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare age 6484666 etag "660c23a0-6ca" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a203bfb21d3-MIA content-length 1738
GET H2	200	kit-upload.css Show response kit.fontawesome.com/f5b67c720e/134148570/	0 141 B	52ms 48ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f5b67c720e/134148570/kit-upload.css Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f5b67c720e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT age 9504611 content-length 0 x-request-id F7fPM4nP0rf6g2D7KSti server cloudflare etag 54af53b207eef226d6511e0a88e3038e access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31556926, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method accept-ranges bytes cf-ray 894d4a202be421d3-MIA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	202ms 62ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700|Roboto:400,500,700|Roboto+Condensed:400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 18:00:46 GMT x-content-type-options nosniff age 351768 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Jun 2025 18:00:46 GMT
GET H2	200	rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 fonts.gstatic.com/s/dmsans/v15/	36 KB 36 KB	219ms 79ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700|Roboto:400,500,700|Roboto+Condensed:400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 18:00:47 GMT x-content-type-options nosniff age 351767 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36848 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:58:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Jun 2025 18:00:47 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	294ms 154ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700|Roboto:400,500,700|Roboto+Condensed:400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 08:52:30 GMT x-content-type-options nosniff age 384664 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Jun 2025 08:52:30 GMT
GET H2	200	pro-fa-regular-400-3.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	19 KB 20 KB	47ms 42ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-3.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34988dd425b0f8fc6e65a00050e0f72ff832d085b7591ff180747e7d5fc7cd2e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:17 GMT server cloudflare age 6484337 etag "660c2975-4df0" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d2c21d3-MIA content-length 19952
GET H2	200	pro-fa-solid-900-22.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	14 KB 14 KB	48ms 44ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-22.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d86deecace06d4e6bd7caf38cf3e560c212c2654b9bf5fbbc4272fc6f8376263 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:24 GMT server cloudflare age 5210267 etag "660c297c-38d0" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d2f21d3-MIA content-length 14544
GET H2	200	pro-fa-brands-400-0.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	37 KB 37 KB	50ms 47ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:13 GMT server cloudflare age 5562848 etag "660c2971-946c" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3221d3-MIA content-length 37996
GET H2	200	pro-fa-thin-100-1.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	19 KB 19 KB	55ms 52ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-thin-100-1.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1817f810e6548bf04bd6d83ae03a0bb921a70661e494c637888c22723b2b0e80 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:24 GMT server cloudflare age 6483937 etag "660c297c-4b44" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3321d3-MIA content-length 19268
GET H2	200	pro-fa-regular-400-12.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	17 KB 17 KB	54ms 50ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-12.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af04f015df3bbffd125ee30eaf78e7f1c9328f5b967d66f7b7f8958472464dda Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:17 GMT server cloudflare age 6484336 etag "660c2975-4244" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3621d3-MIA content-length 16964
GET H2	200	pro-fa-regular-400-22.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	17 KB 17 KB	58ms 55ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-22.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 192bcd119117fc551f312e1de5f3aa3cdae29b1df25f3f40e65341da3df44618 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:17 GMT server cloudflare age 6484336 etag "660c2975-444c" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3a21d3-MIA content-length 17484
GET H2	200	pro-fa-solid-900-1.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	14 KB 14 KB	51ms 48ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-1.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2b40eed2a14d541eb0ec80d05d29815fa18fd71c46455fc374a47a81226e9d6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:22 GMT server cloudflare age 6484336 etag "660c297a-36dc" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3d21d3-MIA content-length 14044
GET H2	200	pro-fa-thin-100-3.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	23 KB 23 KB	53ms 50ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-thin-100-3.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a530146dccb8da137581bd7f3ab2e2b5c34fd2c596de7b87796db5f5e47164a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:24 GMT server cloudflare age 5210267 etag "660c297c-5a5c" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a213d3f21d3-MIA content-length 23132
GET H2	200	pro-fa-thin-100-22.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	21 KB 21 KB	52ms 49ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-thin-100-22.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 312a59d97ffead2be755686a208220eed08b04f11628142ff91879798078c572 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:24 GMT server cloudflare age 6483936 etag "660c297c-5318" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a214d4121d3-MIA content-length 21272
