www.northernhillsfcu.org Open in urlscan Pro
216.206.109.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://northernhillsfederal.com/
Effective URL:
https://www.northernhillsfcu.org/
Submission: On December 05 via api (December 5th 2024, 8:02:08 pm UTC) from US — Scanned from DE

Summary HTTP 150 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 22 domains to perform 150 HTTP transactions. The main IP is 216.206.109.129, located in United States and belongs to WESCO, US. The main domain is www.northernhillsfcu.org.
TLS certificate: Issued by R10 on October 28th 2024. Valid for: 3 months.

This is the only time www.northernhillsfcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 64	216.206.109.129 216.206.109.129	19031 (WESCO) (WESCO)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	104.19.208.81 104.19.208.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	41.63.96.130 41.63.96.130	22822 (LLNW) (LLNW)
5	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:d600:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	18.245.36.129 18.245.36.129	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::84	54113 (FASTLY) (FASTLY)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
5	2.21.20.12 2.21.20.12	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	98.98.135.24 98.98.135.24	21859 (ZEN-ECN) (ZEN-ECN)
3	2600:9000:211... 2600:9000:211e:6c00:7:3d38:fd80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
9	75.2.107.178 75.2.107.178	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
4	65.9.66.103 65.9.66.103	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:2200:1a:3e6b:180:21	16509 (AMAZON-02) (AMAZON-02)
16	3.160.156.140 3.160.156.140	16509 (AMAZON-02) (AMAZON-02)
1	63.150.21.23 63.150.21.23	19031 (WESCO) (WESCO)
3	44.236.114.163 44.236.114.163	16509 (AMAZON-02) (AMAZON-02)
1	104.19.209.81 104.19.209.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
150	32

64 216.206.109.129 (United States) 1 redirects

ASN19031 (WESCO, US)
PTR: webhost11kwd01.web.cubase.org

northernhillsfederal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.northernhillsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.208.81 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.63.96.130 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-130.hhn.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:d600:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8427567.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.36.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-36-129.fra56.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.20.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-21-20-12.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.135.24 (Riyadh, Saudi Arabia) 1 redirects

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
attribution.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:6c00:7:3d38:fd80:21 (United States)

ASN16509 (AMAZON-02, US)

d1lvyn09g7nf92.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 75.2.107.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: a2146d6390014e859.awsglobalaccelerator.com

text.northernhillsfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2200:1a:3e6b:180:21 (United States)

ASN16509 (AMAZON-02, US)

d2kc9bbovjrjt2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.160.156.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-140.fra60.r.cloudfront.net

doerd31l9oh9k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.150.21.23 (Harrisburg, United States)

ASN19031 (WESCO, US)
PTR: itsme247.com

www.itsme247.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.236.114.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-114-163.us-west-2.compute.amazonaws.com

cobrowse.eltropy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.209.81 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	northernhillsfcu.org www.northernhillsfcu.org text.northernhillsfcu.org	3 MB
23	cloudfront.net d1eoo1tco6rr5e.cloudfront.net d1lvyn09g7nf92.cloudfront.net d2kc9bbovjrjt2.cloudfront.net doerd31l9oh9k.cloudfront.net	1 MB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 953	6 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4813	14 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	138 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	307 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717 pixel.sitescout.com — Cisco Umbrella Rank: 5840 attribution.sitescout.com — Cisco Umbrella Rank: 8599	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	259 KB
3	eltropy.com cobrowse.eltropy.com — Cisco Umbrella Rank: 99674	711 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415	9 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1065	25 KB
2	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 960	173 B
2	doubleclick.net 1 redirects 8427567.fls.doubleclick.net	572 B
2	visa.com secure.checkout.visa.com — Cisco Umbrella Rank: 27864	6 KB
1	itsme247.com www.itsme247.com — Cisco Umbrella Rank: 108185
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 13717	2 KB
1	northernhillsfederal.com 1 redirects northernhillsfederal.com	256 B
150	22

	Domain	Requested by
63	www.northernhillsfcu.org	www.northernhillsfcu.org
16	doerd31l9oh9k.cloudfront.net	text.northernhillsfcu.org
9	text.northernhillsfcu.org	code.jquery.com doerd31l9oh9k.cloudfront.net d1lvyn09g7nf92.cloudfront.net
6	ct.pinterest.com	s.pinimg.com
6	nexus.ensighten.com	www.northernhillsfcu.org nexus.ensighten.com
5	analytics.tiktok.com	www.northernhillsfcu.org analytics.tiktok.com
5	www.google.com	www.northernhillsfcu.org www.googletagmanager.com www.gstatic.com
5	www.googletagmanager.com	www.northernhillsfcu.org www.googletagmanager.com
3	cobrowse.eltropy.com	d1lvyn09g7nf92.cloudfront.net cobrowse.eltropy.com
3	d1lvyn09g7nf92.cloudfront.net	www.northernhillsfcu.org
3	fonts.gstatic.com	fonts.googleapis.com
2	d2kc9bbovjrjt2.cloudfront.net	text.northernhillsfcu.org
2	pixel-sync.sitescout.com	1 redirects www.northernhillsfcu.org
2	www.facebook.com	www.northernhillsfcu.org
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	d1eoo1tco6rr5e.cloudfront.net	www.northernhillsfcu.org nexus.ensighten.com
2	insight.adsrvr.org	2 redirects
2	8427567.fls.doubleclick.net	1 redirects www.northernhillsfcu.org
2	secure.checkout.visa.com	www.northernhillsfcu.org secure.checkout.visa.com
2	fonts.googleapis.com	www.northernhillsfcu.org
1	www.itsme247.com	www.northernhillsfcu.org
1	www.gstatic.com	www.google.com
1	code.jquery.com	d1lvyn09g7nf92.cloudfront.net
1	attribution.sitescout.com	www.northernhillsfcu.org
1	pixel.sitescout.com	1 redirects
1	up.pixel.ad	www.northernhillsfcu.org
1	ajax.googleapis.com	www.northernhillsfcu.org
1	northernhillsfederal.com	1 redirects
150	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.itsme247.com
northernhillsfcu.messagepay.com
northernhillsfcu.org
forms.joinmycu.com
loans.itsme247.com
www.joinmycu.com
greenpath.com
www.myaccountaccess.com
www.ncua.gov

Subject Issuer	Validity	Valid
northernhillsfcu.org R10	`2024-10-28` - `2025-01-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
secure.checkout.visa.com Cloudflare TLS Issuing RSA CA 1	`2024-09-09` - `2025-09-09`	a year	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-14` - `2024-12-13`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
text.northernhillsfcu.org Amazon RSA 2048 M03	`2024-10-29` - `2025-11-28`	a year	crt.sh
*.itsme247.com Go Daddy Secure Certificate Authority - G2	`2023-12-16` - `2025-01-16`	a year	crt.sh
cobrowse.eltropy.com Amazon RSA 2048 M03	`2024-09-23` - `2025-10-22`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.northernhillsfcu.org/
Frame ID: 55FC75A3F45DF00E5FA955961446A64A
Requests: 110 HTTP requests in this frame

Frame: https://8427567.fls.doubleclick.net/activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324
Frame ID: 2497551842FAE01DA216EE7C4872CF20
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/iframe
Frame ID: 12A1657A4DDFBE7693E26110CF4900F6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.northernhillsfcu.org
Frame ID: 836983BA2F6C605792AD0D468E55D95B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/d/embed?mid=16PjDktppVQMvLt03d7r-xMZ7a9A
Frame ID: 30D97F9D6F7CD634431DC3362B770E4F
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 3854F96067B584F492C88A541C65EE90
Requests: 1 HTTP requests in this frame

Frame: https://text.northernhillsfcu.org/chat/loadBot
Frame ID: F9CFCCA2E4D508CEC0BB95249329EB9E
Requests: 11 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/iframe
Frame ID: 12271DC46FBC96F295702634EB40EFD8
Requests: 1 HTTP requests in this frame

Frame: https://www.itsme247.com/161/authentication/username
Frame ID: 6EEDEA0E032E3F12F7FD54E7153E9FEF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf6ihsUAAAAAGay7xhUEDKIoG-r2FTTFwbBqpPD&co=aHR0cHM6Ly93d3cubm9ydGhlcm5oaWxsc2ZjdS5vcmc6NDQz&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=normal&cb=dj1wd1grmbjn
Frame ID: F0A31AD7D3167482B1B55ACA0F55D54D
Requests: 1 HTTP requests in this frame

Frame: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Frame ID: F0C59CE3FB54A7E3F9BE3E5D20917935
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Lf6ihsUAAAAAGay7xhUEDKIoG-r2FTTFwbBqpPD
Frame ID: C54B3077A0CD2079923792F2E908BF1E
Requests: 1 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/resources/html/cookie_health/cookie_ready.html?parentUrl=https://www.northernhillsfcu.org
Frame ID: F7B7A2DE84AFFBBF164308A81BBC577D
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 187F97B9427DB6CB46E7F1DACF5DCA40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Northern Hills Federal Credit Union

Page URL History Show full URLs

https://northernhillsfederal.com/ HTTP 301
https://www.northernhillsfcu.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Visa Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

secure\.checkout\.visa\.com

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

150
Requests

98 %
HTTPS

28 %
IPv6

22
Domains

30
Subdomains

32
IPs

4
Countries

6182 kB
Transfer

15744 kB
Size

24
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/NorthernHillsFCU/

Search URL Search Domain Scan URL

URL: https://www.itsme247.com/161/
Title: LOGIN >

Search URL Search Domain Scan URL

URL: https://northernhillsfcu.messagepay.com/payment/accountlookup
Title: MAKE MY LOAN PAYMENT

Search URL Search Domain Scan URL

URL: https://northernhillsfcu.org/

Search URL Search Domain Scan URL

URL: https://forms.joinmycu.com/mop/161/apply
Title: Join

Search URL Search Domain Scan URL

URL: https://loans.itsme247.com/161?LogoutURL=https://northernhillsfcu.org
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://www.joinmycu.com/161/apply/
Title: Apply Online

Search URL Search Domain Scan URL

URL: http://greenpath.com/partner/northernhills
Title: GreenPath

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do
Title: Pay My NHFCU Visa Bill

Search URL Search Domain Scan URL

URL: http://www.ncua.gov/DataApps/Pages/SI-NCUA.aspx

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://northernhillsfederal.com/ HTTP 301
https://www.northernhillsfcu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://8427567.fls.doubleclick.net/activityi;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324 HTTP 302
https://8427567.fls.doubleclick.net/activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324

Request Chain 65

https://insight.adsrvr.org/tags/huy1o7u/3cmfxfw/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/iframe

Request Chain 95

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 96

https://pixel.sitescout.com/up/1e94e55183826f3d?cntr_url=https%3A%2F%2Fwww.northernhillsfcu.org%2F HTTP 302
https://attribution.sitescout.com/privacySandbox/attributionReporting/trigger?oids=MDdhNWNmNmY0NWM5NzQyYQ&upid=1e94e55183826f3d&px

Request Chain 116

https://insight.adsrvr.org/tags/tzt9m9h/dj3fajv/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/iframe

150 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.northernhillsfcu.org/
Redirect Chain

https://northernhillsfederal.com/
https://www.northernhillsfcu.org/

86 KB
20 KB

1048ms
227ms

Document
text/html

216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PHP/8.1.31 PleskLin

Resource Hash

4f3bf1df53c54a2f46c92de82dc07844ba86023b5ed9d5db50ce15f5c78f9e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-length: 19929
content-type: text/html; charset=UTF-8
date: Thu, 05 Dec 2024 20:01:54 GMT
last-modified: Thu, 05 Dec 2024 19:51:33 GMT
server: nginx
vary: Accept-Encoding,Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.31 PleskLin
x-xss-protection: 1

