mycardrewards.bfsfcu.org Open in urlscan Pro
3.217.197.93  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mycardrewards.bfsfcu.org/	2 KB 2 KB	377ms 108ms	Document text/html	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mycardrewards.bfsfcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 018ae146d54dad689c7ac4f4197bb124f387b6ab47512bb5096fb17c49c5faec Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 1649 Content-Type text/html; charset=UTF-8 Date Tue, 16 Jan 2024 22:22:03 GMT Keep-Alive timeout=5, max=100 Server Apache Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-XSS-Protection 1; mode=block accept-ranges bytes access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate expires 0 last-modified Wed, 10 Jan 2024 02:22:53 GMT pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:03 GMT surrogate-control no-store vary Origin x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H/1.1	200 OK	runtime.c49147f0eb5adb3f92f7.js Show response mycardrewards.bfsfcu.org/	6 KB 7 KB	106ms 105ms	Script application/javascript	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mycardrewards.bfsfcu.org/runtime.c49147f0eb5adb3f92f7.js Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://mycardrewards.bfsfcu.org/ Origin https://mycardrewards.bfsfcu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:03 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 6263 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:03 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=99 expires 0
GET H/1.1	200 OK	polyfills.js Show response mycardrewards.bfsfcu.org/	386 KB 387 KB	212ms 105ms	Script application/javascript	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mycardrewards.bfsfcu.org/polyfills.js Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 8c98fbb31aff6e7bcbb78ef6d98a2ac16ea9f1f3f349b29c2e4d78a0776daf73 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://mycardrewards.bfsfcu.org/ Origin https://mycardrewards.bfsfcu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:03 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 395382 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:03 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=98 expires 0
GET H/1.1	200 OK	main.js Show response mycardrewards.bfsfcu.org/	11 MB 11 MB	309ms 109ms	Script application/javascript	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mycardrewards.bfsfcu.org/main.js Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash eee8647a34a4bd2bdcd8e66df04455b461c27e79d802ebc1427c7ed885ccda95 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://mycardrewards.bfsfcu.org/ Origin https://mycardrewards.bfsfcu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:03 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 11307371 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:03 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=100 expires 0
GET H2	200	url Show response services.augeofi.com/phoenix/v1/	1019 B 2 KB	531ms 454ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/url?location=https%3A%2F%2Fmycardrewards.bfsfcu.org%2F Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e8bca206f21e253f54c6713b1d684d5a18972d87d73abd6c3e8667c37df0fec4 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:06 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 1019 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:06.503328Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id 6Rymd-wZYB3qIZHXHyKN4DmgVLeiDRB51Li6RcKOXG7dFIYc_Z92OQ== expires 0
GET H2	200	docs Show response services.augeofi.com/phoenix/v1/program/BKFD-BKFD/	101 KB 102 KB	593ms 592ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD/docs Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d376f09945e63dfb3a86d414b920be5bf4e88ad034d41d831259db590adda4b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 103051 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.012903Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id qRp2fq6gySFpVoSP5C0Q88y1GTSASs2jxKhystKDbDeJ__952dpcGw== expires 0
GET H2	200	emailengagement Show response services.augeofi.com/phoenix/v1/program/BKFD-BKFD/feature/	306 B 1 KB	423ms 423ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD/feature/emailengagement Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5942ccf5ef8fb4f9e246ccec1eabd9b4fce8a464a9e8244eb916ef39f6aeae95 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:06 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 306 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:06.945579Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id 78KiUDUqzpi1IRhEYheYMqyQRBv-iyKw-WQqnY4lNX0XoA5JtCXH9Q== expires 0