GET H2	200	pro-fa-light-300-12.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	18 KB 18 KB	45ms 44ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-light-300-12.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7137a8d3446d465088e90a3fd4f3af7c84d6e0f9b4ce4a3ebddaa0665cdedef4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:16 GMT server cloudflare age 5210267 etag "660c2974-4630" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a215d5321d3-MIA content-length 17968
GET H2	200	pro-fa-light-300-3.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	21 KB 21 KB	61ms 60ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-light-300-3.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57fcdf8317a95fd976d467dd3995756c42b07764af59b8bf2a8e58b80670da1c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:16 GMT server cloudflare age 5210267 etag "660c2974-52fc" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a216d6821d3-MIA content-length 21244
GET H2	200	pro-fa-light-300-22.woff2 ka-p.fontawesome.com/releases/v6.5.2/webfonts/	19 KB 19 KB	68ms 67ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-light-300-22.woff2 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9efaf40a917295907f76e7fa3e1ec5fbfd7c6200f8e80569c44e8e79d46578bc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Origin https://www.nefcu.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT cf-cache-status HIT last-modified Tue, 02 Apr 2024 15:51:16 GMT server cloudflare age 6365209 etag "660c2974-4bf4" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 894d4a216d6921d3-MIA content-length 19444
GET H2	200	banner.js Show response js.hs-banner.com/v2/5531533/	71 KB 26 KB	173ms 92ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/5531533/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/5531533.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9f72e295b63cf1ac283e4663dd7b6cd8b691c7bbb825a4d0fde1dab228f6bad Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT x-amz-version-id gH0G.d6r4kV6ZZOCJnv4dKVf218e4gOY content-encoding gzip cf-cache-status REVALIDATED x-amz-request-id QS059GJ8QEWHMD4D x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id a1d1371b-5372-48a5-9f00-4fcb0db88af1 x-envoy-upstream-service-time 110 x-amz-id-2 KBhyrYqqdxk725ALi/77zcX4GTPkiT5YDnVx++5Q5vnX1SwfMTphfd4JkEReKzj5YNO6W9rL/S8= x-evy-trace-listener listener_https x-request-id a1d1371b-5372-48a5-9f00-4fcb0db88af1 x-evy-trace-route-configuration listener_https/all last-modified Tue, 04 Jun 2024 01:25:42 GMT server cloudflare etag W/"bf5a8e2744f7b768117cd7767771d8c3" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.nefcu.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 894d4a220b6325b5-MIA expires Sun, 16 Jun 2024 19:48:34 GMT
GET H2	200	5531533.js Show response js.hs-analytics.net/analytics/1718566800000/	67 KB 24 KB	188ms 107ms	Script text/javascript	2606:4700::6811:afc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1718566800000/5531533.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/5531533.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c02b4e7c60aa9482cbb8a3e0112e216ae64bd9df5f0b49d6ff5fd1cb91265fc4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT x-amz-version-id null content-encoding gzip cf-cache-status MISS x-amz-request-id DTBTTKNCKFXDRPJY x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 94d209ad-0a21-402f-b328-5c39270854ff x-envoy-upstream-service-time 30 x-amz-id-2 ZT9o5ZPv2aDt8n1/FUDBzKz/LEQZA9b+WhKalf7bYx8Zv3VkXq0sWRqfmPlfsA2eAROKiLDU31A= x-evy-trace-listener listener_https x-request-id 94d209ad-0a21-402f-b328-5c39270854ff x-evy-trace-route-configuration listener_https/all last-modified Tue, 04 Jun 2024 01:25:47 GMT server cloudflare etag W/"2f7159b62837d7062474a9904ba435f4" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh cache-control max-age=300,public access-control-allow-credentials false cf-ray 894d4a220c93498a-MIA expires Sun, 16 Jun 2024 19:48:34 GMT
POST H2	200	visitor_config Show response api.glia.com/	11 KB 13 KB	94ms 94ms	XHR application/json	2600:9000:2511:c200:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-& Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:c200:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 1518c96fd7e336dbffdbf1b200659e51ff03f3c6516a30ce59988ed71969fbb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 16 Jun 2024 19:43:34 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 x-cache Miss from cloudfront content-length 11298 access-control-max-age 7200 vary Origin access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE access-control-allow-origin https://www.nefcu.com access-control-expose-headers cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-type application/json x-site-visitor-config true access-control-allow-headers Content-Type, Accept, Authorization x-amz-cf-id xwuUalqFzcLYs7k_c3YVlUew4wu5uX_SRh7ugeuFEJ4oFYkhKQIFuw==
GET H2	200	storage.html a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/static/ Frame A884	0 0	157ms 45ms	Document text/html	34.138.31.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/static/storage.html Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.31.138.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-length 2056 content-type text/html date Sun, 16 Jun 2024 19:43:34 GMT last-modified Fri, 31 May 2024 20:08:49 GMT strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	bootstrapper-367dbfaa3-28d61563e.js Show response libs.salemove.com/visitor/	644 KB 168 KB	241ms 75ms	Script application/javascript	2600:9000:2512::99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Requested by Host: api.glia.com URL: https://api.glia.com/salemove_integration.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512::99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ed9fb28026094ef293ce8c716a50a4c87528a726fbd610428ac6423e3e1817f9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 08:55:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P7 age 211700 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Jun 2024 08:46:28 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:dd6a8fe481246c74dee1c53503be4a0d etag W/"dd6a8fe481246c74dee1c53503be4a0d" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id 5WJEvEUNvMFgvAeZ-2t-QD7JnOlBVPPuVVTDAe1LQ4pYwF6LZxz4RA==
