app.usfcr.com Open in urlscan Pro
13.225.230.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ec2-54-189-84-127.us-west-2.compute.amazonaws.com/x/d?c=18635655&l=26a07d06-1d46-4484-9a5c-abcdf8ac3148&r=183d7b60-72b1-4172-9533-3a341c3d9469
Effective URL:
https://app.usfcr.com/
Submission: On January 19 via api (January 19th 2022, 8:41:42 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 13.225.230.42, located in United States and belongs to AMAZON-02, US. The main domain is app.usfcr.com.
TLS certificate: Issued by Amazon on September 23rd 2021. Valid for: a year.

This is the only time app.usfcr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.189.84.127 54.189.84.127	16509 (AMAZON-02) (AMAZON-02)
5	13.225.230.42 13.225.230.42	16509 (AMAZON-02) (AMAZON-02)
2	142.250.80.74 142.250.80.74	15169 (GOOGLE) (GOOGLE)
1	142.250.65.168 142.250.65.168	15169 (GOOGLE) (GOOGLE)
3	104.18.8.127 104.18.8.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.176.206 142.250.176.206	15169 (GOOGLE) (GOOGLE)
12	44.194.61.33 44.194.61.33	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
26	8

1 54.189.84.127 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-84-127.us-west-2.compute.amazonaws.com

ec2-54-189-84-127.us-west-2.compute.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.230.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-42.jfk51.r.cloudfront.net

app.usfcr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.168 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.8.127 (None, )

ASN13335 (CLOUDFLARENET, US)

jstest.authorize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 44.194.61.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-61-33.compute-1.amazonaws.com

api.usfcr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	usfcr.com app.usfcr.com api.usfcr.com	2 MB
3	authorize.net jstest.authorize.net — Cisco Umbrella Rank: 355729	9 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	345 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	62 KB
1	amazonaws.com 1 redirects ec2-54-189-84-127.us-west-2.compute.amazonaws.com	730 B
26	7

	Domain	Requested by
12	api.usfcr.com	app.usfcr.com
5	app.usfcr.com	app.usfcr.com
3	jstest.authorize.net	app.usfcr.com jstest.authorize.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	app.usfcr.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	app.usfcr.com
1	ec2-54-189-84-127.us-west-2.compute.amazonaws.com	1 redirects
26	8

This site contains no links.

Subject Issuer	Validity	Valid
app.usfcr.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
jstest.authorize.net Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
api.usfcr.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.usfcr.com/
Frame ID: 45C6BBA25A373E888135664A80F98CBF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US Federal Contractor

Page URL History Show full URLs

http://ec2-54-189-84-127.us-west-2.compute.amazonaws.com/x/d?c=18635655&l=26a07d06-1d46-4484-9a5c-abcdf8ac3148&r=183d7b60-72b1-4172-9... HTTP 302
https://app.usfcr.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1789 kB
Transfer

2426 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ec2-54-189-84-127.us-west-2.compute.amazonaws.com/x/d?c=18635655&l=26a07d06-1d46-4484-9a5c-abcdf8ac3148&r=183d7b60-72b1-4172-9533-3a341c3d9469 HTTP 302
https://app.usfcr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.usfcr.com/
Redirect Chain

http://ec2-54-189-84-127.us-west-2.compute.amazonaws.com/x/d?c=18635655&l=26a07d06-1d46-4484-9a5c-abcdf8ac3148&r=183d7b60-72b1-4172-9533-3a341c3d9469
https://app.usfcr.com/

6 KB
7 KB

199ms
147ms

Document
text/html

13.225.230.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usfcr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ca0e6cd8a3576fc20c1dea8cacdd6264de7aec55bd6a0abac38c92283e9f00f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

content-type: text/html
content-length: 6046
last-modified: Thu, 13 Jan 2022 15:22:14 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 5ab173aa59975e4f5c944d6809eb1b130a0aa621c75b88df8bc12278fe14e6c7
x-amz-version-id: null
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:274449070938:build/usfcr-codebuild-frontend:8c8438ce-3bae-4337-b17e-1824974391da
x-amz-meta-codebuild-content-md5: 03c876fb108548793a3e86197befebff
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Jan 2022 20:41:36 GMT
etag: "7ca1a6e8121e328a53de950f5614e517"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: lXIsNuoyaccWHfhNVy_Hno9uPFRkjf5P0o1CdoBdZqjD_HYR4G6TVg==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://app.usfcr.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Date: Wed, 19 Jan 2022 20:41:29 GMT
Content-Length: 138

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 337ms
21ms Stylesheet
text/css 142.250.80.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f10.1e100.net

