www.ffbt.com Open in urlscan Pro
2400:cb00:2048:1::6814:7f44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ffbt.com&d=DwMFAg&c=eJFcuPw3OEcOgXL2mmMpuw&r=fSJH78fH38QVYmlKa96XyNIdACsUf...
Effective URL:
https://www.ffbt.com/
Submission: On September 15 via manual (September 15th 2017, 2:29:42 pm UTC) from US

Summary HTTP 77 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 40 domains to perform 77 HTTP transactions. The main IP is 2400:cb00:2048:1::6814:7f44, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.ffbt.com.
TLS certificate: Issued by Symantec Class 3 Secure Server CA - G4 on December 18th 2015. Valid for: 2 years.

This is the only time www.ffbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.231.146.66 67.231.146.66	26211 (PROOFPOIN...) (PROOFPOINT-ASN-US-WEST - Proofpoint)
1 16	2400:cb00:204... 2400:cb00:2048:1::6814:7e44	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
4	2400:cb00:204... 2400:cb00:2048:1::6814:7f44	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
6	92.123.94.15 92.123.94.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	5.153.20.138 5.153.20.138	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
8	2400:cb00:204... 2400:cb00:2048:1::6814:5753	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
18 21	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 2	152.163.56.2 152.163.56.2	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
2 3	104.108.53.91 104.108.53.91	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	184.169.153.255 184.169.153.255	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2400:cb00:204... 2400:cb00:2048:1::6814:5653	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	74.205.72.115 74.205.72.115	33070 (RMH-14) (RMH-14 - Rackspace Hosting)
1	52.213.126.26 52.213.126.26	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a02:26f0:10c... 2a02:26f0:10c:39a::20c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.251.221.71 34.251.221.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.202.80.105 34.202.80.105	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	174.137.122.143 174.137.122.143	54668 (MARCHEX-EAST) (MARCHEX-EAST - Marchex)
1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1	52.6.185.139 52.6.185.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.20.220.238 52.20.220.238	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	107.178.240.89 107.178.240.89	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	63.251.114.136 63.251.114.136	12181 (INTERNAP-...) (INTERNAP-2BLK - Internap Network Services Corporation)
2 3	52.1.225.34 52.1.225.34	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.211.103.202 52.211.103.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	195.93.42.12 195.93.42.12	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
1 2	52.58.109.116 52.58.109.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	52.72.11.222 52.72.11.222	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	156.154.200.36 156.154.200.36	19907 (NEUSTAR-AS6) (NEUSTAR-AS6 - NeuStar)
1 1	54.69.22.47 54.69.22.47	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	216.52.1.12 216.52.1.12	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Voxel Dot Net)
1	52.216.81.16 52.216.81.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google Inc.)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1 1	2a00:1450:401... 2a00:1450:401b:801::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:801::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	92.123.92.198 92.123.92.198	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.33.223.209 185.33.223.209	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
1 2	62.67.193.75 62.67.193.75	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	185.64.189.236 185.64.189.236	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google Inc.)
77	35

1 67.231.146.66 (Sunnyvale, United States) 1 redirects

ASN26211 (PROOFPOINT-ASN-US-WEST - Proofpoint, Inc., US)
PTR: urldefense.proofpoint.com

urldefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2400:cb00:2048:1::6814:7e44 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.ffbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6814:7f44 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.ffbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.123.94.15 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-15.deploy.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.153.20.138 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 8a.14.9905.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2400:cb00:2048:1::6814:5753 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

clients.lk-cs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 159.253.128.183 (Amsterdam, Netherlands) 18 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.163.56.2 (United States) 1 redirects

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: oneads-sspums-adtech-mtc-blue-b.evip.aol.com

usync.nexage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.53.91 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-53-91.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.169.153.255 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-184-169-153-255.us-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6814:5653 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

clients.lk-cs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.205.72.115 (San Antonio, United States)

ASN33070 (RMH-14 - Rackspace Hosting, US)

lkcsunix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.126.26 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-126-26.eu-west-1.compute.amazonaws.com