Redirect headers

content-length: 162
content-type: text/html
date: Thu, 05 Dec 2024 20:01:53 GMT
location: https://www.northernhillsfcu.org/
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 293ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,600

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6340eeec1584be5ab457b30c9736f0820c777a28dfdeb2b26923b7c6ed51cca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 20:01:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 20:01:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.sidr.light.css
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/ 3 KB
939 B 734ms
731ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/jquery.sidr.light.css
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 13345c70af090d27a3e860deaf5c4b4dbbdcc04282dccbc1a35ff92836414a5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-db4"
content-type: text/css
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/themes/ui-lightness/ 27 KB
6 KB 53ms
13ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/themes/ui-lightness/jquery-ui.css

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3238cec2ac4d7dad3d433bd928a96fd653d63ef6650dc95a039c80fc3e9427a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
age: 138837
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 05:27:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 05:27:57 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5116
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
103 KB 70ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LK66BDLH9D

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b81a52545b2990813bee9456b42381aac4e4fdd7728b39bcf7361ce4e4e73f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 05 Dec 2024 20:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104721
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 wp-notification-bars-public.css
www.northernhillsfcu.org/wp-content/plugins/wp-notification-bars/public/css/ 4 KB
1 KB 736ms
733ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.12
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 9dc42404533c84125d4a1b268d9b3830b6f881b4ca29e842f1b4b00e287123d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6224a308-1060"
content-type: text/css
last-modified: Sun, 06 Mar 2022 12:03:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 style.min.css
www.northernhillsfcu.org/wp-includes/css/dist/block-library/ 112 KB
14 KB 625ms
622ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/css/dist/block-library/style.min.css?ver=fb34418889b0aed6fd89ec05184dba63
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"67344935-1c012"
content-type: text/css
last-modified: Wed, 13 Nov 2024 06:37:41 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 default.css
www.northernhillsfcu.org/wp-content/plugins/tablepress/css/build/ 6 KB
1 KB 406ms
403ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/tablepress/css/build/default.css?ver=3.0.1
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 1f80e6b33604a220dc354d5efbe1958827ced1aca779688a8372188b59454f15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"674c5037-1823"
content-type: text/css
last-modified: Sun, 01 Dec 2024 12:01:59 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 style.css
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/ 48 KB
8 KB 405ms
403ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 0e8605b027b006462de740ba8b5203aa5def76846eeaa726cb282660e41f7380

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"67067920-c191"
content-type: text/css
last-modified: Wed, 09 Oct 2024 12:37:52 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 frontend-gtag.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 449ms
445ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=9.2.2
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 7790882b18f7b3e10750f4474dc1a13150a2ef8510ef4c2e3e52c5d5f776db87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd61-2e76"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:13 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.min.js Show response
www.northernhillsfcu.org/wp-includes/js/jquery/ 86 KB
29 KB 514ms
512ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"654b2cd0-15601"
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 06:38:08 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery-migrate.min.js Show response
www.northernhillsfcu.org/wp-includes/js/jquery/ 13 KB
5 KB 516ms
514ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"64d32900-3509"
content-type: application/javascript
last-modified: Wed, 09 Aug 2023 05:49:52 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 wp-notification-bars-public.js Show response
www.northernhillsfcu.org/wp-content/plugins/wp-notification-bars/public/js/ 1 KB
525 B 733ms
731ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.12
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 04d3ded46697aaf59d6b0a0efd592b4fc9ab73fe3c0db49b44c104482e3fbe39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6224a308-45f"
content-type: application/javascript
last-modified: Sun, 06 Mar 2022 12:03:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 modernizr.custom.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/libs/ 15 KB
6 KB 626ms
624ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/libs/modernizr.custom.min.js?ver=2.5.3
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-3b16"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.cycle2.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 22 KB
7 KB 733ms
731ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/jquery.cycle2.min.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-599c"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.cycle2.carousel.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 4 KB
2 KB 515ms
513ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/jquery.cycle2.carousel.min.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-109a"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.scrollUp.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 2 KB
998 B 514ms
513ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/jquery.scrollUp.min.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-7f3"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.sidr.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 4 KB
2 KB 733ms
732ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/jquery.sidr.min.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-e59"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery-ui.min.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 223 KB
56 KB 734ms
733ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/jquery-ui.min.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:54 GMT
etag: W/"6697b9d2-37cbb"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 sdk.js Show response
secure.checkout.visa.com/assets/integration/v1/ 17 KB
6 KB 104ms
62ms Script
application/javascript 104.19.208.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checkout.visa.com/assets/integration/v1/sdk.js

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.208.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9204d2d276fcc4f3e30eccc70e37d54ae7d277a88c7d3beab6b80879bf428ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
etag: W/"6744c5a5-4287"
age: 46571
x-content-type-options: nosniff
cf-ray: 8ed6a17d6ec2d288-FRA
expires: Fri, 06 Dec 2024 00:01:54 GMT
date: Thu, 05 Dec 2024 20:01:54 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 18:44:53 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mobile_menu_white.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/mobile_icons/ 627 B
863 B 439ms
438ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/mobile_icons/mobile_menu_white.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

698d15cfcc6bd355c293133fa19321454af311704634cce2ebb8168614f4b92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "273-61d70a7249880"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 627
date: Thu, 05 Dec 2024 20:01:54 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 fb.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 585 B
821 B 439ms
438ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/fb.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

fdb40be44bf922f6c38dff7839b2abea1408d08c446314c38e59d06415f11573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "249-61d70a7249880"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 585
date: Thu, 05 Dec 2024 20:01:54 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 nh_logo_2.jpg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 15 KB
15 KB 123ms
123ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/nh_logo_2.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: c06afecee578b87fed95cc30d21eeea398bd6d47a09199b4172be9d3f77c9edd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-3a33"
accept-ranges: bytes
content-length: 14899
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 im247_online_banking.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 23 KB
23 KB 231ms
231ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/im247_online_banking.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 1a3a3d18f73adf10ba5eb3ddf015a13eba5074b16579503b6dd4935f2bcbfb51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-5c1a"
accept-ranges: bytes
content-length: 23578
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 4 KB
2 KB 278ms
13ms Script
application/javascript 41.63.96.130
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 41.63.96.130 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-41-63-96-130.hhn.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
age: 90160
x-llid: e4ebb552ed9973826e3cd9e280eefde8
accept-ranges: bytes
content-length: 1714
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript
vary: accept-encoding
server: AC1.1
last-modified: Tue, 02 Apr 2024 15:41:58 GMT

GET
H2 200 NHFCU_SkipAPay-2000x660_HPSlider.jpg
www.northernhillsfcu.org/wp-content/uploads/2024/11/ 1 MB
1 MB 333ms
327ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2024/11/NHFCU_SkipAPay-2000x660_HPSlider.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: d944c5f3ba31dfb8e58a26149edf5d3a2a25af059464b61a178482963fe044cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6744cfda-134261"
accept-ranges: bytes
content-length: 1262177
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 19:28:26 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 NHFCU_ShareCert-425-2000x660_HPSlider.jpg
www.northernhillsfcu.org/wp-content/uploads/2024/11/ 636 KB
637 KB 451ms
447ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2024/11/NHFCU_ShareCert-425-2000x660_HPSlider.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: e2662ed99cecdf01fc83e898b5c9ede799eedc0fffd79aa218e0e48cb58bdddf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "673b7e97-9effb"
accept-ranges: bytes
content-length: 651259
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Mon, 18 Nov 2024 17:51:19 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 NHFCU_HolidayLoan_2000x660_HPSlider-a1-1.jpg
www.northernhillsfcu.org/wp-content/uploads/2024/11/ 759 KB
760 KB 450ms
446ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2024/11/NHFCU_HolidayLoan_2000x660_HPSlider-a1-1.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: f56bfb08e217c4f1fecda66a2fe4a574cb2edee121c0aa4e3dab7fb02cd12ef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6728ecb5-bdab5"
accept-ranges: bytes
content-length: 776885
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 15:48:05 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 nhfcu-newlogo-banner.jpg
www.northernhillsfcu.org/wp-content/uploads/2024/07/ 184 KB
185 KB 451ms
447ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2024/07/nhfcu-newlogo-banner.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: f8c7753054c0c0de33cc2305238279ca51efa6095b9e1360ae62509493d90854

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "669fb534-2e127"
accept-ranges: bytes
content-length: 188711
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Tue, 23 Jul 2024 13:50:44 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 calculator.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 2 KB
2 KB 449ms
445ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/calculator.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 79ee52fe9dfe9e84490926045a4c93a44b4e22a499c567214e2b0c7992d1e397

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-83c"
accept-ranges: bytes
content-length: 2108
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 coop_atm.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 3 KB
3 KB 454ms
451ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/coop_atm.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: c2b6e0149672d4b97529f3e288d16449ba18d7d0f3cddaba6b568732e53db20a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-c1a"
accept-ranges: bytes
content-length: 3098
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 xtend.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 10 KB
10 KB 450ms
447ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/xtend.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 0c471bb5cc2fdbdf9fe9e15866eea8cc8b0c41500e6850c1ca0e1c755e66d883

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-285f"
accept-ranges: bytes
content-length: 10335
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 checkmark.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 714 B
950 B 450ms
447ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/checkmark.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

126be80b61491a90d658e16a866732d9aa78059a168e6d450fb911acdd8ab10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "2ca-61d70a7249880"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 714
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 pencil.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 1 KB
1 KB 450ms
447ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/pencil.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 1dd2017377fa038ac26e5d266294c30e03796c399e82dec9970eaf2d1f33fe4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-495"
accept-ranges: bytes
content-length: 1173
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 padlock.svg
www.northernhillsfcu.org/wp-content/uploads/2016/07/ 827 B
1 KB 448ms
445ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/uploads/2016/07/padlock.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

d2c43f59b4625aa8911d2baa6b3a8863e0f3de6fad9ec5a833704c50c007e626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "33b-538b272b6d133"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 827
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Thu, 28 Jul 2016 13:52:43 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 shield.svg
www.northernhillsfcu.org/wp-content/uploads/2016/07/ 662 B
899 B 451ms
448ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/uploads/2016/07/shield.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

32fc0ff1e18828bf2ce40723b6ba5d07b0ec049009946a5c6a9ffe7ebc12880b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "296-538b272c8366f"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 662
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Thu, 28 Jul 2016 13:52:44 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 info.svg
www.northernhillsfcu.org/wp-content/uploads/2016/07/ 959 B
1 KB 448ms
445ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhillsfcu.org/wp-content/uploads/2016/07/info.svg

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

d2110941938fa4f3cdb17b7e77fe553aa7aea44119bd036e987d63fc1830a21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-powered-by: PleskLin
etag: "3bf-538b2728adeec"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 959
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 1
content-type: image/svg+xml
last-modified: Thu, 28 Jul 2016 13:52:40 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 GreenPathLogoRGB.jpg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 116 KB
117 KB 451ms
448ms Image
image/jpeg 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/GreenPathLogoRGB.jpg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 5f8f330733b831cf3aebf06c320ee2ab49ef8f0f75b3970342f9264307a4d916

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-1d118"
accept-ranges: bytes
content-length: 119064
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/jpeg
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 link.png
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 3 KB
4 KB 453ms
450ms Image
image/png 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/link.png
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 35661643895a20fc68b7b3d80c8823449b372b7cc2b92161a1a4b820ee490423