Software

ESF /

Resource Hash

88e54d012a1ec7eb247e4e282cb81ef401068961aecace72f5be669f3b03c291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 20:41:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 Jan 2022 20:41:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jan 2022 20:41:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
549 B 345ms
28ms Stylesheet
text/css 142.250.80.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@300;400;500;600;700&display=swap

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f10.1e100.net

Software

ESF /

Resource Hash

17e434ee539686e1a40119270f1e20de64c747a746d8765abf66ec4179cfc53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 20:41:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 Jan 2022 20:41:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jan 2022 20:41:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
62 KB 353ms
36ms Script
application/javascript 142.250.65.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JBT7Z0M57Z

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2d1781f29ed14ffb20031c6c15932ef6049da6ec8f1eb801f9bf5423bd5cb542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:41:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62572
x-xss-protection: 0
expires: Wed, 19 Jan 2022 20:41:36 GMT

GET
H2 200 main.62d9f0d2.chunk.css
app.usfcr.com/static/css/ 8 KB
3 KB 183ms
182ms Stylesheet
text/css 13.225.230.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usfcr.com/static/css/main.62d9f0d2.chunk.css
Requested by: Host: app.usfcr.com
URL: https://app.usfcr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 069570c7735fba03d85f64a8acb7aa8b33c21aca96b35befc1eebe4aa89a3f98

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
content-encoding: gzip
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:274449070938:build/usfcr-codebuild-frontend:8c8438ce-3bae-4337-b17e-1824974391da
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5ab173aa59975e4f5c944d6809eb1b130a0aa621c75b88df8bc12278fe14e6c7
x-amz-meta-codebuild-content-md5: 03c876fb108548793a3e86197befebff
last-modified: Thu, 13 Jan 2022 15:22:18 GMT
server: AmazonS3
etag: W/"4c58bf555b5cdd7eab88d3ed9e20a7c5"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
content-type: text/css
x-amz-cf-id: cLCIwGvwDI2lcmC6wXt-F-JQv2c6V5q1QS3GQcyu3lNqhatZtN8MAA==

GET
H2 200 Accept.js Show response
jstest.authorize.net/v1/ 4 KB
2 KB 68ms
43ms Script
application/javascript 104.18.8.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/Accept.js

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.8.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f5462b2ccec78d8749981a52df4f9739c6955f40a40008274f3d24218639ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2019 19:58:34 GMT
server: cloudflare
age: 2180
etag: W/"3bfb5675a469d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6d02e27fd8000ca9-EWR
expires: Mon, 24 Jan 2022 20:41:36 GMT

GET
H2 200 8.3ca9b5f4.chunk.js Show response
app.usfcr.com/static/js/ 1 MB
1 MB 1001ms
1000ms Script
application/x-javascript 13.225.230.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usfcr.com/static/js/8.3ca9b5f4.chunk.js
Requested by: Host: app.usfcr.com
URL: https://app.usfcr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 386d0e03afcd835c4baaa53eeb0ba0aa85e790cf1aacfd259ce56bbcc1286bfb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
etag: "1fd05441ce85845d9111180af9fbcdde"
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:274449070938:build/usfcr-codebuild-frontend:8c8438ce-3bae-4337-b17e-1824974391da
x-cache: RefreshHit from cloudfront
x-amz-meta-codebuild-content-md5: 03c876fb108548793a3e86197befebff
content-length: 1242981
last-modified: Thu, 13 Jan 2022 15:22:15 GMT
server: AmazonS3
date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 5ab173aa59975e4f5c944d6809eb1b130a0aa621c75b88df8bc12278fe14e6c7
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: wb8diCuYf3a0rHxYJ3UcGmGhmNIHjVj9yade7ZP_hjRxOV7TEEuInA==

GET
H2 200 main.1d474860.chunk.js Show response
app.usfcr.com/static/js/ 682 KB
186 KB 472ms
471ms Script
application/x-javascript 13.225.230.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js
Requested by: Host: app.usfcr.com
URL: https://app.usfcr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f157739f4447f5b061e2a41f4839704bc40bff62369abd25d81a8849cfc2b4ab

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8948326b3a9b878b16196e3d7f985a67"
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:274449070938:build/usfcr-codebuild-frontend:8c8438ce-3bae-4337-b17e-1824974391da
x-cache: RefreshHit from cloudfront
x-amz-meta-codebuild-content-md5: 03c876fb108548793a3e86197befebff
last-modified: Thu, 13 Jan 2022 15:22:08 GMT
server: AmazonS3
date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 5ab173aa59975e4f5c944d6809eb1b130a0aa621c75b88df8bc12278fe14e6c7
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
content-type: application/x-javascript
x-amz-cf-id: RYC8IVlrh8WAYzCluDra7p3S190ZjSy5c7xN0VGq5zhQdbScAeo3rw==