GET H2	200	js Show response www.googletagmanager.com/gtag/	305 KB 103 KB	102ms 101ms	Script application/javascript	2607:f8b0:4006:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-PMMMNT2FEE&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMR4LJC5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e1dfab4e7a25b5fc4952983dea1a9e3d92b858255c2aae018eb39babc1b4aca2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104993 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 16 Jun 2024 19:43:34 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	205ms 63ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 16 Jun 2024 19:43:34 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=12, mss=1297, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug DbbjMDFDSB8Awn44NtoAp6wiCYwKIDDOs+YrPo61vGh1aZy9Sz2iuuT0oHrXL3fucbgG1Hbct5wdUCvEB2ReQg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	originCountry Show response capture-api.reachlocalservices.com/	36 B 587 B	243ms 242ms	XHR application/json	18.238.49.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capture-api.reachlocalservices.com/originCountry Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.49.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-49-40.jfk52.r.cloudfront.net Software / Resource Hash 9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json Response headers date Sun, 16 Jun 2024 19:43:35 GMT via 1.1 255e8a45aff6633687f7e4911e918abc.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P3 x-amzn-requestid 696bcceb-d48a-434d-8427-3d0b6a951d68 x-amzn-trace-id Root=1-666f4067-595cfe520722090e13d7fef6;Parent=0dc8daec939f9b37;Sampled=0;lineage=a245b58f:0 access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * x-cache Miss from cloudfront access-control-allow-credentials true x-amz-apigw-id ZecANGJfPHcEkRg= content-length 36 x-amz-cf-id W5S0a-m0h1rH13E3tcrbeDZdQj2lDQRTjGP_RieD1D-J3pLeVT8_eQ== access-control-allow-headers Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
OPTIONS H2	200	originCountry capture-api.reachlocalservices.com/ Frame	0 0	384ms 232ms	Preflight application/json	18.238.49.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capture-api.reachlocalservices.com/originCountry Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.49.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-49-40.jfk52.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.nefcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods GET,OPTIONS access-control-allow-origin * content-length 0 content-type application/json date Sun, 16 Jun 2024 19:43:35 GMT via 1.1 255e8a45aff6633687f7e4911e918abc.cloudfront.net (CloudFront) x-amz-apigw-id ZecALEozvHcEGrw= x-amz-cf-id IbtO7eBCZqGCG65V8mSFqDhoqxubkGVNHpd6z_s5ldyAkzV2IAanLA== x-amz-cf-pop JFK52-P3 x-amzn-requestid 5d469899-1ed6-471c-830f-b7befe0c8df0 x-cache Miss from cloudfront
POST H2	204	collect analytics.google.com/g/	0 254 B	223ms 77ms	Ping text/plain	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-PMMMNT2FEE&gtm=45je46c0v9132806705z89179364119za200zb9179364119&_p=1718567014128&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2132505490.1718567015&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718567015&sct=1&seg=0&dl=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&dt=Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1232 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PMMMNT2FEE&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.nefcu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 254 B	190ms 64ms	Ping text/plain	2607:f8b0:4004:c1b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PMMMNT2FEE&cid=2132505490.1718567015&gtm=45je46c0v9132806705z89179364119za200zb9179364119&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PMMMNT2FEE&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.nefcu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	3611837572403757 Show response connect.facebook.net/signals/config/	58 KB 12 KB	136ms 135ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3611837572403757?v=2.9.158&r=stable&domain=www.nefcu.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8946f1c8109b236965d2d15f5a6886470fd9754fde3f52bf569e50e847d5c3d9 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 16 Jun 2024 19:43:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=62, rtx=0, c=63, mss=1297, tbw=63524, tp=-1, tpl=-1, uplat=72, ullat=0 pragma public x-fb-debug NvpjvEV1GwzlT2DLInroU8fzPvlpJNT0RtxrjX9hWmlfP5S1ixrXHxzzumThuRQDTQfFqDnVmMheqUlMu9a/ew== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	webcomponents_es5-367dbfaa3-28d61563e.js Show response libs.salemove.com/visitor/	936 B 1 KB	66ms 66ms	Script application/javascript	2600:9000:2512::99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor/webcomponents_es5-367dbfaa3-28d61563e.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512::99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 08:55:16 GMT strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P7 age 211700 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 936 last-modified Fri, 14 Jun 2024 08:46:29 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:f86098c5208655efb405300993461936 etag "f86098c5208655efb405300993461936" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id o8VoKneQcvDO7KCWmHksJj538i6z38Ri3HqZh_s9B5Oa9HTlzMZjCw==