GET H2	200	BKFD-BKFD Show response services.augeofi.com/phoenix/v1/branding/	2 KB 3 KB	419ms 419ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/branding/BKFD-BKFD Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 48ef1ced1c86acc62c37b8ac65b01ebdd3ebc10fdd0ec338ccdec70235af14ea Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:06 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 1655 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:06.941100Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id ln7thWz2QWL-N0Wu1Mh1-HCx-9xdtQJcMHlfctojoZChn1eXkuocaw== expires 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	48ms 13ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 16 Jan 2024 21:26:37 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3330 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 16 Jan 2024 23:26:37 GMT
GET H2	200	BKFD-BKFD Show response services.augeofi.com/phoenix/v1/program/	2 KB 3 KB	422ms 422ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c174521c9a552011f773215f5e4db058e6472861456e57e8fa04c32441dea601 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 1641 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.743393Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id _NIM98wnfOii3itcrR7zGUa8SMKALW4zYmmSJSTGppyzkWP6DMucyQ== expires 0
GET H2	200	shopandearn Show response services.augeofi.com/phoenix/v1/program/BKFD-BKFD/feature/	274 B 1 KB	414ms 414ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD/feature/shopandearn Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d7c10e5eb98f370eaa36de0ab67db4cae10ec7d53450c9601ec4bcc7c2df261f Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 274 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.735243Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id jJFIT6_h9G-Kh-Qux0G5dnKesVfXIoCH-GtDuM5pJfcjw2MKSIlLlA== expires 0
GET H2	200	sitemap Show response services.augeofi.com/phoenix/v1/program/BKFD-BKFD/	4 KB 5 KB	415ms 415ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD/sitemap Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bce12dcb6261c204f79742e54aa7ac812730b656ad86a1ee5ef6da6a4fa83b8d Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 4455 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.735750Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id 4_Pn9kSSxkGay7l4kw1zR-nRMHaLmMrCEnvl4WUv9Hu5whjWJYFFpQ== expires 0
GET H2	200	homepage Show response services.augeofi.com/phoenix/v1/branding/BKFD-BKFD/pages/	767 B 2 KB	416ms 416ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/branding/BKFD-BKFD/pages/homepage Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a3dd0b6fb241d36709af2160ba7a8f18ecb26fa2659a72d9c5ff4ba16b7991af Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 767 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.737028Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id WSGny8F8YJNLIXsGJEb4QDBZUs8OPBI8FYdd6HRfP-w9QyIJZPg66A== expires 0
GET H2	200	docs Show response services.augeofi.com/phoenix/v1/program/BKFD-BKFD/	101 KB 102 KB	568ms 567ms	XHR application/json	2600:9000:225b:3200:e:c588:bc80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://services.augeofi.com/phoenix/v1/program/BKFD-BKFD/docs Requested by Host: mycardrewards.bfsfcu.org URL: https://mycardrewards.bfsfcu.org/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:3200:e:c588:bc80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d376f09945e63dfb3a86d414b920be5bf4e88ad034d41d831259db590adda4b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-length 103051 x-xss-protection 1; mode=block pragma no-cache serverutctime 2024-01-16T22:22:07.785157Z vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-amz-cf-id CCnMS5_cwTVXI1vlmQnd9naSN3yZwQsStDSxn9GQR5pAp89NvG_FKQ== expires 0
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 227 B	20ms 20ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=70001605&t=pageview&_s=1&dl=https%3A%2F%2Fmycardrewards.bfsfcu.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=DreamPoints&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1074089756&gjid=1159927554&cid=575712823.1705443727&tid=UA-195640804-1&_gid=1157365681.1705443727&_r=1&_slc=1&z=1503848729 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e5a933cd2877821029cab2e241e2b2e7598da0b79afe358656730bc4cf8abfd9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mycardrewards.bfsfcu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Jan 2024 22:22:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	230 KB 82 KB	63ms 29ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NPT2X9YCHN&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4540df10c01d398133294e36dbb8e84faee8895acd04f3030576d43b89b495cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 22:22:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83380 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 Jan 2024 22:22:07 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 260 B	46ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-NPT2X9YCHN&gtm=45je41a0v9133782943&_p=1705443727459&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=575712823.1705443727&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fmycardrewards.bfsfcu.org%2F&dp=%2F&dt=DreamPoints&sid=1705443727&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4545 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NPT2X9YCHN&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Tue, 16 Jan 2024 22:22:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mycardrewards.bfsfcu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	1622728429c9870c5.png img.dreampoints.com/drmp/	17 KB 17 KB	635ms 109ms	Image image/png	3.215.113.