101.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:39a::20c1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.221.71 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-221-71.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.80.105 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-202-80-105.compute-1.amazonaws.com

performance.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.122.143 (Seattle, United States)

ASN54668 (MARCHEX-EAST - Marchex, Inc., US)
PTR: adtrack.som1.marchex.com

adtrack.voicestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.185.139 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-6-185-139.compute-1.amazonaws.com

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.220.238 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-220-238.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.89 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.114.136 (United States)

ASN12181 (INTERNAP-2BLK - Internap Network Services Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.1.225.34 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-1-225-34.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.103.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-103-202.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.93.42.12 (United Kingdom) 2 redirects

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com

ums.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.109.116 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-109-116.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.11.222 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-11-222.compute-1.amazonaws.com

px.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.200.36 (Sterling, United States) 1 redirects

ASN19907 (NEUSTAR-AS6 - NeuStar, Inc., US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.22.47 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-22-47.us-west-2.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.1.12 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET - Voxel Dot Net, Inc., US)

loadr.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.81.16 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

load.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s18-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.92.198 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-198.deploy.akamaitechnologies.com

cdn.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.209 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.67.193.75 (United Kingdom) 1 redirects

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.236 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	simpli.fi 18 redirects i.simpli.fi um.simpli.fi	17 KB
20	ffbt.com 1 redirects www.ffbt.com	748 KB
12	lk-cs.com clients.lk-cs.com	885 KB
9	typekit.net use.typekit.net p.typekit.net performance.typekit.net	132 KB
3	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	964 B
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	advertising.com 1 redirects sync.adaptv.advertising.com pixel.advertising.com	332 B
3	bluekai.com 2 redirects stags.bluekai.com tags.bluekai.com	1 KB
2	openx.net 1 redirects us-u.openx.net	447 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com	431 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
2	marchex.io px.marchex.io	86 B
2	adtech.de 2 redirects ums.adtech.de	918 B
2	demdex.net 2 redirects dpm.demdex.net	1 KB
2	pro-market.net 1 redirects fei.pro-market.net	531 B
2	voicestar.com adtrack.voicestar.com	8 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	462 B
2	google-analytics.com www.google-analytics.com	14 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	nexage.com 1 redirects usync.nexage.com	464 B
1	pubmatic.com image2.pubmatic.com	42 B
1	contextweb.com bh.contextweb.com	60 B
1	adnxs.com ib.adnxs.com
1	spotxcdn.com cdn.spotxcdn.com	43 B
1	google.de www.google.de	60 B
1	google.com 1 redirects www.google.com	297 B
1	googleadservices.com 1 redirects www.googleadservices.com	295 B
1	amazonaws.com load.s3.amazonaws.com	43 B
1	exelator.com 1 redirects loadr.exelator.com	495 B
1	yahoo.com 1 redirects ads.yahoo.com	620 B
1	lijit.com ce.lijit.com	43 B
1	intentiq.com sync.intentiq.com	43 B
1	turn.com d.turn.com	43 B
1	xg4ken.com 101.xg4ken.com	184 B
1	lkcsunix.com lkcsunix.com	2 KB
1	googletagmanager.com www.googletagmanager.com	20 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	proofpoint.com 1 redirects urldefense.proofpoint.com	152 B
0	fundsxpress.com Failed ffbtci.secure.fundsxpress.com Failed
77	40