GET H2	200	visitor-app.a279349d.min.js Show response libs.salemove.com/	688 KB 199 KB	81ms 80ms	Script application/javascript	2600:9000:2512::99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.a279349d.min.js Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512::99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 78d3fd8f07743cd0746644d67c746dde6c8df9d08006fc879c183ee571f20336 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 11:09:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P7 age 808420 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 07 Jun 2024 10:56:55 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:0ea627370f1aaa2d7dd8e97b935ef86c etag W/"0ea627370f1aaa2d7dd8e97b935ef86c" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type application/javascript cache-control max-age=31536000 x-amz-cf-id ixru_vjK9cprcQyA0c9C54v6p1Cjed5L9_DzUugPanTrid_MU-rKHg==
GET H2	200	visitor-app.a279349d.default.css libs.salemove.com/	206 KB 31 KB	71ms 71ms	Stylesheet text/css	2600:9000:2512::99b9:cd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://libs.salemove.com/visitor-app.a279349d.default.css Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512::99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b2498769ff6d35b6dbbfd31189e7294564b3caa02112b5f5f2bd61769c69996 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 11:09:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P7 age 808420 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 07 Jun 2024 10:56:55 GMT server AmazonS3 x-amz-meta-s3cmd-attrs md5:9f94d3ff9fa2bfeb09908451905c8b7a etag W/"9f94d3ff9fa2bfeb09908451905c8b7a" vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin content-type text/css cache-control max-age=31536000 x-amz-cf-id 5prQ7ZXKQF4VKhU5vZ-I5GDxGQKKZ-Laf6BI0OoZEd7tTVCT72N8Uw==
GET H2	200	/ www.facebook.com/tr/	0 270 B	201ms 63ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3611837572403757&ev=PageView&dl=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&rl=&if=false&ts=1718567015336&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718567015334.867057766207606837&ler=empty&cdl=API_unavailable&it=1718567015177&coo=false&rqm=GET Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=10, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 16 Jun 2024 19:43:35 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	285ms 148ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3611837572403757&ev=PageView&dl=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&rl=&if=false&ts=1718567015336&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718567015334.867057766207606837&ler=empty&cdl=API_unavailable&it=1718567015177&coo=false&rqm=FGET Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1003486eb494b8aa","source_keys":["1","2"]},{"key_piece":"0x4982575c16cfc494","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sun, 16 Jun 2024 19:43:35 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381189127373277647", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=10, mss=1297, tbw=3112, tp=-1, tpl=-1, uplat=85, ullat=0 pragma no-cache x-fb-debug D4Gmy+mpfubNxw4rtUZK02alKjelf7UqpqI4EeWFZ+pWRYQFM/6hOwtNmIMMDLlNhLbkBG/G6Tm8yuVYT3c1RA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381189127373277647"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS H2	200	gannett um.simpli.fi/ Frame	0 0	171ms 54ms	Preflight text/plain	34.150.170.96 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://um.simpli.fi/gannett Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 96.170.150.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.nefcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-encoding gzip content-type text/plain; charset=UTF-8 date Sun, 16 Jun 2024 19:43:35 GMT strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding x-content-type-options nosniff
GET H2	200	gannett Show response um.simpli.fi/	33 B 586 B	54ms 54ms	XHR text/plain	34.150.170.96 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://um.simpli.fi/gannett Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 96.170.150.34.bc.googleusercontent.com Software / Resource Hash c30b28f6c59831f727f099ccca80c93963a31ddac9ebb0e3a328cca6b221cef7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json Response headers date Sun, 16 Jun 2024 19:43:35 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff content-encoding gzip vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=UTF-8 access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	172ms 55ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 16 Jun 2024 19:43:35 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7E567B9151B745D4ADCC1A3DDE228DAC Ref B: MIAEDGE2010 Ref C: 2024-06-16T19:43:35Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H3	200	566501741401508 Show response connect.facebook.net/signals/config/	42 KB 9 KB	62ms 61ms	Script application/x-javascript	31.13.71.7 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/566501741401508?v=2.9.158&r=stable&domain=www.nefcu.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-lga3.fbcdn.net Software / Resource Hash 4c6cd614f9d1b5d9e4c180bf8f86881a88729fc525efea0b9baab721bbdf3ddb Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 16 Jun 2024 19:43:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 8812 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4339, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug u2GwTivDLOYFeSaXocFAW/rL8dPmMZNVDI8FoZV4+qRfYg6MN/JnDCgozL7Rl9jT/x7oPUw0V09m5LVQZQzPVg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	259 KB 90 KB	102ms 101ms	Script application/javascript	142.250.176.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-400577173 Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f8.1e100.net Software Google Tag Manager / Resource Hash dd21ad5c0e948f63e61b657f1d9b5a9844cb6d63838fa2cb28a668c7df45685d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 92050 x-xss-protection 0 last-modified Sun, 16 Jun 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 16 Jun 2024 19:43:35 GMT