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dreampoints.com/drmp/1622728429c9870c5.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.113.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-113-10.compute-1.amazonaws.com Software Apache / Resource Hash cc13d0d44fd6a68d3016a678ea71b06bc1c06aabfaef95e973ef55a9e9255780 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Last-Modified Thu, 03 Jun 2021 13:53:49 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 17276 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	16227284310c5bbe0.png img.dreampoints.com/drmp/	21 KB 21 KB	653ms 107ms	Image image/png	3.215.113.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dreampoints.com/drmp/16227284310c5bbe0.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.113.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-113-10.compute-1.amazonaws.com Software Apache / Resource Hash 7c869f1d34921aae059d492230ba086e7b1798fc89e6816035b597703a597e80 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Last-Modified Thu, 03 Jun 2021 13:53:51 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21291 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	black.png mycardrewards.bfsfcu.org/assets/buttons/	5 KB 5 KB	106ms 106ms	Image image/png	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mycardrewards.bfsfcu.org/assets/buttons/black.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 8052b3b7caab4686319847f21aaa639efe035a57371ca64759bf894971319123 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 4772 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:08 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type image/png access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=99 expires 0
GET H/1.1	200 OK	fuel.png mycardrewards.bfsfcu.org/assets/	160 KB 160 KB	107ms 107ms	Image image/png	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mycardrewards.bfsfcu.org/assets/fuel.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 779777e2ae9edc6d9e07aa22ca569e20f0069aba9d0543c93ab43416b01c9e60 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 163590 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:08 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type image/png access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=97 expires 0
GET H/1.1	200 OK	dining.png mycardrewards.bfsfcu.org/assets/	200 KB 200 KB	111ms 110ms	Image image/png	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mycardrewards.bfsfcu.org/assets/dining.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash fdaef0a7a862e2821ef713d31cf45fb6fe2f551f80b79096cdd7505d361ed511 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 204503 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:08 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type image/png access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=100 expires 0
GET H/1.1	200 OK	retail.png mycardrewards.bfsfcu.org/assets/	209 KB 209 KB	212ms 106ms	Image image/png	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mycardrewards.bfsfcu.org/assets/retail.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash d9eb56ff97cbbbf9fa8c9cd56fce0a8e0ec5e02bf4d816e0bcd548d954e0b853 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 213661 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:08 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type image/png access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=98 expires 0
GET H/1.1	200 OK	apple.png mycardrewards.bfsfcu.org/assets/	328 KB 329 KB	307ms 107ms	Image image/png	3.217.197.93 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mycardrewards.bfsfcu.org/assets/apple.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.197.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-197-93.compute-1.amazonaws.com Software Apache / Resource Hash 2426b3f27fd852511870c9e21b66bedcc88fb50c6ed6b470901a302aa28efb8c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff surrogate-control no-store Connection Keep-Alive Content-Length 336296 X-XSS-Protection 1; mode=block, 1; mode=block pragma no-cache serverutctime Tue, 16 Jan 2024 22:22:08 GMT Server Apache last-modified Tue, 09 Jan 2024 21:35:15 GMT x-frame-options DENY vary Origin Content-Type image/png access-control-allow-origin * cache-control no-store, max-age=0, must-revalidate accept-ranges bytes Keep-Alive timeout=5, max=100 expires 0