GET
H2 200 AcceptCore.js Show response
jstest.authorize.net/v1/ 9 KB
3 KB 44ms
44ms Script
application/javascript 104.18.8.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/AcceptCore.js

Requested by

Host: jstest.authorize.net
URL: https://jstest.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.8.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
age: 5216
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6d02e281ec010ca9-EWR
expires: Mon, 24 Jan 2022 20:41:36 GMT

GET
H2 200 AcceptCore.js Show response
jstest.authorize.net/v1/ 9 KB
3 KB 542ms
527ms XHR
application/javascript 104.18.8.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/AcceptCore.js

Requested by

Host: jstest.authorize.net
URL: https://jstest.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.8.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6d02e281f91c3300-EWR
expires: Mon, 24 Jan 2022 20:41:36 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
345 B 333ms
17ms Ping
text/plain 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JBT7Z0M57Z&gtm=2oe1c0&_p=113925091&sr=1600x1200&ul=en-us&cid=1932877833.1642624897&_s=1&dl=https%3A%2F%2Fapp.usfcr.com%2F&dt=US%20Federal%20Contractor&sid=1642624896&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JBT7Z0M57Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.usfcr.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 20:41:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.usfcr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b6770b334aaacb5a087ecd7fdd2aaf0b994f8cdccd55271d3f29ad281e32417

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b24c2f20f7af6337ac4740b153d46e90ea449c45c5ea449a6fdea30a6f78b6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 35ms
17ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 36ms
19ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

POST
H2 200 rpc Show response
api.usfcr.com/ 178 B
742 B 11ms
10ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

401e0b69d67efeb5f3d4b9eb918e670cff834861c8888f21495952257033ac80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 178
x-content-type-options: nosniff

POST
H2 200 rpc Show response
api.usfcr.com/ 176 B
740 B 12ms
12ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

07002763ed5ec94c4bd8cb01eb6fb1af9eb01c28d48dac29c912c00da98de0e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 176
x-content-type-options: nosniff

GET
H2 200 auth-image.94de4084.jpg
app.usfcr.com/static/media/ 240 KB
241 KB 141ms
141ms Image
image/jpeg 13.225.230.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.usfcr.com/static/media/auth-image.94de4084.jpg
Requested by: Host: app.usfcr.com
URL: https://app.usfcr.com/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97bddc7c18e0914dc16a4e3aa991026f29f30b5d46cc154e06b9634a8775f83f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://app.usfcr.com/sign-in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
etag: "6359100e2449550e9a7fb002e3fd4a97"
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:274449070938:build/usfcr-codebuild-frontend:8c8438ce-3bae-4337-b17e-1824974391da
x-cache: RefreshHit from cloudfront
x-amz-meta-codebuild-content-md5: 03c876fb108548793a3e86197befebff
content-length: 245549
last-modified: Thu, 13 Jan 2022 15:22:14 GMT
server: AmazonS3
date: Wed, 19 Jan 2022 20:41:38 GMT
x-amz-meta-codebuild-content-sha256: 5ab173aa59975e4f5c944d6809eb1b130a0aa621c75b88df8bc12278fe14e6c7
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: ktBfpIawBhA-zkIfVVmC3Ya8f-8gXhAwdNs74YNa1w96SjMJiE6F2w==

GET
H2 200 wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v12/ 35 KB
36 KB 323ms
5ms Font
font/woff2 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v12/wlpwgwvFAVdoq2_v-6QU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lexend:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

47eecd8c662e45ac42adfe7e1fe8e2501fb36b78d5deeec84030f6a3bb6d7c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.usfcr.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 23:38:20 GMT
x-content-type-options: nosniff
age: 507797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36156
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 13 Jan 2023 23:38:20 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v8/ 24 KB
24 KB 327ms
9ms Font
font/woff2 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v8/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.usfcr.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 06:28:42 GMT
x-content-type-options: nosniff
age: 483175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24356
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:09:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 06:28:42 GMT

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 11ms
10ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 11ms
11ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 11ms
10ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

OPTIONS
H2 204 rpc
api.usfcr.com/ 0
0 15ms
15ms Preflight 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usfcr.com/rpc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-61-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.usfcr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 Jan 2022 20:41:37 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://app.usfcr.com
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type