GET H2	200	3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Show response tag.simpli.fi/sifitag/	3 KB 2 KB	180ms 55ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 80b2b66c15e12e819f1ddd5edc105cff199c756544f6aaee4736e156aaaa22c0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F9mTmG-RbSC-OQiAdWjC expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	d9a5dd70-50f0-0134-a365-0cc47abc2b4e Show response tag.simpli.fi/sifitag/	3 KB 2 KB	180ms 56ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F9mTmG-QdotCVP0mqolD expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 98 B	64ms 63ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=566501741401508&ev=PageView&dl=https%3A%2F%2Fwww.nefcu.com&rl=&if=false&ts=1718567015649&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718567015334.867057766207606837&ler=empty&cdl=API_unavailable&cs_est=true&pm=1&hrl=898c88&it=1718567015177&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=5009704899152450%2C6112830112080184%2C4427061134081725%2C4739765379408823%2C3773228706118810&rqm=GET Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=10, mss=1297, tbw=6866, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 16 Jun 2024 19:43:35 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	92ms 91ms	Image image/png	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=566501741401508&ev=PageView&dl=https%3A%2F%2Fwww.nefcu.com&rl=&if=false&ts=1718567015649&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718567015334.867057766207606837&ler=empty&cdl=API_unavailable&cs_est=true&pm=1&hrl=898c88&it=1718567015177&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=5009704899152450%2C6112830112080184%2C4427061134081725%2C4739765379408823%2C3773228706118810&rqm=FGET Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2660e865267056c8","source_keys":["1","2"]},{"key_piece":"0xc384bac25e061362","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sun, 16 Jun 2024 19:43:35 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381189125838423740", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=10, mss=1297, tbw=7008, tp=-1, tpl=-1, uplat=29, ullat=0 pragma no-cache x-fb-debug qfyT8g/hDIkefWST2Rsunl8YIqrkCHI+t/SvooBqvgnfdzKqjRtFCYUSVeqfkG7GllXkGl99dA+y2z/JBoca8A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381189125838423740"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	201	sources_triggered Show response api.salemove.com/overseer/	2 B 506 B	93ms 92ms	XHR application/json	2600:9000:2511:5a00:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/overseer/sources_triggered Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5a00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjEwNjU4MGQwLTI0MTUtNDZlNi05YmYzLWUxZTUwMDFhNmYwMyJ9.eyJpYXQiOjE3MTg1NjcwMTQsImV4cCI6MTcxOTc3NjYxNCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjozZWVmY2Q1NS0wOTkwLTRlZjYtODQ0Yi1iYTgwNzk4YzEwZmYiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiM2VlZmNkNTUtMDk5MC00ZWY2LTg0NGItYmE4MDc5OGMxMGZmIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6IjM1OTIxZTMyLTAxZmEtNGRkNC04ZTYyLWU1OTA0NzkxOTQ2OSIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiMzU5MjFlMzItMDFmYS00ZGQ0LThlNjItZTU5MDQ3OTE5NDY5Il19XSwiYWNjb3VudF9pZCI6IjViMWQ5YTUzLWNmZDctNGNhZC1hNWM5LWRjYzc5ZGEwMzU1YiJ9.nPO0ELhjcLQTOVqCy0yxiv0JzJXI7Q857VV1q8MY-8cWqN1zn0pxKepqP4CtSSmhnJbZGopBOv-EphLs3mz1Lw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Accept application/vnd.salemove.private+json Referer https://www.nefcu.com/ sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE content-type application/json access-control-allow-origin https://www.nefcu.com x-cache Miss from cloudfront access-control-expose-headers vary Origin access-control-allow-headers Content-Type, Accept, Authorization content-length 2 x-amz-cf-id ej1u2-xy6vXUzEIT84S9XgL9ARie3y7p4ZVU19Hc-Z_RxSC3fqf5iw==
OPTIONS H2	200	sources_triggered api.salemove.com/overseer/ Frame	0 0	256ms 78ms	Preflight	2600:9000:2511:5a00:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.salemove.com/overseer/sources_triggered Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5a00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://www.nefcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers authorization,content-type access-control-allow-methods GET, PUT, PATCH, POST, DELETE, OPTIONS access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 date Sun, 16 Jun 2024 19:43:35 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront) x-amz-cf-id WnqI8GTwVOr8n_260_urZ1EBwUBAAnaDdrNzRbK4PxlgisGJoacW0w== x-amz-cf-pop JFK50-P6 x-cache Miss from cloudfront
GET H2	204	0 bat.bing.com/action/	0 360 B	56ms 55ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=17551508&Ver=2&mid=a6bfc877-c5ad-4db8-b5bd-1c35391cb39c&sid=b87917002c1811ef8a42d1fb3637d2b2&vid=b8790cc02c1811ef82ff2d97ac350fae&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Page%20Not%20Found&p=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&r=&lt=648&evt=pageLoad&sv=1&rn=599235 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 16 Jun 2024 19:43:35 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8D1B33809B044D02936C77E4103C89E6 Ref B: MIAEDGE2010 Ref C: 2024-06-16T19:43:35Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p Show response i.simpli.fi/	798 B 763 B	68ms 57ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=25&cb=sifi_att_42656._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash bc9ca35eb30c515a0f5f8baa18838364198ea471d7f5998289273bf0d7d6a655 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/400577173/	3 KB 1 KB	225ms 94ms	Script text/javascript	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/400577173/?random=1718567015804&cv=11&fst=1718567015804&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&npa=0&pscdl=noapi&auid=1748396702.1718567016&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-400577173 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash 2d4a83836af3a41d0d8e24fada967b6a7765dd64e70df718afe1925c51ae2221 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1429 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	visits Show response a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/api/v1/	0 384 B	54ms 54ms	XHR text/html	34.138.31.