GET H/1.1	200 OK	1629990603e275159.jpg img.dreampoints.com/drmp/	266 KB 266 KB	657ms 109ms	Image image/jpeg	3.215.113.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dreampoints.com/drmp/1629990603e275159.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.113.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-113-10.compute-1.amazonaws.com Software Apache / Resource Hash 658a0a261754600b49cf0b8681a14ec28f5d44b74226d20fdb9dba79605c1753 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Last-Modified Thu, 26 Aug 2021 15:10:03 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 272157 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	16299906046fa5313.jpg img.dreampoints.com/drmp/	431 KB 432 KB	812ms 108ms	Image image/jpeg	3.215.113.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dreampoints.com/drmp/16299906046fa5313.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.113.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-113-10.compute-1.amazonaws.com Software Apache / Resource Hash d9700e17462f56c0f79bab7aca8f46edf4adfec10ab9abcb84d368b2515e39ce Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Last-Modified Thu, 26 Aug 2021 15:10:04 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 441488 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	1629990601963477c.jpg img.dreampoints.com/drmp/	218 KB 218 KB	824ms 117ms	Image image/jpeg	3.215.113.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dreampoints.com/drmp/1629990601963477c.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.113.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-113-10.compute-1.amazonaws.com Software Apache / Resource Hash 7243d903a3fb37f12bc5350703b3d00b29b28879c403d62e1190e3b477ed8a26 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mycardrewards.bfsfcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 22:22:08 GMT Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Last-Modified Thu, 26 Aug 2021 15:10:01 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 223084 X-XSS-Protection 1; mode=block

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _process$env$DOMAIN_HOSTS string| _process$env$BASE_URL string| _process$env$SERVICE_URL string| _process$env$SERVICE_PROVIDER string| _process$env$ENABLE_EXPERIMENTAL_FEATURES object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bfsfcu.org/	1970-01-21 03:20:03	Name: _ga Value: GA1.2.575712823.1705443727
			.bfsfcu.org/	1970-01-20 17:45:30	Name: _gid Value: GA1.2.1157365681.1705443727
			.bfsfcu.org/	1970-01-20 17:44:03	Name: _gat Value: 1
			.bfsfcu.org/	1970-01-21 03:20:03	Name: _ga_NPT2X9YCHN Value: GS1.2.1705443727.1.0.1705443727.0.0.0
			services.augeofi.com/	1970-01-20 17:54:08	Name: AWSALBCORS Value: k6v9/rgNlYjzhrLbYnuO2R91EYPxSEegx7OxjVpZANRPJqt8T6dwc8a9e+E/ui4jZR2WrjsmiOOrQcrZZYH+6zunxsZR8IiZp9R8YRUkMwyCybxkr73TNt8Z+3/8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.dreampoints.com
mycardrewards.bfsfcu.org
region1.google-analytics.com
services.augeofi.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2600:9000:225b:3200:e:c588:bc80:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:831::2008
3.215.113.10
3.217.197.93
018ae146d54dad689c7ac4f4197bb124f387b6ab47512bb5096fb17c49c5faec
2426b3f27fd852511870c9e21b66bedcc88fb50c6ed6b470901a302aa28efb8c
4540df10c01d398133294e36dbb8e84faee8895acd04f3030576d43b89b495cf
48ef1ced1c86acc62c37b8ac65b01ebdd3ebc10fdd0ec338ccdec70235af14ea
5942ccf5ef8fb4f9e246ccec1eabd9b4fce8a464a9e8244eb916ef39f6aeae95
658a0a261754600b49cf0b8681a14ec28f5d44b74226d20fdb9dba79605c1753
7243d903a3fb37f12bc5350703b3d00b29b28879c403d62e1190e3b477ed8a26
779777e2ae9edc6d9e07aa22ca569e20f0069aba9d0543c93ab43416b01c9e60
7c869f1d34921aae059d492230ba086e7b1798fc89e6816035b597703a597e80
8052b3b7caab4686319847f21aaa639efe035a57371ca64759bf894971319123
82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900
8c98fbb31aff6e7bcbb78ef6d98a2ac16ea9f1f3f349b29c2e4d78a0776daf73
a3dd0b6fb241d36709af2160ba7a8f18ecb26fa2659a72d9c5ff4ba16b7991af
bce12dcb6261c204f79742e54aa7ac812730b656ad86a1ee5ef6da6a4fa83b8d
c174521c9a552011f773215f5e4db058e6472861456e57e8fa04c32441dea601
cc13d0d44fd6a68d3016a678ea71b06bc1c06aabfaef95e973ef55a9e9255780
d376f09945e63dfb3a86d414b920be5bf4e88ad034d41d831259db590adda4b2
d7c10e5eb98f370eaa36de0ab67db4cae10ec7d53450c9601ec4bcc7c2df261f
d9700e17462f56c0f79bab7aca8f46edf4adfec10ab9abcb84d368b2515e39ce
d9eb56ff97cbbbf9fa8c9cd56fce0a8e0ec5e02bf4d816e0bcd548d954e0b853
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a933cd2877821029cab2e241e2b2e7598da0b79afe358656730bc4cf8abfd9
e8bca206f21e253f54c6713b1d684d5a18972d87d73abd6c3e8667c37df0fec4
eee8647a34a4bd2bdcd8e66df04455b461c27e79d802ebc1427c7ed885ccda95
fdaef0a7a862e2821ef713d31cf45fb6fe2f551f80b79096cdd7505d361ed511