	Domain	Requested by
21	um.simpli.fi	18 redirects www.ffbt.com
20	www.ffbt.com	1 redirects www.ffbt.com
12	clients.lk-cs.com	www.ffbt.com
6	use.typekit.net	www.ffbt.com use.typekit.net
5	i.simpli.fi	www.ffbt.com i.simpli.fi
3	idsync.rlcdn.com	2 redirects www.ffbt.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects www.ffbt.com
2	pixel.rubiconproject.com	1 redirects www.ffbt.com
2	sync.search.spotxchange.com	2 redirects
2	px.marchex.io	www.ffbt.com
2	pixel.advertising.com	1 redirects www.ffbt.com
2	ums.adtech.de	2 redirects
2	dpm.demdex.net	2 redirects
2	fei.pro-market.net	1 redirects www.ffbt.com
2	adtrack.voicestar.com	www.googletagmanager.com adtrack.voicestar.com
2	bcp.crwdcntrl.net	1 redirects www.ffbt.com
2	p.typekit.net	www.ffbt.com
2	www.google-analytics.com	www.ffbt.com
2	match.adsrvr.org	2 redirects
2	stags.bluekai.com	2 redirects
2	usync.nexage.com	1 redirects www.ffbt.com
1	image2.pubmatic.com	www.ffbt.com
1	bh.contextweb.com	www.ffbt.com
1	ib.adnxs.com	www.ffbt.com
1	cdn.spotxcdn.com	www.ffbt.com
1	www.google.de	www.ffbt.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	load.s3.amazonaws.com	www.ffbt.com
1	loadr.exelator.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	ads.yahoo.com	1 redirects
1	ce.lijit.com	www.ffbt.com
1	sync.adaptv.advertising.com	www.ffbt.com
1	sync.intentiq.com	www.ffbt.com
1	d.turn.com	www.ffbt.com
1	performance.typekit.net	use.typekit.net
1	101.xg4ken.com	www.googletagmanager.com
1	lkcsunix.com	www.ffbt.com
1	tags.bluekai.com	www.ffbt.com
1	www.googletagmanager.com	www.ffbt.com
1	ajax.googleapis.com	www.ffbt.com
1	urldefense.proofpoint.com	1 redirects
0	ffbtci.secure.fundsxpress.com Failed	www.ffbt.com
77	47

This site contains links to these domains. Also see Links.

Domain
gateway.fundsxpress.com
ffbtci.secure.fundsxpress.com
www.facebook.com
ffbt.mortgagewebcenter.com
ffbt.applicantstack.com
www.lk-cs.com

Subject Issuer	Validity	Valid
www.ffbt.com Symantec Class 3 Secure Server CA - G4	`2015-12-18` - `2018-06-10`	2 years	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-09-07` - `2017-11-30`	3 months	crt.sh
typekit.net Symantec Class 3 Secure Server CA - G4	`2017-03-20` - `2018-06-19`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.lk-cs.com Go Daddy Secure Certificate Authority - G2	`2016-07-05` - `2019-08-06`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-09-07` - `2017-11-30`	3 months	crt.sh
ums.adtechus.com DigiCert SHA2 High Assurance Server CA	`2017-03-28` - `2020-04-01`	3 years	crt.sh
odc-prod-01.oracle.com Symantec Class 3 ECC 256 bit SSL CA - G2	`2017-09-12` - `2018-07-28`	a year	crt.sh
www.lkcsunix.com Go Daddy Secure Certificate Authority - G2	`2017-01-18` - `2019-02-26`	2 years	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2015-05-16` - `2018-05-16`	3 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2015-12-01` - `2017-12-05`	2 years	crt.sh
*.voicestar.com GeoTrust DV SSL CA - G3	`2017-01-25` - `2019-01-25`	2 years	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2016-12-21` - `2018-01-30`	a year	crt.sh
*.intentiq.com Amazon	`2017-06-07` - `2018-07-07`	a year	crt.sh
*.adap.tv Entrust Certification Authority - L1K	`2016-06-28` - `2017-09-28`	a year	crt.sh
*.pro-market.net RapidSSL SHA256 CA	`2016-10-07` - `2019-11-19`	3 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2017-02-10` - `2018-05-10`	a year	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
*.marchex.io GeoTrust SSL CA - G3	`2017-03-22` - `2019-05-21`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2016-07-29` - `2017-11-29`	a year	crt.sh
www.google.de Google Internet Authority G2	`2017-09-07` - `2017-11-30`	3 months	crt.sh
cdn.spotxcdn.com GeoTrust SSL CA - G3	`2016-11-29` - `2017-10-19`	a year	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2015-04-23` - `2018-04-27`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2017-05-11` - `2020-07-09`	3 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.ffbt.com/
Frame ID: 14636.1
Requests: 76 HTTP requests in this frame