POST
H2 200 rpc Show response
api.usfcr.com/ 194 B
758 B 12ms
11ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

fa1a3b17d79d57ce40dee9ab8cff797daa3a6104fbda22bbf1e3433f153557b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 194
x-content-type-options: nosniff

POST
H2 200 rpc Show response
api.usfcr.com/ 192 B
756 B 12ms
11ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

2800ab6eaf757e4302235c131ceb958cc641dfd2282c2ca3812523712a34e083

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 192
x-content-type-options: nosniff

POST
H2 200 rpc Show response
api.usfcr.com/ 194 B
758 B 13ms
12ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

a4389fee4c9dfa5be177195e4524358ebf2731e27cbe0276c28944e7fb1c7377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 194
x-content-type-options: nosniff

POST
H2 200 rpc Show response
api.usfcr.com/ 192 B
756 B 11ms
10ms Fetch
application/json 44.194.61.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usfcr.com/rpc

Requested by

Host: app.usfcr.com
URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.61.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-61-33.compute-1.amazonaws.com

Software

Resource Hash

fce64b7a0c53f4be6f6f1d1e246c0444add9fdd6c5500f452a055986b1929e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Wed, 19 Jan 2022 20:41:37 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.usfcr.com
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Origin
content-length: 192
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.authorize.net/	1969-12-31 23:59:59	Name: __cfruid Value: dd3a31c1cd76ea37019edbab900fb815b5a262bc-1642624896
.usfcr.com/	1970-01-20 17:48:16	Name: _ga Value: GA1.1.1932877833.1642624897
.usfcr.com/	1970-01-20 17:48:16	Name: _ga_JBT7Z0M57Z Value: GS1.1.1642624896.1.1.1642624898.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	warning	URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js Message: WebSocket connection to 'wss://api.usfcr.com/' failed: WebSocket is closed before the connection is established.
network	warning	URL: https://app.usfcr.com/static/js/main.1d474860.chunk.js Message: WebSocket connection to 'wss://api.usfcr.com/' failed: WebSocket is closed before the connection is established.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usfcr.com
app.usfcr.com
ec2-54-189-84-127.us-west-2.compute.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
jstest.authorize.net
www.google-analytics.com
www.googletagmanager.com
104.18.8.127
13.225.230.42
142.250.176.206
142.250.65.168
142.250.65.195
142.250.80.74
44.194.61.33
54.189.84.127
069570c7735fba03d85f64a8acb7aa8b33c21aca96b35befc1eebe4aa89a3f98
07002763ed5ec94c4bd8cb01eb6fb1af9eb01c28d48dac29c912c00da98de0e7
0b6770b334aaacb5a087ecd7fdd2aaf0b994f8cdccd55271d3f29ad281e32417
17e434ee539686e1a40119270f1e20de64c747a746d8765abf66ec4179cfc53e
20f5462b2ccec78d8749981a52df4f9739c6955f40a40008274f3d24218639ab
2800ab6eaf757e4302235c131ceb958cc641dfd2282c2ca3812523712a34e083
2d1781f29ed14ffb20031c6c15932ef6049da6ec8f1eb801f9bf5423bd5cb542
37b24c2f20f7af6337ac4740b153d46e90ea449c45c5ea449a6fdea30a6f78b6
386d0e03afcd835c4baaa53eeb0ba0aa85e790cf1aacfd259ce56bbcc1286bfb
401e0b69d67efeb5f3d4b9eb918e670cff834861c8888f21495952257033ac80
47eecd8c662e45ac42adfe7e1fe8e2501fb36b78d5deeec84030f6a3bb6d7c20
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
88e54d012a1ec7eb247e4e282cb81ef401068961aecace72f5be669f3b03c291
8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f
97bddc7c18e0914dc16a4e3aa991026f29f30b5d46cc154e06b9634a8775f83f
9ca0e6cd8a3576fc20c1dea8cacdd6264de7aec55bd6a0abac38c92283e9f00f
a4389fee4c9dfa5be177195e4524358ebf2731e27cbe0276c28944e7fb1c7377
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f157739f4447f5b061e2a41f4839704bc40bff62369abd25d81a8849cfc2b4ab
fa1a3b17d79d57ce40dee9ab8cff797daa3a6104fbda22bbf1e3433f153557b3
fce64b7a0c53f4be6f6f1d1e246c0444add9fdd6c5500f452a055986b1929e56

app.usfcr.com Open in urlscan Pro 13.225.230.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

1789 kBTransfer

2426 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.usfcr.com Open in urlscan Pro
13.225.230.42 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1789 kB
Transfer

2426 kB
Size

3
Cookies

26 HTTP transactions
2 data transactions