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-dc1"
accept-ranges: bytes
content-length: 3521
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/png
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 formreset.min.css
www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/ 4 KB
473 B 448ms
443ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-f14"
content-type: text/css
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 formsmain.min.css
www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/ 81 KB
11 KB 226ms
220ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 60185ba5f328c91103a2b7e6d798841923c2ff50b9c38f7c1a1d10d9121c0a98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-144d7"
content-type: text/css
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 readyclass.min.css
www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/ 30 KB
3 KB 448ms
443ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: dc699951ac63a66264d0a33df63389f8682df8f1ffa89457990a459a37675980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-781e"
content-type: text/css
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 browsers.min.css
www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/ 8 KB
1 KB 225ms
220ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-20d7"
content-type: text/css
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 dom-ready.min.js Show response
www.northernhillsfcu.org/wp-includes/js/dist/ 457 B
599 B 452ms
446ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northernhillsfcu.org/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.206.109.129 , United States, ASN19031 (WESCO, US),

Reverse DNS

webhost11kwd01.web.cubase.org

Software

nginx / PleskLin

Resource Hash

5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-frame-options: SAMEORIGIN
x-powered-by: PleskLin
content-encoding: gzip
etag: "1c9-6152aa1b4a3d5-gzip"
x-accel-version: 0.01
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 320
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 1
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 05:38:26 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 hooks.min.js Show response
www.northernhillsfcu.org/wp-includes/js/dist/ 5 KB
2 KB 450ms
444ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"67344936-12a8"
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 06:37:42 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 i18n.min.js Show response
www.northernhillsfcu.org/wp-includes/js/dist/ 9 KB
4 KB 452ms
446ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"660ceb52-23b5"
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 05:38:26 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 a11y.min.js Show response
www.northernhillsfcu.org/wp-includes/js/dist/ 2 KB
973 B 449ms
444ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/dist/a11y.min.js?ver=3156534cc54473497e14
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: cf1aa9163953fb477fe5cf452229042578738fa9e600c6ef64c47e4635ba78c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"67344936-936"
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 06:37:42 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery.json.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/gravityforms/js/ 2 KB
984 B 450ms
447ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 0b8ffaa7c45831d22e7f5fbafbf6f9492625eff743a65e28f6aacffa41b3273b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-71f"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 gravityforms.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/gravityforms/js/ 45 KB
13 KB 453ms
451ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.9.0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 48d227fa4ab633e7006df563273acc5ba16996eb45d1a309f1970e063b4b8512

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-b467"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 42ms
25ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&ver=fb34418889b0aed6fd89ec05184dba63

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

ESF /

Resource Hash

b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 20:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 05 Dec 2024 20:01:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/17413/ 29 KB
10 KB 63ms
15ms Script
application/javascript 2600:9000:206f:d600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a4bb38b240a5b50b6fa3134c3fc8b8564a6577fe3c966045f615c61e28e75a52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
x-amz-version-id: hrnLvOb2XFE.oWixlIJMNz5epQGlHsPC
etag: W/"9f3c846704dc53a8caa92d9ec0c31540"
age: 1221212
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: u0ZvSIi05jd9zkljH7bbfXWDRTEgVbe39k6zlSH86eu5yDECnMo_EQ==
date: Thu, 21 Nov 2024 16:48:24 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Sun, 29 Oct 2023 15:11:18 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 back-to-top-button.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 4 KB
4 KB 450ms
448ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/back-to-top-button.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: c10726a8f825e27588395cce7b23ceca441ca507b622a50e6ce8033fb78e8974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-fd8"
accept-ranges: bytes
content-length: 4056
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 equal_housing_lender.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 5 KB
6 KB 450ms
448ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/equal_housing_lender.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: f600cf5cf2ce9547653c5c2a31bd31ca22ba0d1b5f9f2adc5247b63a456194e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-15c1"
accept-ranges: bytes
content-length: 5569
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 icon_ncua.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 73 KB
73 KB 449ms
447ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/icon_ncua.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: a3ac227bf769163052d58935cde3e8bb79ade0e1c28447ab3452d83edef2e6a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "6697b9d2-124b1"
accept-ranges: bytes
content-length: 74929
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 sc_style.css
www.northernhillsfcu.org/wp-content/plugins/sitecontrol/ 6 KB
2 KB 449ms
444ms Stylesheet
text/css 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/sitecontrol/sc_style.css?ver=1733055241
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: c5fafb4c5bbaa94b18b181cb7ec95147810249b3220981d77a978541ab9ec9b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"674c5309-1852"
content-type: text/css
last-modified: Sun, 01 Dec 2024 12:14:01 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 50ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz%3A400%2C300%2C500%2C600%2C700%2C200&ver=fb34418889b0aed6fd89ec05184dba63

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

638b03fe5fbf962578b945ae0edfb1f76d6df832fb1c2e8ad3937d75fb08e925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 20:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 20:01:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 new-tab.js Show response
www.northernhillsfcu.org/wp-content/plugins/page-links-to/dist/ 34 KB
12 KB 451ms
447ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"66042cf8-8687"
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 14:28:08 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 scripts.js Show response
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/ 9 KB
3 KB 447ms
443ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/js/scripts.js?ver=fb34418889b0aed6fd89ec05184dba63
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: bbcc05ca312b1fb262c530acc889e63f274bb97db4fd10cb122a451404bd6501

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6697b9d2-22cb"
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 links.js Show response
www.northernhillsfcu.org/wp-content/plugins/sitecontrol/ 5 KB
2 KB 449ms
444ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/sitecontrol/links.js?ver=21.09.28
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 19ea054ef724bfa2a99e2fb14ed87108f0ccb6e8e6214224894191b68450c16c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"674c5309-1220"
content-type: application/javascript
last-modified: Sun, 01 Dec 2024 12:14:01 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 utils.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/ 50 KB
14 KB 452ms
451ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=f802885f3482236736b18b55abcdc360
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 5c71c4b2e5e52305b900b8a34f8a7c79719b5fd0153d4d4908ffdfa651d484d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-c680"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 vendor-theme.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/ 20 KB
7 KB 451ms
449ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=ddd2702ee024d421149a5e61416f1ff5
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: eb408bc52d70717b0eeca34dd12fb4daec32bdd836d7435c2ae44718af3cff6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-4e1b"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 scripts-theme.min.js Show response
www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/ 29 KB
9 KB 451ms
450ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=c055226f9b8c432c9206edab9070263c
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: f7cae98992654404694c8f2d95b76965dc27b47c69feebe2790215007afa9548

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:55 GMT
etag: W/"6739dd62-73c1"
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 12:11:14 GMT
server: nginx
x-powered-by: PleskLin

GET cb2d0ca8-31f0-45d4-95e6-ddbd4ff02752
https://www.northernhillsfcu.org/ Frame 0
0

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 24ms
8ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.northernhillsfcu.org
Referer: https://fonts.googleapis.com/

Response headers

age: 14756
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 15:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 15:55:59 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
101 KB 53ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbbdd18c1e746a2574e758a2cd4bea342d34e53fbd2274ccd7a355dc2410317b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 05 Dec 2024 20:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 05 Dec 2024 19:04:24 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102894
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324
8427567.fls.doubleclick.net/ Frame 2497
Redirect Chain

https://8427567.fls.doubleclick.net/activityi;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324?
https://8427567.fls.doubleclick.net/activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324?

0
0

44ms
43ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8427567.fls.doubleclick.net/activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324?

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1081
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:01:55 GMT
expires: Thu, 05 Dec 2024 20:01:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:01:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8427567.fls.doubleclick.net/activityi;dc_pre=CKqohfa1kYoDFRaw_QcdnbAvcg;src=8427567;type=ip1817;cat=lpip10;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2695061854531.324?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/ Frame 12A1
Redirect Chain

https://insight.adsrvr.org/tags/huy1o7u/3cmfxfw/iframe
https://d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/iframe

0
0

433ms
403ms

Document
text/html

18.245.36.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/iframe
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.36.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-36-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Thu, 05 Dec 2024 20:01:56 GMT
ETag: "965b815aab1b5904d78daeec54436dc4"
Last-Modified: Fri, 01 Oct 2021 23:42:31 GMT
Server: AmazonS3
Via: 1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: DV1q0qTAIHPagcaIGKX0F0tEZM6dF4FRnkOowR3_4o3AsmQghUXfNw==
X-Amz-Cf-Pop: FRA56-P8
X-Cache: RefreshHit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Thu, 05 Dec 2024 20:01:55 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/huy1o7u/3cmfxfw/iframe

GET
H2 200 searchglass.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 1 KB
1 KB 447ms
447ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/searchglass.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: c2653018362163ff670ed014c61de2dc3347ea022e345be0a0da24b007efaea0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-429"
accept-ranges: bytes
content-length: 1065
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 41ms
41ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.northernhillsfcu.org
Referer: https://fonts.googleapis.com/

Response headers

age: 94215
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 17:51:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 17:51:40 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 16ms
15ms Ping
text/plain 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.northernhillsfcu.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1505449652.1733428915&auid=136328158.1733428915&npa=1&gtm=45He4c30v9177002682za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733428915500&tfd=3205&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 91ms
48ms Script
application/javascript 2a04:4e42:200::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "56ab8670135f76d12eef4f347a61fb24"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1859
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 23ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Hgq6DQQu' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Hgq6DQQu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4420, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: pJjfm7hNc1TCKSSJ5sFMa70MxgGC9PuoHcSEXWqw1l+Q/zs6YNPUMcLFKTUuwSr7k4xd+vpw3oCraXXVNAjQSw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 141ms
107ms Script
application/javascript 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSFSVNBC77UA15LG6LBG&lib=ttq
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-21-20-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 679b368b7dd3e0fcb9dd43719897bd856923b0f1892530741da4612d1f9f4d4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-249-152.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires: Thu, 05 Dec 2024 20:01:55 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=3
x-cache: TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 19b8061.da37e110
x-tt-trace-host: 0155477d3aa787bd96b8f391f905a6c63a569512615e3ee692e174e56f8b4a27daac27f6a1a49285374b6ef13b64b9aaa854ce551ea0c286ecb190b2e326e5ce354f3ae2a33e6cdedf85478a4be7a9eb1d02a3d45f179a6d32c2bb60c4df99234cbaf6b5f8ef2f19636a2dfdd8f90f87aa
x-origin-response-time: 8,23.48.249.152
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241205200155A56AA83619FC0285B431-52D709F6976D4F81-00
content-length: 1634
x-parent-response-time: 93,23.51.23.82
x-tt-logid: 20241205200155A56AA83619FC0285B431
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LK66BDLH9D&l=dataLayer&cx=c&gtm=45He4c30v9177002682za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44505d1388939826ce4d530680e53b5a141cb10de09360c5082da1df5e9a8ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 05 Dec 2024 20:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104726
x-xss-protection: 0
server: Google Tag Manager

GET
H2 204 td
www.googletagmanager.com/ 0
341 B 23ms
22ms Image
text/plain 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-TC7HNZ4M&v=3&t=t&pid=316699038&dl=www.northernhillsfcu.org%2F&tdp=GTM-TC7HNZ4M;177002682;0;0;0&frm=0&rtg=177002682&slo=12&hlo=18&lst=1&z=0
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 8369 0
0 40ms
18ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.northernhillsfcu.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7HNZ4M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:01:55 GMT
expires: Fri, 05 Dec 2025 20:01:55 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 84ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LK66BDLH9D&gtm=45je4c30v867682537za200zb9177002682&_p=1733428915181&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&gdid=dZGIzZG&cid=1287397633.1733428916&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733428915&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernhillsfcu.org%2F&dt=Northern%20Hills%20Federal%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&tfd=3240
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LK66BDLH9D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.northernhillsfcu.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 2722801197899976 Show response
connect.facebook.net/signals/config/ 69 KB
15 KB 161ms
161ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2722801197899976?v=2.9.178&r=stable&domain=www.northernhillsfcu.org&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3f7ef4033df9d37ad65d65f42b7eb9f3552fb2b54dafb607c7b93d49b455f10e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-qS7Q59TG' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-qS7Q59TG' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=1, c=4, mss=1232, tbw=70450, tp=67, tpl=1, uplat=148, ullat=0
pragma: public
x-fb-debug: A6dYXLvX6FJDuw/4SOqJlqmQfWmBjh3zfGsUihquzoqbu11F/woybhsGo0j6hcCcLV2UP7T0MxXZ8xUCJVSACg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.babde0ae.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 11ms
11ms Script
application/javascript 2a04:4e42:200::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "8b081f101a84d3f43538d221491c793e"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23434
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
331 B 83ms
41ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613534298455&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1733428915613&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: b2b9c94b02183969abf4dd2903765e3a
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5qQTVZbUl4WldFdE5XRTJPUzAwTXpBeExXRTNOelF0TmpjeE1EazJZelZrTWpZNQ
pinterest-version: 75a2e463490b354f0da2ed063acf1bba859f459b
access-control-allow-origin: https://www.northernhillsfcu.org
content-length: 186
x-pinterest-rid: 1239077164302456