Frame: https://ffbtci.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=2017&iid=FFBTCI
Frame ID: 14636.7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ffbt.com&d=DwMFAg&c=eJFcuPw3OEcOgXL2mmMpuw&r=fSJH78fH3... HTTP 302
http://www.ffbt.com/ HTTP 301
https://www.ffbt.com/ Page URL

Detected technologies

Sitefinity (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Sitefinity (.+)$/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i
meta generator /^Sitefinity (.+)$/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i
meta generator /^Sitefinity (.+)$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i
meta generator /^Sitefinity (.+)$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i

Page Statistics

77
Requests

99 %
HTTPS

26 %
IPv6

40
Domains

47
Subdomains

35
IPs

6
Countries

1848 kB
Transfer

3172 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://gateway.fundsxpress.com/FFBTCI/disclosures.htm
Title: enroll

Search URL Search Domain Scan URL

URL: https://gateway.fundsxpress.com/FFBTCI/disclosures_commercial.htm
Title: business enroll

Search URL Search Domain Scan URL

URL: https://ffbtci.secure.fundsxpress.com/resetpasscode/app/#/home/authentication?iid=FFBTCI&appId=FXWEB
Title: forgot your password?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstfarmers

Search URL Search Domain Scan URL

URL: https://ffbt.mortgagewebcenter.com/
Title: Let’s Get Started

Search URL Search Domain Scan URL

URL: http://ffbt.applicantstack.com/x/openings
Title: Employment

Search URL Search Domain Scan URL

URL: https://www.lk-cs.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ffbt.com&d=DwMFAg&c=eJFcuPw3OEcOgXL2mmMpuw&r=fSJH78fH38QVYmlKa96XyNIdACsUfsccxXKKrp40zXE&m=JG3Vkjyg30DpCFYED9Xv7Uq70LW3ZMJ95NMNzQmQdpA&s=iB2QDUyM-xe0T9PaDBj9o3UHYpmt9ezfcG06_j_Qwew&e= HTTP 302
http://www.ffbt.com/ HTTP 301
https://www.ffbt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://um.simpli.fi/nexage HTTP 302
https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55;cfp=1

Request Chain 25

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://stags.bluekai.com/site/29931?dt=0&r=444793166&sig=2965575053&bkca=KJpnEnsNzex6Lqx61cVt5ePtzMvN+expzpaN1pWl1eJy5Ux0BxD9Z5y/mx== HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=29849c54-7862-450c-977a-79f092cfc534

Request Chain 44

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55

Request Chain 47

https://um.simpli.fi/turn HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A149905C9E3BB59966D5F47020EAB55

Request Chain 48

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A149905C9E3BB59966D5F47020EAB55

Request Chain 50

https://um.simpli.fi/adaptv HTTP 302
https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A149905C9E3BB59966D5F47020EAB55

Request Chain 51

https://um.simpli.fi/datonics HTTP 302
https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img;sr

Request Chain 52

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=8A149905C9E3BB59966D5F47020EAB55

Request Chain 53

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=8A149905C9E3BB59966D5F47020EAB55&redirect=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2fdabd378b3a74a9dd500d534444a95cc118985513a7fd3449ef2bc05a49f69eb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=2fdabd378b3a74a9dd500d534444a95cc118985513a7fd3449ef2bc05a49f69eb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=01025480891911577021352874554778732163

Request Chain 55

https://um.simpli.fi/aol HTTP 302
https://ums.adtech.de/mapuser?providerid=1051;userid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://ums.adtech.de/mapuser?providerid=1051;cfp=1;rndc=1505485769;userid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0&verify=true

Request Chain 57

https://ads.yahoo.com/cms/v1?esig=1~6df59d9d88a5fd320eaa9784cd28c41c2b86a6bf&sigv=1&nwid=10001117430 HTTP 302
https://um.simpli.fi/y_match?xid=c5zIWdZ5BXbVZfetqKxHklRp

Request Chain 60

https://aa.agkn.com/adscores/g.pixel?sid=9201915418 HTTP 302
https://d.agkn.com/pixel/5502/?sk=164701602449001007528&pd=&l0=https://um.simpli.fi/aa_px?sk=164701602449001007528 HTTP 302
https://um.simpli.fi/aa_px?sk=164701602449001007528