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/api/v1/visits Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_configs/a22/c80/be5/41846edb1587babc85a365f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.31.138.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json Response headers x-runtime 0.007596 date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-frame-options ALLOWALL access-control-allow-methods GET, POST, PUT, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers Content-Type x-request-id a1aab8355de6785db10950670d06a3b0
OPTIONS H2	200	visits a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/api/v1/ Frame	0 0	140ms 49ms	Preflight text/html	34.138.31.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://a22c80be-5418-46ed-b158-7babc85a365f.rlets.com/api/v1/visits Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.31.138.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options ALLOWALL Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.nefcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, OPTIONS access-control-allow-origin * cache-control no-cache content-type text/html date Sun, 16 Jun 2024 19:43:35 GMT strict-transport-security max-age=31536000; includeSubDomains x-frame-options ALLOWALL x-request-id b8d6e3e191944100f262a74ea48d4997 x-runtime 0.002030
GET H2	200	RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 sync.targeting.unrulymedia.com/csync/ Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=48BBEA3995674DA4A354CB2D58A877A7 https://sync.1rx.io/usersync/smaato/71c886b9c5?gdpr=0&gdpr_consent= https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005	43 B 377 B	182ms 58ms	Image image/gif	69.194.240.13 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:38 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 pragma no-cache date Sun, 16 Jun 2024 19:43:33 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 sync.targeting.unrulymedia.com/csync/ Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/48BBEA3995674DA4A354CB2D58A877A7 https://sync.1rx.io/usersync/simplifi/48BBEA3995674DA4A354CB2D58A877A7?zcc=1&cb=1718567012993 https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005	43 B 378 B	189ms 58ms	Image image/gif	69.194.240.13 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:33 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-ce598726-878e-4498-9a4b-ea417a0bce04-005 pragma no-cache date Sun, 16 Jun 2024 19:43:39 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3 https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=	37 B 475 B	60ms 59ms	Image image/gif	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type image/gif date Sun, 16 Jun 2024 19:43:36 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7969&xuid=48BBEA3995674DA4A354CB2D58A877A7&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= date Sun, 16 Jun 2024 19:43:36 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync simplifi.partners.tremorhub.com/ Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=48BBEA3995674DA4A354CB2D58A877A7	43 B 176 B	244ms 56ms	Image image/gif	2600:1f18:612b:4232:7cde:2ff6:fac8:ba11 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 2600:1f18:612b:4232:7cde:2ff6:fac8:ba11 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sun, 16 Jun 2024 19:43:36 GMT server nginx content-type image/gif Redirect headers date Sun, 16 Jun 2024 19:43:35 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=48BBEA3995674DA4A354CB2D58A877A7 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:35 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7	95 B 430 B	52ms 51ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=48BBEA3995674DA4A354CB2D58A877A7 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=48BBEA3995674DA4A354CB2D58A877A7 https://d.agkn.com/pixel/10751/?che=1718567016159&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213340604915011807116 https://um.simpli.fi/aa_px?sk=213340604915011807116 https://um.simpli.fi/empty.gif	43 B 362 B	54ms 53ms	Image image/gif	34.150.170.96 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 96.170.150.34.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	200	ProfilesEngineServlet sync.intentiq.com/profiles_engine/ Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7 https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7&ckls=true&ci=iyY1RjC4XR&nc=false&trid=262269104	43 B 1 KB	75ms 75ms	Image image/gif	2600:9000:26fa:6600:1b:6b7d:2300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7&ckls=true&ci=iyY1RjC4XR&nc=false&trid=262269104 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 2600:9000:26fa:6600:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT via 1.1 a4edf08fb593b7ca4fee9a64018a186e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P1 x-cache Miss from cloudfront content-type image/gif p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id 3llPFiofQqhZS_VvUBoM5TGdQVSk3zxvXgXkeLTlBwe44iSK3imZBg== expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT via 1.1 a4edf08fb593b7ca4fee9a64018a186e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P1 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" location https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=48BBEA3995674DA4A354CB2D58A877A7&ckls=true&ci=iyY1RjC4XR&nc=false&trid=262269104 content-type image/gif cache-control no-cache, no-store, must-revalidate patent https://www.almondnet.com/ip alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id BlCEQTCE5Brbu3k1j4yVhTepvfN_Sv8OqmUpY0AtId3xYVd38KPHkg== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://um.simpli.fi/pubmatic https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:48BBEA3995674DA4A354CB2D58A877A7	42 B 555 B	204ms 61ms	Image image/gif	207.65.37.184 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sun, 16 Jun 2024 19:43:36 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:48BBEA3995674DA4A354CB2D58A877A7 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:36 GMT