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
681 B 81ms
39ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613534298455&cb=1733428915614&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 23c5ca8a761aed4b343fa641d5ce98df
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVl6TTJOVFZtTmpVdE9XSmlZUzAwWmpCaUxUa3dOV1V0TVdSaVlUVXpNMk0wTXpZMA
pinterest-version: 75a2e463490b354f0da2ed063acf1bba859f459b
access-control-allow-origin: https://www.northernhillsfcu.org
content-length: 186
x-pinterest-rid: 3764910615195195

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
208 B 79ms
39ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613534298455&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.northernhillsfcu.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22babde0ae%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1733428915615
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: f943b1488d5df24efeb786bed37fdf77
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 75a2e463490b354f0da2ed063acf1bba859f459b
access-control-allow-origin: https://www.northernhillsfcu.org
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 05 Dec 2024 20:01:55 GMT
x-pinterest-rid: 1835428696052202
content-type: image/gif

GET
H2 200 main.MTBlZWM4ZGM2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
95 KB 13ms
13ms Script
application/javascript 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSFSVNBC77UA15LG6LBG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-21-20-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-cache: TCP_HIT from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-2411261215140B76355E9DC9CF4D7019-0BA206083750779E-00
content-length: 96612
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411261215140B76355E9DC9CF4D7019
server: nginx
x-akamai-request-id: da37e41b
x-tt-trace-host: 016c1980c529fb91875a6dac14ad9ad3b38582a2219ed9043ed3b91c011f606821a8dbe47df22d6270e462e12c517338aa740277360a5b9953f332f2cfb379a2b894bf86c0c27894c5369ecb556a5678497243409b8d135042f40655af4a596f50

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 14ms
14ms Script
application/javascript 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-21-20-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-cache: TCP_HIT from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-24111505024603FF1FD284170622AEE0-4ED0E5B634053B9A-00
content-length: 39637
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111505024603FF1FD284170622AEE0
server: nginx
x-akamai-request-id: da37e587
x-tt-trace-host: 010b7d6ec644d3e35ff0572d32add000e549ce312108cf28bb072a6a2a2bf5834e9e931d42be5e52f045584fbfd508067d3396db3b4fcc0e79c3f5eae46d759e208821f2e05c00f862cf3c344c9e7e087cf919faf1f223f32acab975df26b79b03

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
714 B 154ms
153ms Ping
text/plain 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-21-20-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 05 Dec 2024 20:01:55 GMT
server-timing: inner; dur=27, cdn-cache; desc=MISS, edge; dur=7, origin; dur=132
x-cache: TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Thu, 05 Dec 2024 20:01:55 GMT
x-akamai-request-id: da37e5c8
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0155477d3aa787bd96b8f391f905a6c63a7f8d460e0fc731f1fafc9527c17546ccb9ff593d98ef935b14a0712e5077c8c039c40877e7f620cfb3124dd11296e294cb4cb81d062ea920e32c8ad5ca204c10aea96864bbff6870fc13e0bec6f6f5e1
x-origin-response-time: 132,23.51.23.82
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241205200155DCD89F096417708515F1-670A3B8F6CD07149-00
content-length: 0
x-tt-logid: 20241205200155DCD89F096417708515F1
server: nginx

GET
H3 200 embed
www.google.com/maps/d/ Frame 30D9 0
0 234ms
219ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/d/embed?mid=16PjDktppVQMvLt03d7r-xMZ7a9A

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hYnRpFznmKZS_3wuu45eBw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hYnRpFznmKZS_3wuu45eBw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
date: Thu, 05 Dec 2024 20:01:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: ESF
server-timing: gfet4t7; dur=210
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
695 B 40ms
39ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613534298455&cb=1733428915706&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.northernhillsfcu.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22babde0ae%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: d11938adcf238ab38bdb248fc1e3c4a6
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 75a2e463490b354f0da2ed063acf1bba859f459b
access-control-allow-origin: https://www.northernhillsfcu.org
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 05 Dec 2024 20:01:55 GMT
x-pinterest-rid: 1007768879102346
content-type: image/gif

GET
H2 200 left_arrow.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 24 KB
24 KB 368ms
366ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/left_arrow.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: e34ba12447ed9428aa3ac0bf25b2f7e591d5eb6ac1dc65f0f5e72ad32b467083

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-5e3b"
accept-ranges: bytes
content-length: 24123
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 right_arrow.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 24 KB
24 KB 370ms
368ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/right_arrow.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: a9709ba3f8a6afbde7000e851f73b1bfce2ace6d87a99f412690414380a3fbea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-5e44"
accept-ranges: bytes
content-length: 24132
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 car.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 1 KB
2 KB 368ms
366ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/car.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 7851b76b2f379bfa2a87ec2d417cd0e082c03433b26ebc5fda0d778b59a24711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-591"
accept-ranges: bytes
content-length: 1425
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 rv.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 2 KB
2 KB 370ms
368ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/rv.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 0a04f1d51671022ea2b808a45e182481b9da3bc95ada8cc47d93e67a0b6b15c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-8a5"
accept-ranges: bytes
content-length: 2213
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 white_dollar_bills.svg
www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/ 4 KB
4 KB 368ms
366ms Image
image/svg+xml 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/images/white_dollar_bills.svg
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: bfd54c6fea19dfa08f294cf96da218ecb3d7c50d26505310fd6d210c9e461384

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/wp-content/themes/northernhills_2016/library/css/style.css?ver=1728477472

Response headers

etag: "6697b9d2-1025"
accept-ranges: bytes
content-length: 4133
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Jul 2024 12:32:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 8ms
8ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.northernhillsfcu.org
Referer: https://fonts.googleapis.com/

Response headers

age: 103155
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 15:22:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 15:22:40 GMT
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 0
server: sffe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 79ms
11ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2722801197899976&ev=PageView&dl=https%3A%2F%2Fwww.northernhillsfcu.org&rl=&if=false&ts=1733428915733&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1733428915732.419320498697949742&pm=1&hrl=7e9c9e&ler=empty&cdl=API_unavailable&it=1733428915549&coo=false&tm=1&cs_cc=1&cas=8576767045778843&rqm=GET

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=4, c=4, mss=1232, tbw=7240, tp=15, tpl=4, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 258ms
190ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2722801197899976&ev=PageView&dl=https%3A%2F%2Fwww.northernhillsfcu.org&rl=&if=false&ts=1733428915733&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1733428915732.419320498697949742&pm=1&hrl=7e9c9e&ler=empty&cdl=API_unavailable&it=1733428915549&coo=false&tm=1&cs_cc=1&cas=8576767045778843&rqm=FGET

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445020500008981494"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445020500008981494"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445020500008981494", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=4, c=23, mss=1232, tbw=7608, tp=18, tpl=4, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: sEZ/sN4iakeWsZsHL7AnEh3yD3n/NpapQL8QqskopCaFsR2d4fwd67h/yUlTb0zX13eW0NJBJUUx2OyAKd3Exg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
716 B 140ms
138ms Ping
text/plain 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-21-20-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.northernhillsfcu.org/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 05 Dec 2024 20:01:56 GMT
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=5, origin; dur=124
x-cache: TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Thu, 05 Dec 2024 20:01:56 GMT
x-akamai-request-id: da37eba4
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0155477d3aa787bd96b8f391f905a6c63a7f8d460e0fc731f1fafc9527c17546ccb23e19afa7e3e10fba61f0b7364c32b9a0919596b9c84a774285a7e7f67673d8b794887912ee5ff055ef24a9ebf42f31221a1dbc633074dcc15c8f9d86e78324
x-origin-response-time: 124,23.51.23.82
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412052001551DB02B6FAFB96E642645-5955D2652F6D91A5-00
content-length: 0
x-tt-logid: 202412052001551DB02B6FAFB96E642645
server: nginx

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame 3854
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

16ms
16ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Thu, 05 Dec 2024 20:01:55 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 05 Dec 2024 20:01:56 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2

200

trigger
attribution.sitescout.com/privacySandbox/attributionReporting/
Redirect Chain

https://pixel.sitescout.com/up/1e94e55183826f3d?cntr_url=https%3A%2F%2Fwww.northernhillsfcu.org%2F
https://attribution.sitescout.com/privacySandbox/attributionReporting/trigger?oids=MDdhNWNmNmY0NWM5NzQyYQ&upid=1e94e55183826f3d&px

43 B
478 B

33ms
13ms

Image
image/gif

98.98.135.24
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attribution.sitescout.com/privacySandbox/attributionReporting/trigger?oids=MDdhNWNmNmY0NWM5NzQyYQ&upid=1e94e55183826f3d&px
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Server: 98.98.135.24 Riyadh, Saudi Arabia, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length: 43
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"4","deduplication_key":"123099"}],"debug_key":"38065881089716","debug_reporting":true}
date: Thu, 05 Dec 2024 20:01:55 GMT
content-type: image/gif
server: AC1.1

Redirect headers

cache-control: max-age=0,no-cache,no-store
location: https://attribution.sitescout.com/privacySandbox/attributionReporting/trigger?oids=MDdhNWNmNmY0NWM5NzQyYQ&upid=1e94e55183826f3d&px
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length: 0
date: Thu, 05 Dec 2024 20:01:55 GMT
server: AC1.1

GET
H2 200 contact-widget-embed.js Show response
d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/ 65 KB
66 KB 818ms
645ms Script
text/javascript 2600:9000:211e:6c00:7:3d38:fd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f69e3dbd8180b4842af56ffba542226927c2463f9b43b7775ea87c5a219838d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-amz-replication-status: FAILED
x-amz-version-id: qhUe_jHRc25HDMzjq4KINz4KAgoEXEFs
etag: "3aa073ef82ad8d4a64a67884309770e1"
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 66944
x-amz-cf-id: HkVgywSXLrnxW31cwjVGVLMDeCQIlh34yYZvZaVCe5-0EbAk-5e6PQ==
date: Thu, 05 Dec 2024 20:01:57 GMT
content-type: text/javascript
last-modified: Sat, 30 Nov 2024 06:20:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 33ms
7ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 1952207
x-cache: HIT, HIT
date: Thu, 05 Dec 2024 20:01:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 8, 454856
x-served-by: cache-lga21931-LGA, cache-fra-etou8220049-FRA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1733428917.381739,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 loadBot Show response
text.northernhillsfcu.org/chat/ Frame F9CF 3 KB
3 KB 672ms
149ms Document
text/html 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/chat/loadBot

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

1a561273be2e930474e4f7845daf1a7ad0c782f7a16db85dcb880f15f7bf3eb6

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 2562
content-security-policy: default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 05 Dec 2024 20:01:57 GMT
etag: "6748677a-a02"
last-modified: Thu, 28 Nov 2024 12:52:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-permitted-cross-domain-policies: none