Request Chain 61

https://loadr.exelator.com/load/?p=104&g=870&j=0 HTTP 302
https://load.s3.amazonaws.com/pixel.gif

Request Chain 62

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1505485769248&cv=7&fst=1505485769248&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yuO7WZ2TKaTOxgKCkor4Cw HTTP 302
https://www.google.com/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id=yuO7WZ2TKaTOxgKCkor4Cw&random=1773262513 HTTP 302
https://www.google.de/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id=yuO7WZ2TKaTOxgKCkor4Cw&random=1773262513&ipr=y&ulfeg=n

Request Chain 63

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A149905C9E3BB59966D5F47020EAB55&__user_check__=1 HTTP 302
https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif

Request Chain 65

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=8A149905C9E3BB59966D5F47020EAB55

Request Chain 66

https://um.simpli.fi/cw_match HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A149905C9E3BB59966D5F47020EAB55

Request Chain 67

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365 HTTP 307
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365

Request Chain 68

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=8A149905C9E3BB59966D5F47020EAB55

Request Chain 69

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A149905C9E3BB59966D5F47020EAB55

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMCr7kB3q0CFWvOFq0oSAoc&google_cver=1 HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A149905C9E3BB59966D5F47020EAB55 HTTP 302
https://um.simpli.fi/g_match?id=

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.ffbt.com/
Redirect Chain

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ffbt.com&d=DwMFAg&c=eJFcuPw3OEcOgXL2mmMpuw&r=fSJH78fH38QVYmlKa96XyNIdACsUfsccxXKKrp40zXE&m=JG3Vkjyg30DpCFYED9Xv7Uq70LW3ZMJ95NMNzQmQdpA&s=iB2Q...
http://www.ffbt.com/
https://www.ffbt.com/

35 KB
10 KB

584ms
562ms

Document
text/html

2400:cb00:2048:1::6814:7f44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7f44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

3703f722275b5a728213fc5a01b65c49a406be6290e5f6c83626377278da3b29

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47439df763d3-FRA
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Date: Fri, 15 Sep 2017 14:29:28 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Location: https://www.ffbt.com/
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 39ec4743642e64db-FRA
Expires: Fri, 15 Sep 2017 15:29:28 GMT

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Wed, 30 Aug 2017 16:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1374162
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 33593
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Aug 2018 16:46:46 GMT

GET
S 200 gwh7fqk.js Show response
use.typekit.net/ 18 KB
7 KB 272ms
250ms Script
text/javascript 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gwh7fqk.js

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a92-123-94-15.deploy.akamaitechnologies.com

Software

nginx /

Resource Hash

1629caf1c9f8e896e42d512484c6250f6920942434b1310001d0fbb70299cd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200, 200 OK
date: Fri, 15 Sep 2017 14:29:29 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7127

GET
H/1.1 200
OK dpx.js Show response
i.simpli.fi/ 3 KB
3 KB 39ms
11ms Script
application/javascript 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=101712&action=100&segment=firstfarmersbankandtrustsite&m=1&sifi_tuid=58881

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

71b0a8592c1f630f017d61d1b4daa190713b5560c41e1fb208ca3b1ca1de9304

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Connection: keep-alive
Content-Length: 2743
Pragma: no-cache
Last-Modified: Tue, 29 Aug 2017 16:16:23 GMT
Server: nginx
ETag: "59a59357-ab7"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpx.js Show response
i.simpli.fi/ 3 KB
3 KB 40ms
12ms Script
application/javascript 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=101712&conversion=40&campaign_id=0&m=1&tid=viewthrough&sifi_tuid=58881

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

71b0a8592c1f630f017d61d1b4daa190713b5560c41e1fb208ca3b1ca1de9304

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Connection: keep-alive
Content-Length: 2743
Pragma: no-cache
Last-Modified: Tue, 29 Aug 2017 16:16:23 GMT
Server: nginx
ETag: "59a59357-ab7"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK main.css
www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/global/ 58 KB
10 KB 369ms
366ms Stylesheet
text/css 2400:cb00:2048:1::6814:7f44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/global/main.css?v=636360772800000000