GET H/1.1	200	user-registering ads.stickyadstv.com/ Redirect Chain https://um.simpli.fi/freewheel https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=48BBEA3995674DA4A354CB2D58A877A7	43 B 655 B	385ms 76ms	Image image/gif	63.251.28.230 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Server 63.251.28.230 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Sun, 16 Jun 2024 19:43:36 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1718567016403014-311 Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=48BBEA3995674DA4A354CB2D58A877A7 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:36 GMT
GET H3	200	400646.gif idsync.rlcdn.com/ Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=48BBEA3995674DA4A354CB2D58A877A7;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=48BBEA3995674DA4A354CB2D58A877A7;mimetype=img;sr https://idsync.rlcdn.com/400646.gif?partner_uid=-4290029238069672695	42 B 60 B	68ms 68ms	Image image/gif	35.244.154.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/400646.gif?partner_uid=-4290029238069672695 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H3 Server 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.154.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:35 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp6.us1 p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * location https://idsync.rlcdn.com/400646.gif?partner_uid=-4290029238069672695 content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 expires Mon, 1 Jan 1990 0:0:0 GMT
GET H2	204	/ loadm.exelator.com/load/ Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0&xl8blockcheck=1	0 767 B	58ms 58ms	Image text/plain	52.0.156.250 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0&xl8blockcheck=1 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-156-250.compute-1.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=48BBEA3995674DA4A354CB2D58A877A7&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55964/ Redirect Chain https://um.simpli.fi/yahoo https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7 https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7&verify=true	0 121 B	59ms 58ms	Image text/plain	34.200.65.202 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7&verify=true Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-65-202.compute-1.amazonaws.com Software ATS/9.1.10.121 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.121 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55964/sync?uid=48BBEA3995674DA4A354CB2D58A877A7&verify=true date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.121 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204	sync sync.bfmio.com/ Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=48BBEA3995674DA4A354CB2D58A877A7	0 421 B	242ms 56ms	Image text/plain	52.207.199.0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Server 52.207.199.0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-207-199-0.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Connection keep-alive Date Sun, 16 Jun 2024 19:43:35 GMT Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=48BBEA3995674DA4A354CB2D58A877A7 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:36 GMT
GET H2	200	29931 stags.bluekai.com/site/ Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=48BBEA3995674DA4A354CB2D58A877A7	62 B 481 B	269ms 134ms	Image image/gif	104.76.100.229 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-76-100-229.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sun, 16 Jun 2024 19:43:36 GMT content-length 62 x-request-id 0a8b8c40bfde186de1a78a5e915ca7f0 content-type image/gif Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=48BBEA3995674DA4A354CB2D58A877A7 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:36 GMT
GET H2	200	tpid=48BBEA3995674DA4A354CB2D58A877A7 bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7 https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7	49 B 546 B	66ms 66ms	Image image/gif	3.217.173.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 3.217.173.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-173-204.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.2.219 content-length 49 expires 0 Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=48BBEA3995674DA4A354CB2D58A877A7 cache-control no-cache x-server 10.40.6.249 content-length 0 expires 0