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
216 KB 24ms
9ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&ver=fb34418889b0aed6fd89ec05184dba63

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.northernhillsfcu.org
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: gzip
age: 15716
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 15:40:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 15:40:01 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220753
x-xss-protection: 0
server: sffe

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/17413/ 599 B
931 B 47ms
47ms Script
text/javascript 2600:9000:206f:d600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/17413/code/&publishedOn=Sun%20Oct%2029%2015:11:10%20GMT%202023&ClientID=923&PageID=https%3A%2F%2Fwww.northernhillsfcu.org%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c91cc03646bded75dacf4da85776f52300ccb482cc52c619e8f173dac3596e8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache, no-store
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
expires: Thu, 05 Dec 2024 20:01:56 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 599
x-amz-cf-id: 9tAtpVqh2Fvi7BBoagqB-z9MAVL9VX3h2RuxgqnkMVQA4k3Wt9KvYQ==
date: Thu, 05 Dec 2024 20:01:57 GMT
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H3 200 89737b9f94ca295968fad66281cd1651.js Show response
nexus.ensighten.com/choozle/17413/code/ 1 KB
885 B 12ms
11ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/code/89737b9f94ca295968fad66281cd1651.js?conditionId0=4950284
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 618c28e9d224f8b647a525e67192b6c944c620f445ff4f677d9ad7c6318f71a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
etag: W/"7b0def8b6d68ada7741c685187a66fee"
age: 3222965
x-amz-version-id: yeumGur7t_THLvuCcwv0vbqpEms6xXCL
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8PL0n9fcaLxUjj75j7NOZ_qsl-9fatbCvrcPfu6rKv9H0ScFyZ7Z3w==
date: Tue, 29 Oct 2024 12:45:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 17 Apr 2023 21:04:05 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 d3d14424fac71699bdbff068d9b1184b.js Show response
nexus.ensighten.com/choozle/17413/code/ 2 KB
821 B 12ms
11ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/code/d3d14424fac71699bdbff068d9b1184b.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e80cfc6df2f882813f88dcf1175bc0c47e13c0cd8517bc240a65ee6cc758b0f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
x-amz-version-id: lx6K.70CM_3BoSRDFdBJo57PIzEIqen7
age: 2671451
etag: W/"e8e93310d35a9462151b8fdab5b436ce"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: yhRk9xTqzrPQqadQwGIATifioyDFzQMH1LxWx3XOpTWLP7rgUHR63g==
date: Mon, 04 Nov 2024 21:57:47 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Sun, 29 Oct 2023 15:11:20 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 e60eaac02860dc4cc61fb86a262d3379.js Show response
nexus.ensighten.com/choozle/17413/code/ 282 B
698 B 14ms
14ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/code/e60eaac02860dc4cc61fb86a262d3379.js?conditionId0=4951284
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: f5f880f0d26d392aa7a84872487faa811982215160c4bba9416f389f7aef21a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "3a974b004ada4658398e8570e834273a"
age: 705287
x-amz-version-id: 3KqmOAnlu1gVIf9prgJa2u3YV.FK6dh_
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aGtlWVsM3zEIjq-TfH_hxX66nzODH1KxA3mcoA3XWyKrQz-ymHSdvQ==
date: Wed, 27 Nov 2024 16:07:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Oct 2023 15:11:20 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 282
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 74959d23945f4073530c7d9fdb5a8b88.js Show response
nexus.ensighten.com/choozle/17413/code/ 673 B
1 KB 13ms
13ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17413/code/74959d23945f4073530c7d9fdb5a8b88.js?conditionId0=4943000
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 05d19d30d21f9a7c0d7fc3d3f3f845d80e072844e813606e6df4b4310df401f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "8c1b31a780d714a979c050021b563149"
age: 705287
x-amz-version-id: 2Pjz1.zYgB2LSedn59cBkuKNUX4Q3oNZ
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: POyB09SWMeXOpM4uOD_bbsETfcwHhb8bagqyv-cZfcrmnCdPlvXJhg==
date: Wed, 27 Nov 2024 16:07:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Oct 2023 15:11:19 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 673
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 es6-shim.min.js Show response
d2kc9bbovjrjt2.cloudfront.net/cdn/ Frame F9CF 56 KB
16 KB 44ms
12ms Script
application/javascript 2600:9000:2057:2200:1a:3e6b:180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2kc9bbovjrjt2.cloudfront.net/cdn/es6-shim.min.js
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2200:1a:3e6b:180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
content-encoding: gzip
etag: W/"a95b94cf6b62062b328f415eff920b95"
age: 69683
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: UkIriyk_4WRBlpTxCfyn8BffYMYgNUb6KBAZkJOIejf4XvfKcksBPg==
date: Thu, 05 Dec 2024 00:40:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Dec 2021 16:27:06 GMT
access-control-allow-headers: Range
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3

GET
H2 200 ABCDiatype-Bold.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 35 KB
36 KB 48ms
10ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Bold.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1307fbc32a62b66eb55afcc457c776759cbbef880fee985fc411f03a53ad5a73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: p6n0Tc7r0wEfMmBNZniK6iv3yS2JNMXI
etag: "62347265ffc8d5bbfa1ab1f0237081fe"
age: 75463
x-cache: Hit from cloudfront
x-amz-cf-id: HkYMStZGb4wz9EN7m1L3CzSjltMbKruBfVtJ_DvNrkwik6QPQQrqHA==
date: Wed, 04 Dec 2024 23:06:19 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:56 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36284
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-BoldItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 37 KB
37 KB 60ms
22ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-BoldItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9702ed6207153ea3b79048a51c0475edb6c9c690c9606a4da360e4e65eb32aba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: TzJZJR3VlreA2QEgEUmHqIYZ8NDQq42s
etag: "9e17597dd4da4bae980ecbef031bd8e4"
age: 42566
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: nBZjmyoRZF8rGsXRIcNjblxBXrLBM71WDvHgHKTsKp92GvEJ82ucsQ==
date: Thu, 05 Dec 2024 08:12:33 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:49 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37648
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-Medium.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 36 KB
37 KB 50ms
12ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Medium.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ca11cf9ca00fd5a1e8ed8a901d790bf273e188bfa76d5cc57f6aeebb2d5a42a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: b2Ry6_xBTV0g9DZQoNx4HbovoYRjXObc
etag: "453362635b339393678d9a3ce1345a51"
age: 63434
x-cache: Hit from cloudfront
x-amz-cf-id: C_IJIy65-lamFzshoEyriInR_x7SWkN-3ET-XLYmjXnLr41bnEHG4g==
date: Thu, 05 Dec 2024 02:34:39 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:27:01 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37132
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-MediumItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 38 KB
38 KB 48ms
10ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-MediumItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd02ffc054bdb74d7dd3af75fb890816bc85720099a01244730da7a3be97aab9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: B4Kreqj0F121.fs2YNFtUTQm1eiQQ3Fb
etag: "151847173fa97d2904d66477d6c7e0f6"
age: 41418
x-cache: Hit from cloudfront
x-amz-cf-id: Q4T8OIa_A6nkGlp5mVqSvznHFYCD3Kiqgb7MzslYSL_9BZwvrapheg==
date: Thu, 05 Dec 2024 08:34:02 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:51 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38868
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-Regular.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 33 KB
34 KB 46ms
8ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Regular.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ffe7cae057c83d8b2cf00f4b3a6a895ea79f87703772ab5f3a7364887da1c40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: dRj2IfRkb_gzvWdiCgOACtTkkXxsQTiw
etag: "233ff3d5c1ae46bf97b9e45ca201d061"
age: 42566
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: E-0NULtmOnhPK6ox7ztoYDFfZ91TXMgPTHMHHEBm9MZ0JK_uPYZQlg==
date: Thu, 05 Dec 2024 08:12:33 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:54 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34196
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-RegularItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F9CF 35 KB
36 KB 50ms
13ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-RegularItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa72994170d22039355983406708efe607928c967f7209abb57d5496b6a6d04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: BufFa3sxJDDPPHe2Wn.wYZ5HH8oZCOpc
etag: "7b038158704a5c3f432bf27f238ac214"
age: 50077
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: B-ItjAWrtI3SuaUvQlq0hh7gRIXaBNonLiWaUXxqYEZxAGknnGsZxg==
date: Thu, 05 Dec 2024 06:08:05 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:48 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35956
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor.6382f1a12722ba24146b.js Show response
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame F9CF 3 MB
611 KB 45ms
7ms Script
application/javascript 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Requested by

Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-140.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8a0cbdcb9867acdd5543e3c8687a59777fcefdb6493d9349c86a75b263b15bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://text.northernhillsfcu.org/

Response headers

content-encoding: br
etag: W/"220c47556e7a1e31b358cae5dc1f2c8a"
x-amz-version-id: VOcBVOwd3u_r5R.UtMSxsCDncCeh6cEW
age: 44930
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: sHw9vf5cvn7KLRGdk7Mzeho50y6PUFot38FBKWjD_5iJ55p9r_Nktw==
date: Thu, 05 Dec 2024 07:34:25 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Sat, 30 Nov 2024 05:59:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 chat.11af73265362ba7d96cc.js Show response
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame F9CF 523 KB
229 KB 45ms
8ms Script
application/javascript 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.11af73265362ba7d96cc.js

Requested by

Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/loadBot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-140.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8f1bb1ff48ccb89fef965df3805b07349266f6aeffcf40968dec657776e04f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://text.northernhillsfcu.org/

Response headers

content-encoding: br
etag: W/"3c7a3a456ccdfaa601d6281641d70eaa"
x-amz-version-id: P82L6QpaIPovGsOZ4dAkhPQtNNGhY9W1
age: 49380
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 9wfPDixbLuKpX8Vzuqu_0MnkrtEDxQJJAAToDP_K7Sypxak_ZCMNog==
date: Thu, 05 Dec 2024 06:18:58 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Sat, 30 Nov 2024 05:59:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/ Frame F9CF 3 KB
3 KB 157ms
156ms Fetch
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/config

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.11af73265362ba7d96cc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

7a1f486b014b3b3f55863d2ee7b258634af33634f5edd842db308b59bb6a9d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://text.northernhillsfcu.org/chat/loadBot

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 4
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-eltropy-revision: 1.6.0
date: Thu, 05 Dec 2024 20:01:58 GMT
content-type: application/json; charset=utf-8
server: envoy

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/ Frame 1227
Redirect Chain

https://insight.adsrvr.org/tags/tzt9m9h/dj3fajv/iframe
https://d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/iframe

0
0

484ms
483ms

Document
text/html

18.245.36.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17413/code/74959d23945f4073530c7d9fdb5a8b88.js?conditionId0=4943000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.36.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-36-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 05 Dec 2024 20:01:59 GMT
ETag: "5d46c13d49dd8671cac8865ae3cfd144"
Last-Modified: Fri, 11 Nov 2022 21:32:46 GMT
Server: AmazonS3
Via: 1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: STvJwkJYZtSdhTa2ZMbezJyV3zgN5hG9EoyLbGwvTrpE3FKyfihpQw==
X-Amz-Cf-Pop: FRA56-P8
X-Cache: Miss from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Thu, 05 Dec 2024 20:01:58 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/tzt9m9h/dj3fajv/iframe

GET
H2 200 wp-emoji-release.min.js Show response
www.northernhillsfcu.org/wp-includes/js/ 18 KB
5 KB 651ms
650ms Script
application/javascript 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-includes/js/wp-emoji-release.min.js?ver=fb34418889b0aed6fd89ec05184dba63
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

content-encoding: br
date: Thu, 05 Dec 2024 20:01:58 GMT
etag: W/"660ceb52-4926"
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 05:38:26 GMT
server: nginx
x-powered-by: PleskLin