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7f44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

6740ad388b478c2e89c948167568264eb4da02d2b957224dacb8dfb6738390a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 19 Jul 2017 20:08:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec4747281763d3-FRA
X-Xss-Protection: 1; mode=block
Expires: Fri, 15 Sep 2017 18:29:29 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.ffbt.com/ 16 KB
4 KB 387ms
365ms Script
application/x-javascript 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/WebResource.axd?d=YdLHYxLfPzAKXcJxXUKq-FxW43dBJ5RmiUhX0s9GPW4ENIQjcaW5XtB4RhDM0vVxJnDsWS-gCTtf53JUhf4kaZyDx3OFb8SFjL2Pk57ffoU1&t=636354763360000000

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

f9d7ae35aba9f8ba59b293b59b3419c309225828966b66ca0bcb6a7f0dd627a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 12 Jul 2017 21:12:16 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47474fff6349-FRA
X-Xss-Protection: 1; mode=block
Expires: Sat, 15 Sep 2018 06:16:51 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.ffbt.com/ 140 KB
34 KB 466ms
444ms Script
application/x-javascript 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl03_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3a8f95decb-d716-4257-bc42-c772df7173e5%3aea597d4b%3ab25378d2

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

ab380189ad8e114011249af1a1efb0a21115e14641e3565450ab4d8fbfe4c610

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 18 Jan 2017 00:00:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec4747488527aa-FRA
X-Xss-Protection: 1; mode=block
Expires: Sat, 15 Sep 2018 14:29:29 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.ffbt.com/ 95 KB
33 KB 477ms
455ms Script
application/x-javascript 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

38dba1d88a1ddd3a0bc8234e03cad9cc0cf6c2193bfd7f7f4038eea2d0763b9d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Sep 2017 06:16:51 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47474a662678-FRA
X-Xss-Protection: 1; mode=block
Expires: Sat, 15 Sep 2018 06:16:51 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.ffbt.com/ 531 KB
148 KB 537ms
514ms Script
application/x-javascript 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl03_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%3aen%3a193470df-16c0-47af-a81b-fac6c3a0408d%3ab162b7a1%3a845dc525%3bTelerik.Web.UI%2c+Version%3d2017.1.118.40%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen%3a767b481f-60ec-4d02-b56d-2905b1cd1d39%3a16e4e7cd%3af7645509%3addbfcb67%3bTelerik.Sitefinity%2c+Version%3d10.0.6412.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3a3eda8383-f8ae-42fd-8cf1-472a7662d4f3%3af77740f1%3a26cfb6dc%3a6e04508f%3a447a22b8%3bTelerik.Sitefinity.Resources%3aen%3a193470df-16c0-47af-a81b-fac6c3a0408d%3ac4ef6dcd%3a6f03d72a%3bTelerik.Sitefinity%2c+Version%3d10.0.6412.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3a3eda8383-f8ae-42fd-8cf1-472a7662d4f3%3ac1fc658e%3a721addc%3a41f6c3a7

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

e0d1fe115b484bc0e5d26ebb6bb6043829efd647684c1204868e8e1e3336f871

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 18 Jan 2017 00:00:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47474e670893-FRA
X-Xss-Protection: 1; mode=block
Expires: Sat, 15 Sep 2018 14:29:29 GMT

GET
H/1.1 200
OK Search-box.js Show response
www.ffbt.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/ 3 KB
1 KB 46ms
13ms Script
application/x-javascript 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/Search-box.js

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

9b8360071821f1cb222b51dd7a5e0cb5e954e5142ddc3e739aef358f6a5a175c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Last-Modified: Tue, 27 Jun 2017 15:37:12 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public, max-age=169350
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47475b5c271a-FRA
X-Xss-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 13:31:58 GMT

GET
H/1.1 200
OK logo.svg
www.ffbt.com/Includes/svg/ 20 KB
6 KB 79ms
79ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/logo.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