GET H2	200	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7 https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7&dnr=1	43 B 512 B	59ms 59ms	Image image/gif	52.200.141.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7&dnr=1 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 52.200.141.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-141-183.compute-1.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" content-type image/gif cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 content-length 43 expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://ce.lijit.com/merge?pid=2&3pid=48BBEA3995674DA4A354CB2D58A877A7&dnr=1 cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 content-length 0 expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	db_sync px.ads.linkedin.com/ Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=48BBEA3995674DA4A354CB2D58A877A7 https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNDhCQkVBMzk5NTY3NERBNEEzNTRDQjJENThBODc3QTcQABoNCOiAvbMGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874&expected_cookie=67fa8371-71fc-4c33-9b73-908c259f40c7	0 142 B	123ms 122ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874&expected_cookie=67fa8371-71fc-4c33-9b73-908c259f40c7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 49E97BF41BBA47D0A201006B123DDB9F Ref B: MIAEDGE2317 Ref C: 2024-06-16T19:43:36Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYbBxCNiu05TmLgYE/GcQ== Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 3D27A74540F94628ADAD3EEFA0297CBE Ref B: MIAEDGE2317 Ref C: 2024-06-16T19:43:36Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location /db_sync?pid=10339&puuid=d240d020388ed088c7deb5127ac290e70b8e576f15caed91cab0e5957a9b5183791426b5417dce21&rand=05252874&expected_cookie=67fa8371-71fc-4c33-9b73-908c259f40c7 x-li-proto http/2 content-length 0 x-li-uuid AAYbBxCLtAO3TKnOnzDhQg==
GET H3	200	/ www.google.com/pagead/1p-conversion/1026675585/ Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1718567015803&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&... https://www.google.com/pagead/1p-conversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...	42 B 64 B	154ms 81ms	Image image/gif	142.250.65.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIlv2IhPHghgMVcayDCB3PbAxgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vd3d3Lm5lZmN1LmNvbS8&is_vtc=1&cid=CAQSGwDaQooLN30qiyyo56c-mGoqM3NUxGY3lLNKtg&random=2800520775 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H3 Server 142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/1026675585/?random=304503497&cv=7&fst=1718567015803&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIlv2IhPHghgMVcayDCB3PbAxgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vd3d3Lm5lZmN1LmNvbS8&is_vtc=1&cid=CAQSGwDaQooLN30qiyyo56c-mGoqM3NUxGY3lLNKtg&random=2800520775 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/	0 273 B	216ms 108ms	Image text/plain	34.150.170.96 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 96.170.150.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=48BBEA3995674DA4A354CB2D58A877A7 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D48BBEA3995674DA4A354CB2D58A877A7	43 B 1 KB	65ms 65ms	Image image/gif	68.67.179.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT an-x-request-uuid 74f4c2dd-9434-4221-bf71-df38153da1de server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.75; 38.132.118.75; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT an-x-request-uuid b835707b-c17e-4db5-a055-203da024753e server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D48BBEA3995674DA4A354CB2D58A877A7 cache-control no-store, no-cache, private x-proxy-origin 38.132.118.75; 38.132.118.75; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=48BBEA3995674DA4A354CB2D58A877A7&expires=365	42 B 955 B	307ms 60ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=48BBEA3995674DA4A354CB2D58A877A7&expires=365 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost e71ccbe96f42d70fa40603ada4c96b28 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=48BBEA3995674DA4A354CB2D58A877A7&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 15 Jun 2024 19:43:36 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7	43 B 181 B	47ms 45ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7 Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=48BBEA3995674DA4A354CB2D58A877A7 date Sun, 16 Jun 2024 19:43:36 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	g_match um.simpli.fi/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= https://um.simpli.fi/g_match?id=&google_gid=CAESEPAYP9Wknhfk2rcHYn3Xzwo&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48BBEA3995674DA4A354CB2D58A877A7 https://um.simpli.fi/g_match?id=	0 321 B	54ms 53ms	Image text/plain	34.150.170.96 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H2 Server 34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 96.170.150.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://www.nefcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:43:36 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Sat, 15 Jun 2024 19:43:36 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/400577173/	42 B 64 B	197ms 76ms	Image image/gif	142.250.65.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/400577173/?random=1718567015804&cv=11&fst=1718564400000&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.nefcu.com%2F%2FRK%3D2%2FRS%3DznxRM3ukpGDUYIK.vGAi_gxvgLs-&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&npa=0&pscdl=noapi&auid=1748396702.1718567016&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLxbFVplbi3hx2-AjxMz-zhigJbJTfhA&random=2672411661&rmt_tld=0&ipr=y Requested by Host: www.nefcu.com URL: https://www.nefcu.com//RK=2/RS=znxRM3ukpGDUYIK.vGAi_gxvgLs- Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:43:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	/ client-logger.salemove.com/	0 0	206ms 65ms	Fetch	52.3.14.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://client-logger.salemove.com/ Requested by Host: libs.salemove.com URL: https://libs.salemove.com/visitor/bootstrapper-367dbfaa3-28d61563e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.3.14.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-14-134.compute-1.amazonaws.com Software envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.nefcu.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=31536000 date Sun, 16 Jun 2024 19:43:38 GMT server envoy vary Origin access-control-max-age 7200 access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers x-envoy-upstream-service-time 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

jelly.mdhv.io

URL

https://jelly.mdhv.io/v1/star.gif?pid=APjX46Mz4oZ7Kv4pyv87ydH4iZ4o&src=mh&evt=hi