GET
H/1.1 200
OK username
www.itsme247.com/161/authentication/ Frame 6EED 0
0 1088ms
219ms Document
text/html 63.150.21.23
WESCO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itsme247.com/161/authentication/username

Requested by

Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.150.21.23 Harrisburg, United States, ASN19031 (WESCO, US),

Reverse DNS

itsme247.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Dec 2024 20:01:59 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Name: Web08 Web08

GET
H2 200 northern-hills-logo.png
www.northernhillsfcu.org/wp-content/uploads/2016/08/ 12 KB
12 KB 636ms
636ms Image
image/png 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2016/08/northern-hills-logo.png
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 31f5fd75ab072f6c1d1baf4a70ebed2b3f8454a9e8f58e1a8468477a5c89df24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "57a8980e-2fb6"
accept-ranges: bytes
content-length: 12214
date: Thu, 05 Dec 2024 20:01:58 GMT
content-type: image/png
last-modified: Mon, 08 Aug 2016 14:32:46 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F0A3 0
0 32ms
32ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf6ihsUAAAAAGay7xhUEDKIoG-r2FTTFwbBqpPD&co=aHR0cHM6Ly93d3cubm9ydGhlcm5oaWxsc2ZjdS5vcmc6NDQz&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=normal&cb=dj1wd1grmbjn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-suUIAB3HdG4_cId_H6lwSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-suUIAB3HdG4_cId_H6lwSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:01:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 v1 Show response
text.northernhillsfcu.org/messages/service/cobrowse/config/ 61 B
387 B 449ms
153ms Fetch
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/cobrowse/config/v1

Requested by

Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

5a04980e5411ea6cf08102a6b70305e94b0687c65c0132323444b2849af7cabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 1
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-eltropy-revision: 1.6.0
access-control-allow-origin: https://www.northernhillsfcu.org
content-length: 61
date: Thu, 05 Dec 2024 20:01:58 GMT
content-type: application/json; charset=utf-8
server: envoy

GET
H2 200 / Show response
text.northernhillsfcu.org/chat/ Frame F0C5 3 KB
3 KB 149ms
149ms Document
text/html 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

1a561273be2e930474e4f7845daf1a7ad0c782f7a16db85dcb880f15f7bf3eb6

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 2562
content-security-policy: default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 05 Dec 2024 20:01:58 GMT
etag: "6748677a-a02"
last-modified: Thu, 28 Nov 2024 12:52:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-permitted-cross-domain-policies: none

GET
H2 200 widgetIcon.png
d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/ 3 KB
3 KB 641ms
640ms Image
image/png 2600:9000:211e:6c00:7:3d38:fd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/widgetIcon.png
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb937756a2bb58d366f1d300b9bbe87f6889a7c428bd52715efc0df3b56d3e54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-amz-replication-status: FAILED
x-amz-version-id: 7xjpgruIwwL1XxOmvDkKD5DIRPU61q7g
etag: "4e0684b7efe318d904854d7f33f5ff80"
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 2827
x-amz-cf-id: 89OYdqpO4E20rbWVci8iDsBfAJhN8kCxdyz0uLmgzfmxfytJBs3nOw==
date: Thu, 05 Dec 2024 20:02:00 GMT
content-type: image/png
last-modified: Sun, 09 Jul 2023 08:02:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256

GET
H2 200 bot.png
d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/ 40 KB
40 KB 633ms
633ms Image
image/png 2600:9000:211e:6c00:7:3d38:fd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/bot.png
Requested by: Host: www.northernhillsfcu.org
URL: https://www.northernhillsfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:7:3d38:fd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 852408d9ce26fe913f3c3f7521933b00bc6f743ccdd1792bb4629f31d5e58647

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

x-amz-replication-status: FAILED
x-amz-version-id: QN4NHJry8cmRlq74gkofTe4lAtmJ.ZK2
etag: "8002d966e210185ff9388178841dc5b7"
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 40817
x-amz-cf-id: 6qiOPlJsQCcIh4F9IK-tRNrSqQ-gazee5fHdksLHqG6WoMmAjQKy0w==
date: Thu, 05 Dec 2024 20:02:00 GMT
content-type: image/png
last-modified: Sun, 09 Jul 2023 08:01:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256

GET
H2 200 es6-shim.min.js Show response
d2kc9bbovjrjt2.cloudfront.net/cdn/ Frame F0C5 56 KB
0 44ms
12ms Script
application/javascript 2600:9000:2057:2200:1a:3e6b:180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2kc9bbovjrjt2.cloudfront.net/cdn/es6-shim.min.js
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2200:1a:3e6b:180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
content-encoding: gzip
etag: W/"a95b94cf6b62062b328f415eff920b95"
age: 69683
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: UkIriyk_4WRBlpTxCfyn8BffYMYgNUb6KBAZkJOIejf4XvfKcksBPg==
date: Thu, 05 Dec 2024 00:40:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Dec 2021 16:27:06 GMT
access-control-allow-headers: Range
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3

GET
H2 200 ABCDiatype-Bold.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 35 KB
0 48ms
10ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Bold.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: p6n0Tc7r0wEfMmBNZniK6iv3yS2JNMXI
etag: "62347265ffc8d5bbfa1ab1f0237081fe"
age: 75463
x-cache: Hit from cloudfront
x-amz-cf-id: HkYMStZGb4wz9EN7m1L3CzSjltMbKruBfVtJ_DvNrkwik6QPQQrqHA==
date: Wed, 04 Dec 2024 23:06:19 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:56 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36284
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-BoldItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 37 KB
0 60ms
22ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-BoldItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: TzJZJR3VlreA2QEgEUmHqIYZ8NDQq42s
etag: "9e17597dd4da4bae980ecbef031bd8e4"
age: 42566
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: nBZjmyoRZF8rGsXRIcNjblxBXrLBM71WDvHgHKTsKp92GvEJ82ucsQ==
date: Thu, 05 Dec 2024 08:12:33 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:49 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37648
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-Medium.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 36 KB
0 50ms
12ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Medium.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: b2Ry6_xBTV0g9DZQoNx4HbovoYRjXObc
etag: "453362635b339393678d9a3ce1345a51"
age: 63434
x-cache: Hit from cloudfront
x-amz-cf-id: C_IJIy65-lamFzshoEyriInR_x7SWkN-3ET-XLYmjXnLr41bnEHG4g==
date: Thu, 05 Dec 2024 02:34:39 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:27:01 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37132
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-MediumItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 38 KB
0 48ms
10ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-MediumItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-expose-headers: *
x-amz-version-id: B4Kreqj0F121.fs2YNFtUTQm1eiQQ3Fb
etag: "151847173fa97d2904d66477d6c7e0f6"
age: 41418
x-cache: Hit from cloudfront
x-amz-cf-id: Q4T8OIa_A6nkGlp5mVqSvznHFYCD3Kiqgb7MzslYSL_9BZwvrapheg==
date: Thu, 05 Dec 2024 08:34:02 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:51 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38868
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-Regular.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 33 KB
0 46ms
8ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Regular.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: dRj2IfRkb_gzvWdiCgOACtTkkXxsQTiw
etag: "233ff3d5c1ae46bf97b9e45ca201d061"
age: 42566
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: E-0NULtmOnhPK6ox7ztoYDFfZ91TXMgPTHMHHEBm9MZ0JK_uPYZQlg==
date: Thu, 05 Dec 2024 08:12:33 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:54 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34196
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ABCDiatype-RegularItalic.woff2
doerd31l9oh9k.cloudfront.net/ABC-Diatype/ Frame F0C5 35 KB
0 50ms
13ms Font
binary/octet-stream 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-RegularItalic.woff2
Requested by: Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://text.northernhillsfcu.org
Referer: https://text.northernhillsfcu.org/

Response headers

access-control-max-age: 3000
x-amz-version-id: BufFa3sxJDDPPHe2Wn.wYZ5HH8oZCOpc
etag: "7b038158704a5c3f432bf27f238ac214"
age: 50077
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: B-ItjAWrtI3SuaUvQlq0hh7gRIXaBNonLiWaUXxqYEZxAGknnGsZxg==
date: Thu, 05 Dec 2024 06:08:05 GMT
content-type: binary/octet-stream
vary: accept-encoding
last-modified: Wed, 15 Feb 2023 08:26:48 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35956
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 304 vendor.6382f1a12722ba24146b.js Show response
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame F0C5 3 MB
516 B 9ms
9ms Script
application/javascript 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Requested by

Host: text.northernhillsfcu.org
URL: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-140.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8a0cbdcb9867acdd5543e3c8687a59777fcefdb6493d9349c86a75b263b15bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

If-None-Match: W/"220c47556e7a1e31b358cae5dc1f2c8a"
Referer: https://text.northernhillsfcu.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since: Sat, 30 Nov 2024 05:59:03 GMT

Response headers

x-amz-version-id: VOcBVOwd3u_r5R.UtMSxsCDncCeh6cEW
etag: W/"220c47556e7a1e31b358cae5dc1f2c8a"
age: 44930
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: FEBMqDAK3qobD17YNYUindBR1ArdjodnmcMjEsl76so5rqRts5VEpw==
date: Thu, 05 Dec 2024 07:34:25 GMT
last-modified: Sat, 30 Nov 2024 05:59:03 GMT
vary: accept-encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 304 chat.11af73265362ba7d96cc.js Show response
doerd31l9oh9k.cloudfront.net/react-apps/chat/ Frame F0C5 523 KB
519 B 9ms
8ms Script
application/javascript 3.160.156.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.11af73265362ba7d96cc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-140.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8f1bb1ff48ccb89fef965df3805b07349266f6aeffcf40968dec657776e04f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

If-None-Match: W/"3c7a3a456ccdfaa601d6281641d70eaa"
Referer: https://text.northernhillsfcu.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since: Sat, 30 Nov 2024 05:59:03 GMT

Response headers

x-amz-version-id: P82L6QpaIPovGsOZ4dAkhPQtNNGhY9W1
etag: W/"3c7a3a456ccdfaa601d6281641d70eaa"
age: 49380
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: UZ697JE1h_kGn2qGkBqFRmRUH-D_HAx017xK7jBJj-5cq-ZDoBmSMg==
date: Thu, 05 Dec 2024 06:18:58 GMT
last-modified: Sat, 30 Nov 2024 05:59:03 GMT
vary: accept-encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame C54B 0
0 31ms
30ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Lf6ihsUAAAAAGay7xhUEDKIoG-r2FTTFwbBqpPD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wll0IgkjRuuiIOopi5Hh6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wll0IgkjRuuiIOopi5Hh6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:01:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET 43364721-c772-454b-9e00-cc9cf361e5ec
https://text.northernhillsfcu.org/ Frame 0
0

GET
H2 403 get Show response
text.northernhillsfcu.org/messages/service/domain/settings/ Frame F0C5 0
195 B 152ms
152ms XHR
text/plain 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/domain/settings/get

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With: XMLHttpRequest
Accept-Language: en-US
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Elt-Session-Token: null

Response headers

referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 0
date: Thu, 05 Dec 2024 20:01:58 GMT
x-permitted-cross-domain-policies: none
server: envoy
x-content-type-options: nosniff

GET
H2 200 config Show response
text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/ Frame F0C5 3 KB
3 KB 159ms
159ms XHR
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/config

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

7a1f486b014b3b3f55863d2ee7b258634af33634f5edd842db308b59bb6a9d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With: XMLHttpRequest
Accept-Language: en-US
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Elt-Session-Token: null

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 8
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-eltropy-revision: 1.6.0
date: Thu, 05 Dec 2024 20:01:58 GMT
content-type: application/json; charset=utf-8
server: envoy

GET
H2 200 data Show response
text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/panels/ Frame F0C5 4 B
282 B 154ms
154ms XHR
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/panels/data?panelId=