91c1307ad066438dab1c961dd77f96e8248b24cbc48908fbd5dea0478d5e3e44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 09 Jun 2017 16:08:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"0b0bf903ae1d21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec47497c63271a-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
H/1.1 200
OK sf-search-box.min.css
www.ffbt.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/assets/dist/css/ 217 B
264 B 33ms
13ms Stylesheet
text/css 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/assets/dist/css/sf-search-box.min.css

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

04da97b980eb4afb9b5e402e8dc4f0a353b0848bcc8be60b9009b0b4c6aa2446

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Last-Modified: Tue, 27 Jun 2017 15:37:12 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public, max-age=453288
Connection: keep-alive
CF-RAY: 39ec47474b50271a-FRA
Content-Length: 264
X-Xss-Protection: 1; mode=block
Expires: Wed, 20 Sep 2017 20:24:16 GMT

GET
H/1.1 200
OK shanes-building-march.jpg
www.ffbt.com/images/default-source/default-album/ 445 KB
445 KB 19ms
19ms Image
image/jpeg 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/images/default-source/default-album/shanes-building-march.jpg?sfvrsn=c475d0ec_0

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

86a4cc15e5693cd8b5946fa33b9a1cf154cb86f652d1f43be53a6d73ff8cf927

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Cf-Polished: degrade=85, origSize=2075151
Content-Disposition: inline; filename=shanes-building-march.jpg
Connection: keep-alive
Content-Length: 455546
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 28 Jul 2017 19:39:35 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Expires: Thu, 14 Dec 2017 14:29:29 GMT
Cache-Control: public, max-age=7776000
CF-RAY: 39ec4749890d6349-FRA
Cf-Bgj: imgq:85

GET
H/1.1 200
OK fdic.svg
www.ffbt.com/Includes/svg/ 49 KB
9 KB 13ms
13ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/fdic.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

02dc4e34c2446dcab74a375ae0c99405bb33d355d36fb835c5a44a8839978946

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:12:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"028318db6acd21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec4749e9366349-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
H/1.1 200
OK ehl.svg
www.ffbt.com/Includes/svg/ 4 KB
1 KB 14ms
14ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/ehl.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

f44aa3b99b4ba5d0ca208287ad5c426f0fdae10122fc2584812ae3ca4b958065

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:12:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"028318db6acd21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec4749fc9d271a-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
H/1.1 200
OK lkcs.svg
www.ffbt.com/Includes/svg/ 6 KB
2 KB 14ms
14ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/lkcs.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

000288ba0c6f985b9f894694d67394ed5187f648035b45b78cab479d668c0b0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:12:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"028318db6acd21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec474a093b6349-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
H/1.1 200
OK tie.svg
www.ffbt.com/Includes/svg/ 4 KB
1 KB 15ms
15ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/tie.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

1d6ad0245df76857640442457cebd57d660cc39566ab3c3a5f1b53f0803ec0e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 09 Jun 2017 15:16:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"078154d33e1d21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec474a1ca7271a-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
S 200 ts.vendor.min.js Show response
clients.lk-cs.com/shared/js/ 417 KB
121 KB 69ms
19ms Script
application/x-javascript 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/js/ts.vendor.min.js
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: bdf2d0db60b7c0cf9e4d43d5dde5f8eeeaf2d8ec7dc6ded833ea15c26b507b5a

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-length: 123840
last-modified: Wed, 22 Feb 2017 18:15:32 GMT
server: cloudflare-nginx
etag: "0fa7ea7378dd21:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: application/x-javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4749cf776445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:29 GMT

GET
S 200 ts.min.js Show response
clients.lk-cs.com/shared/js/ 30 KB
9 KB 516ms
466ms Script
application/x-javascript 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/js/ts.min.js?v=20170703
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: cb0e980e96e3761358a9d1310c2675c52a3cf89f71e9d65b1a423dbe11ccdcef

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
content-encoding: gzip
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 9527
last-modified: Fri, 25 Aug 2017 20:27:02 GMT
server: cloudflare-nginx
etag: "dac37482e01dd31:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: application/x-javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4749cf796445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:29 GMT