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With: XMLHttpRequest
Accept-Language: en-US
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 1
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-eltropy-revision: 1.6.0
content-length: 4
date: Thu, 05 Dec 2024 20:01:58 GMT
content-type: application/json; charset=utf-8
server: envoy

GET
H2 200 CobrowseIO.js Show response
cobrowse.eltropy.com/sdk-js/ 708 KB
709 KB 723ms
344ms Script
application/javascript 44.236.114.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobrowse.eltropy.com/sdk-js/CobrowseIO.js

Requested by

Host: d1lvyn09g7nf92.cloudfront.net
URL: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.114.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-114-163.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9e41b3d8925655d8e671b40eba027f300c8209e7ccaa7ee16debc9ca34199bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: max-age=86400, public
etag: "66e20842-b0fa0"
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 20:01:59 GMT
accept-ranges: bytes
content-length: 724896
date: Thu, 05 Dec 2024 20:01:59 GMT
x-xss-protection: 0
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 21:14:42 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame F0C5 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9982b73789701a08a6224982a0a49e80b6e8263ebcb6e28f1217157c02b9c774

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 channelList Show response
text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/ Frame F0C5 252 B
533 B 182ms
182ms XHR
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/channelList?ccgId=86d82fb9-c72e-4706-b921-f263b2e7ac5b

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

255abc79ba9ed26afdfdd5280be5fe203c18775d260ad40ae1e8667c318da846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With: XMLHttpRequest
Accept-Language: en-US
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Elt-Session-Token: null

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 29
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-eltropy-revision: 1.6.0
content-length: 252
date: Thu, 05 Dec 2024 20:01:59 GMT
content-type: application/json; charset=utf-8
server: envoy

GET
H2 200 channelList Show response
text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/ Frame F0C5 252 B
533 B 366ms
183ms XHR
application/json 75.2.107.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://text.northernhillsfcu.org/messages/service/skillBasedRouting/widget/channelList?ccgId=86d82fb9-c72e-4706-b921-f263b2e7ac5b

Requested by

Host: doerd31l9oh9k.cloudfront.net
URL: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.6382f1a12722ba24146b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.107.178 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a2146d6390014e859.awsglobalaccelerator.com

Software

envoy /

Resource Hash

255abc79ba9ed26afdfdd5280be5fe203c18775d260ad40ae1e8667c318da846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://text.northernhillsfcu.org/chat/?domain=https%3A%2F%2Ftext.northernhillsfcu.org&domainId=99808253&botName=NHFCU+Support&engagementText=Let%27s+Chat&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252Felt-iva-resources-prod%252Fchat%252Fbot.png&color=%2F273e6b&textColor=%2Fffffff&cuName=undefined&integrationId=undefined&autoIdleResponse=Hello%21%2520If%2520you%2520have%2520questions%2520or%2520need%2520help%252C%2520please%2520feel%2520free%2520to%2520ask%2520here.%2520If%2520we%2520don%27t%2520hear%2520from%2520you%252C%2520the%2520session%2520will%2520close%2520automatically%2520in%2520sometime.%2520Thank%2520you%21&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=N&ratingHeader=How%2520was%2520your%2520experience%253F&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520likely%2520are%2520you%2520to%2520recommend%2520this%2520service%253F&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F6b9a13&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
X-Requested-With: XMLHttpRequest
Accept-Language: en-US
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time: 30
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-eltropy-revision: 1.6.0
content-length: 252
date: Thu, 05 Dec 2024 20:01:59 GMT
content-type: application/json; charset=utf-8
server: envoy

OPTIONS
H2 204 95d3ac20-1a39-450e-a1ae-6dfc1d95c99b
cobrowse.eltropy.com/api/1/devices/ Frame 0
0 515ms
172ms Preflight 44.236.114.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobrowse.eltropy.com/api/1/devices/95d3ac20-1a39-450e-a1ae-6dfc1d95c99b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.114.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-114-163.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000000
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cobrowseapiversion,x-cobrowsedevice,x-cobrowselicense,x-cobrowseplatform,x-cobrowsesdkversion
Access-Control-Request-Method: PUT
Origin: https://www.northernhillsfcu.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cobrowseapiversion,x-cobrowsedevice,x-cobrowselicense,x-cobrowseplatform,x-cobrowsesdkversion
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-resource-policy: cross-origin
date: Thu, 05 Dec 2024 20:02:00 GMT
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=7776000000
vary: Access-Control-Request-Headers
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

PUT
H2 200 95d3ac20-1a39-450e-a1ae-6dfc1d95c99b Show response
cobrowse.eltropy.com/api/1/devices/ 1 KB
2 KB 190ms
189ms Fetch
application/json 44.236.114.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobrowse.eltropy.com/api/1/devices/95d3ac20-1a39-450e-a1ae-6dfc1d95c99b

Requested by

Host: cobrowse.eltropy.com
URL: https://cobrowse.eltropy.com/sdk-js/CobrowseIO.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.114.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-114-163.us-west-2.compute.amazonaws.com

Software

Resource Hash

2e02aa8b2f97a9cd2e47c8afe1252fce6cf657ab386bc9b70792e20dc01faadc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000000
X-Xss-Protection	0

Request headers

X-CobrowseDevice: 95d3ac20-1a39-450e-a1ae-6dfc1d95c99b
Referer: https://www.northernhillsfcu.org/
X-CobrowseLicense: 6zTBIH1QLvVJUg
X-CobrowseAPIVersion: 1.2.0
X-CobrowseSDKVersion: 2.43.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
X-CobrowsePlatform: web

Response headers

content-encoding: gzip
etag: W/"573-HlmjJ3A87VcljE53ybnPe0NppSs"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
expires: 0
date: Thu, 05 Dec 2024 20:02:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=7776000000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache, no-store, must-revalidate
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LK66BDLH9D&gtm=45je4c30v867682537za200zb9177002682&_p=1733428915181&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&gdid=dZGIzZG&cid=1287397633.1733428916&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733428915&sct=1&seg=0&dl=https%3A%2F%2Fwww.northernhillsfcu.org%2F&dt=Northern%20Hills%20Federal%20Credit%20Union&en=scroll&ep.forceSSL=true&epn.percent_scrolled=90&_et=3&tfd=8244
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LK66BDLH9D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.northernhillsfcu.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 20:02:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 cookie_ready.html
secure.checkout.visa.com/resources/html/cookie_health/ Frame F7B7 0
0 271ms
241ms Document
text/html 104.19.209.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checkout.visa.com/resources/html/cookie_health/cookie_ready.html?parentUrl=https://www.northernhillsfcu.org

Requested by

Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/assets/integration/v1/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.209.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ed6a1b7eb523644-FRA
content-encoding: br
content-type: text/html
date: Thu, 05 Dec 2024 20:02:04 GMT
last-modified: Mon, 25 Nov 2024 18:43:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 9ms
8ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "6d0ca67bea866259c359c2d1e93bf622"
age: 2895
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4054
date: Thu, 05 Dec 2024 20:02:04 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 187F 0
0 59ms
31ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.northernhillsfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.0cd53e17.1733428924.6898ee3c
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 05 Dec 2024 20:02:04 GMT
pinterest-version: 75a2e463490b354f0da2ed063acf1bba859f459b
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1099416635639261
x-pinterest-rid-128bit: 0a2a711c6f6f80d79893200d32550fd6

GET
H2 200 nh-favicon-125x125.png
www.northernhillsfcu.org/wp-content/uploads/2024/08/ 7 KB
7 KB 122ms
121ms Other
image/png 216.206.109.129
WESCO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northernhillsfcu.org/wp-content/uploads/2024/08/nh-favicon-125x125.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.206.109.129 , United States, ASN19031 (WESCO, US),
Reverse DNS: webhost11kwd01.web.cubase.org
Software: nginx / PleskLin
Resource Hash: 5e43ca83ae731a1cc9e56a978b97ea255fd03e8b9f2d8aee1e07d0e0335b6006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.northernhillsfcu.org/

Response headers

etag: "66cf80ef-1d3b"
accept-ranges: bytes
content-length: 7483
date: Thu, 05 Dec 2024 20:02:04 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 19:56:31 GMT
server: nginx
x-powered-by: PleskLin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.northernhillsfcu.org
URL: blob:https://www.northernhillsfcu.org/cb2d0ca8-31f0-45d4-95e6-ddbd4ff02752

Domain: text.northernhillsfcu.org
URL: blob:https://text.northernhillsfcu.org/43364721-c772-454b-9e00-cc9cf361e5ec

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: 557c3d2be59ffe1641131caf94d76e138239c9dc-1733428914
.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 9DBa93DJWXjBMHGtF1yNu5AN9GT38CoXZm02s9D_90Q-1733428914842-0.0.1.1-604800000
.northernhillsfcu.org/	1970-01-21 03:40:04	Name: _gcl_au Value: 1.1.136328158.1733428915
.northernhillsfcu.org/	1970-01-21 11:06:28	Name: _ga Value: GA1.1.1287397633.1733428916
.northernhillsfcu.org/	1970-01-21 11:06:28	Name: _ga_LK66BDLH9D Value: GS1.1.1733428915.1.0.1733428915.0.0.0
.doubleclick.net/	1970-01-21 05:49:40	Name: receive-cookie-deprecation Value: 1
.tiktok.com/	1970-01-21 10:52:04	Name: _ttp Value: 2poOMmnTKvdfMgMdz2KMuri1HFh
.doubleclick.net/	1970-01-21 02:13:40	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 10:52:04	Name: IDE Value: AHWqTUkwYSN3CRocxP9z74dVUmZA8kh2GzrxBYAYvX4S0Wbb4Q1is-j3vGj4lL4L
.pinterest.com/	1970-01-21 10:16:04	Name: ar_debug Value: 1
.northernhillsfcu.org/	1970-01-21 10:52:04	Name: _tt_enable_cookie Value: 1
.northernhillsfcu.org/	1970-01-21 10:52:04	Name: _ttp Value: DPppSIzv5dT__E4YKfB77z2mJyq.tt.1
.northernhillsfcu.org/	1970-01-21 10:16:04	Name: _pin_unauth Value: dWlkPU5qQTVZbUl4WldFdE5XRTJPUzAwTXpBeExXRTNOelF0TmpjeE1EazJZelZrTWpZNQ
.northernhillsfcu.org/	1970-01-21 03:40:04	Name: _fbp Value: fb.1.1733428915732.419320498697949742
.ct.pinterest.com/	1970-01-21 10:16:04	Name: _pinterest_ct_ua Value: "TWc9PSZLVnlQV1VWdDVTSEVuQUJ1aHhMRkhITmpndmY2eDZRL3hUNVl2QytUV3UvSStvSjRuZUt4ZDVNWjNGQmhXOFRKVkJxU3crV1VEckJtS3dhQ3NJdkNmSkxCRkkxalhpdllLa3dCSUdnNjdKaz0mQ3huZ0dZZ29KR3RUMUpKUUhVTWF6TVlTRElvPQ=="
.google.com/	1970-01-21 05:54:00	Name: NID Value: 519=UJxGkoJsfJ5XSBNTs1QQ656ILVhXjrIXxHf_78UrMVMG7_2in9nyR9ytI88fwlVOm4lE-ko2SJudwJBtYn6hGjWrHtWyCqNelnvBUbdCkcSlrS6kmctwl7RD8L6D2BwTtKm2K8mQ9JEOlfQvIfP6EXeZvizOvaY6mT_3pMHESSqXyRj8
.sitescout.com/	1970-01-21 10:16:04	Name: ssi Value: 5600eb43-005b-4f2d-a54b-be3750d26677#1733428916236
.sitescout.com/	1970-01-21 02:13:40	Name: _ssuma Value: eyIyIjoxNzMzNDI4OTE2MjUzLCI0IjoxNzMzNDI4OTE2MjUzLCIzOSI6MTczMzQyODkxNjI1MywiNyI6MTczMzQyODkxNjI1MywiOCI6MTczMzQyODkxNjI1M30
attribution.sitescout.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.tapad.com/	1970-01-21 02:56:52	Name: TapAd_TS Value: 1733428916420
.tapad.com/	1970-01-21 02:56:52	Name: TapAd_DID Value: 2af50dca-743a-48f4-9493-e6750e198a8a
.demdex.net/	1970-01-21 05:49:40	Name: demdex Value: 20157159597278014261893545379232241451
.tapad.com/	1970-01-21 02:56:52	Name: TapAd_3WAY_SYNCS Value:
.dpm.demdex.net/	1970-01-21 05:49:40	Name: dpm Value: 20157159597278014261893545379232241451

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://text.northernhillsfcu.org/messages/service/domain/settings/get Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8427567.fls.doubleclick.net
ajax.googleapis.com
analytics.tiktok.com
attribution.sitescout.com
cobrowse.eltropy.com
code.jquery.com
connect.facebook.net
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
d1lvyn09g7nf92.cloudfront.net
d2kc9bbovjrjt2.cloudfront.net
doerd31l9oh9k.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
nexus.ensighten.com
northernhillsfederal.com
pixel-sync.sitescout.com
pixel.sitescout.com
region1.google-analytics.com
s.pinimg.com
secure.checkout.visa.com
text.northernhillsfcu.org
up.pixel.ad
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.itsme247.com
www.northernhillsfcu.org
text.northernhillsfcu.org
www.northernhillsfcu.org
104.19.208.81
104.19.209.81
142.250.181.227
142.250.185.131
142.250.185.164
142.250.185.70
151.101.0.84
151.101.192.84
157.240.0.35
157.240.0.6
18.245.36.129
2.19.224.184
2.21.20.12
2001:4860:4802:32::36
216.206.109.129
2600:9000:2057:2200:1a:3e6b:180:21
2600:9000:206f:d600:2:8f43:5780:93a1
2600:9000:211e:6c00:7:3d38:fd80:21
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a04:4e42:200::84
2a04:4e42:600::649
3.160.156.140
34.36.216.150
41.63.96.130
44.236.114.163
52.223.40.198
63.150.21.23
65.9.66.103
75.2.107.178
98.98.135.24
04d3ded46697aaf59d6b0a0efd592b4fc9ab73fe3c0db49b44c104482e3fbe39
05d19d30d21f9a7c0d7fc3d3f3f845d80e072844e813606e6df4b4310df401f1
0a04f1d51671022ea2b808a45e182481b9da3bc95ada8cc47d93e67a0b6b15c6
0b8ffaa7c45831d22e7f5fbafbf6f9492625eff743a65e28f6aacffa41b3273b
0c471bb5cc2fdbdf9fe9e15866eea8cc8b0c41500e6850c1ca0e1c755e66d883
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e8605b027b006462de740ba8b5203aa5def76846eeaa726cb282660e41f7380
126be80b61491a90d658e16a866732d9aa78059a168e6d450fb911acdd8ab10a
1307fbc32a62b66eb55afcc457c776759cbbef880fee985fc411f03a53ad5a73
13345c70af090d27a3e860deaf5c4b4dbbdcc04282dccbc1a35ff92836414a5a
19ea054ef724bfa2a99e2fb14ed87108f0ccb6e8e6214224894191b68450c16c
1a3a3d18f73adf10ba5eb3ddf015a13eba5074b16579503b6dd4935f2bcbfb51
1a561273be2e930474e4f7845daf1a7ad0c782f7a16db85dcb880f15f7bf3eb6
1dd2017377fa038ac26e5d266294c30e03796c399e82dec9970eaf2d1f33fe4a
1f80e6b33604a220dc354d5efbe1958827ced1aca779688a8372188b59454f15
255abc79ba9ed26afdfdd5280be5fe203c18775d260ad40ae1e8667c318da846
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2e02aa8b2f97a9cd2e47c8afe1252fce6cf657ab386bc9b70792e20dc01faadc
31f5fd75ab072f6c1d1baf4a70ebed2b3f8454a9e8f58e1a8468477a5c89df24
32fc0ff1e18828bf2ce40723b6ba5d07b0ec049009946a5c6a9ffe7ebc12880b
35661643895a20fc68b7b3d80c8823449b372b7cc2b92161a1a4b820ee490423
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3ca11cf9ca00fd5a1e8ed8a901d790bf273e188bfa76d5cc57f6aeebb2d5a42a
3f7ef4033df9d37ad65d65f42b7eb9f3552fb2b54dafb607c7b93d49b455f10e
3ffe7cae057c83d8b2cf00f4b3a6a895ea79f87703772ab5f3a7364887da1c40
44505d1388939826ce4d530680e53b5a141cb10de09360c5082da1df5e9a8ad4
48d227fa4ab633e7006df563273acc5ba16996eb45d1a309f1970e063b4b8512
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f3bf1df53c54a2f46c92de82dc07844ba86023b5ed9d5db50ce15f5c78f9e3c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
5a04980e5411ea6cf08102a6b70305e94b0687c65c0132323444b2849af7cabc
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2
5c71c4b2e5e52305b900b8a34f8a7c79719b5fd0153d4d4908ffdfa651d484d1
5e43ca83ae731a1cc9e56a978b97ea255fd03e8b9f2d8aee1e07d0e0335b6006
5f8f330733b831cf3aebf06c320ee2ab49ef8f0f75b3970342f9264307a4d916
60185ba5f328c91103a2b7e6d798841923c2ff50b9c38f7c1a1d10d9121c0a98
618c28e9d224f8b647a525e67192b6c944c620f445ff4f677d9ad7c6318f71a3
61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a
6340eeec1584be5ab457b30c9736f0820c777a28dfdeb2b26923b7c6ed51cca8
638b03fe5fbf962578b945ae0edfb1f76d6df832fb1c2e8ad3937d75fb08e925
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
679b368b7dd3e0fcb9dd43719897bd856923b0f1892530741da4612d1f9f4d4c
698d15cfcc6bd355c293133fa19321454af311704634cce2ebb8168614f4b92e
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
6f69e3dbd8180b4842af56ffba542226927c2463f9b43b7775ea87c5a219838d
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7790882b18f7b3e10750f4474dc1a13150a2ef8510ef4c2e3e52c5d5f776db87
7851b76b2f379bfa2a87ec2d417cd0e082c03433b26ebc5fda0d778b59a24711
79ee52fe9dfe9e84490926045a4c93a44b4e22a499c567214e2b0c7992d1e397
7a1f486b014b3b3f55863d2ee7b258634af33634f5edd842db308b59bb6a9d34
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb
852408d9ce26fe913f3c3f7521933b00bc6f743ccdd1792bb4629f31d5e58647
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35
8dad7719440832575303bc828f1f1a7be54fdc490940e9437b6b319f478a5fc9
8f1bb1ff48ccb89fef965df3805b07349266f6aeffcf40968dec657776e04f0c
9702ed6207153ea3b79048a51c0475edb6c9c690c9606a4da360e4e65eb32aba
991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725
9982b73789701a08a6224982a0a49e80b6e8263ebcb6e28f1217157c02b9c774
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3
9dc42404533c84125d4a1b268d9b3830b6f881b4ca29e842f1b4b00e287123d8
9e41b3d8925655d8e671b40eba027f300c8209e7ccaa7ee16debc9ca34199bb3
9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a3ac227bf769163052d58935cde3e8bb79ade0e1c28447ab3452d83edef2e6a7
a4bb38b240a5b50b6fa3134c3fc8b8564a6577fe3c966045f615c61e28e75a52
a9709ba3f8a6afbde7000e851f73b1bfce2ace6d87a99f412690414380a3fbea
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c
b81a52545b2990813bee9456b42381aac4e4fdd7728b39bcf7361ce4e4e73f53
b9204d2d276fcc4f3e30eccc70e37d54ae7d277a88c7d3beab6b80879bf428ad
bbcc05ca312b1fb262c530acc889e63f274bb97db4fd10cb122a451404bd6501
bfd54c6fea19dfa08f294cf96da218ecb3d7c50d26505310fd6d210c9e461384
c06afecee578b87fed95cc30d21eeea398bd6d47a09199b4172be9d3f77c9edd
c10726a8f825e27588395cce7b23ceca441ca507b622a50e6ce8033fb78e8974
c2653018362163ff670ed014c61de2dc3347ea022e345be0a0da24b007efaea0
c2b6e0149672d4b97529f3e288d16449ba18d7d0f3cddaba6b568732e53db20a
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c5fafb4c5bbaa94b18b181cb7ec95147810249b3220981d77a978541ab9ec9b0
c91cc03646bded75dacf4da85776f52300ccb482cc52c619e8f173dac3596e8a
caa72994170d22039355983406708efe607928c967f7209abb57d5496b6a6d04
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbbdd18c1e746a2574e758a2cd4bea342d34e53fbd2274ccd7a355dc2410317b
cf1aa9163953fb477fe5cf452229042578738fa9e600c6ef64c47e4635ba78c2
d2110941938fa4f3cdb17b7e77fe553aa7aea44119bd036e987d63fc1830a21a
d2c43f59b4625aa8911d2baa6b3a8863e0f3de6fad9ec5a833704c50c007e626
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d944c5f3ba31dfb8e58a26149edf5d3a2a25af059464b61a178482963fe044cd
dc699951ac63a66264d0a33df63389f8682df8f1ffa89457990a459a37675980
e2662ed99cecdf01fc83e898b5c9ede799eedc0fffd79aa218e0e48cb58bdddf
e3238cec2ac4d7dad3d433bd928a96fd653d63ef6650dc95a039c80fc3e9427a
e34ba12447ed9428aa3ac0bf25b2f7e591d5eb6ac1dc65f0f5e72ad32b467083
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80cfc6df2f882813f88dcf1175bc0c47e13c0cd8517bc240a65ee6cc758b0f2
e8a0cbdcb9867acdd5543e3c8687a59777fcefdb6493d9349c86a75b263b15bb
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
eb408bc52d70717b0eeca34dd12fb4daec32bdd836d7435c2ae44718af3cff6e
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f56bfb08e217c4f1fecda66a2fe4a574cb2edee121c0aa4e3dab7fb02cd12ef7
f5f880f0d26d392aa7a84872487faa811982215160c4bba9416f389f7aef21a7
f600cf5cf2ce9547653c5c2a31bd31ca22ba0d1b5f9f2adc5247b63a456194e9
f7cae98992654404694c8f2d95b76965dc27b47c69feebe2790215007afa9548
f8c7753054c0c0de33cc2305238279ca51efa6095b9e1360ae62509493d90854
fb937756a2bb58d366f1d300b9bbe87f6889a7c428bd52715efc0df3b56d3e54
fd02ffc054bdb74d7dd3af75fb890816bc85720099a01244730da7a3be97aab9
fdb40be44bf922f6c38dff7839b2abea1408d08c446314c38e59d06415f11573
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.northernhillsfcu.org Open in urlscan Pro 216.206.109.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

98 %HTTPS

28 %IPv6

22 Domains

30 Subdomains

32 IPs

4 Countries

6182 kBTransfer

15744 kBSize

24 Cookies

10 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.northernhillsfcu.org Open in urlscan Pro
216.206.109.129 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

98 %
HTTPS

28 %
IPv6

22
Domains

30
Subdomains

32
IPs

4
Countries

6182 kB
Transfer

15744 kB
Size

24
Cookies

150 HTTP transactions
1 data transactions