GET
H/1.1 200
OK script.min.js Show response
www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/js/ 47 KB
20 KB 441ms
440ms Script
application/x-javascript 2400:cb00:2048:1::6814:7f44
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/js/script.min.js?v=0915172

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7f44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

6dc19c6d05a04c7b5327262b09bc76617e319e77818fcb3537d89812a47d9389

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: MISS
Last-Modified: Fri, 15 Sep 2017 14:02:29 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public, max-age=1209600
Connection: keep-alive
CF-RAY: 39ec4749794f63d3-FRA
Content-Length: 20005
X-Xss-Protection: 1; mode=block
Expires: Fri, 29 Sep 2017 14:29:29 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 50 KB
20 KB 63ms
51ms Script
application/javascript 2a00:1450:4001:816::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFS4MQ6

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

cdc3314c35b4d780daa7ac09c47f77163d69422e8bcb61fed0209915a02200a5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 19970
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2017 14:29:29 GMT

GET
H/1.1 200
OK p Show response
i.simpli.fi/ 959 B
966 B 12ms
12ms Script
application/javascript 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=101712&cb=dpx_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=101712&action=100&segment=firstfarmersbankandtrustsite&m=1&sifi_tuid=58881

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

ef9e00d8daae15b57a5391580bf116e58d8d3fab9212afd8bfe7f52cf34b788a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:29 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpx
i.simpli.fi/ 43 B
43 B 12ms
12ms Image
image/gif 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.simpli.fi/dpx?cid=101712&action=100&segment=firstfarmersbankandtrustsite&m=1&sifi_tuid=58881&cbri=662833469689&referrer=

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpx
i.simpli.fi/ 43 B
43 B 11ms
11ms Image
image/gif 5.153.20.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.simpli.fi/dpx?cid=101712&conversion=40&campaign_id=0&m=1&tid=viewthrough&sifi_tuid=58881&cbri=1028965432279&referrer=

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.153.20.138 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8a.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

mapuser
usync.nexage.com/
Redirect Chain

https://um.simpli.fi/nexage
https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55
https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55;cfp=1

43 B
43 B

99ms
99ms

Image
image/gif

152.163.56.2
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55;cfp=1
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 152.163.56.2 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: oneads-sspums-adtech-mtc-blue-b.evip.aol.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:29 GMT
Server: nginx
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:29 GMT
Server: nginx
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://usync.nexage.com/mapuser?providerid=10778&userid=8A149905C9E3BB59966D5F47020EAB55;cfp=1
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

5386
tags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=8A149905C9E3BB59966D5F47020EAB55
https://stags.bluekai.com/site/29931?dt=0&r=444793166&sig=2965575053&bkca=KJpnEnsNzex6Lqx61cVt5ePtzMvN+expzpaN1pWl1eJy5Ux0BxD9Z5y/mx==
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=29849c54-7862-450c-977a-79f092cfc534

62 B
62 B

109ms
97ms

Image
image/gif

104.108.53.91
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=29849c54-7862-450c-977a-79f092cfc534
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.108.53.91 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-53-91.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=86400, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 7d0c
Expires: Sat, 16 Sep 2017 14:29:30 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:20 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: https://tags.bluekai.com/site/5386?id=29849c54-7862-450c-977a-79f092cfc534
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 179

GET custom_login
ffbtci.secure.fundsxpress.com/piles/fxweb.pile/ Frame 1463 0
0

GET
H/1.1 200
OK map-bg.jpg
www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/images/ 21 KB
21 KB 28ms
28ms Image
image/jpeg 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/images/map-bg.jpg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

5800f7b73a31ce927fee2104ad2bc29b67b3e243ab0845ab73bb4ebf1bd87568

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/global/main.css?v=636360772800000000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:13:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=434883
Connection: keep-alive
CF-RAY: 39ec474cf9b60893-FRA
Content-Length: 21434
X-Xss-Protection: 1; mode=block
Expires: Wed, 20 Sep 2017 15:17:32 GMT

GET
H/1.1 200
OK one.svg
www.ffbt.com/Includes/svg/ 3 KB
1 KB 13ms
13ms Image
image/svg+xml 2400:cb00:2048:1::6814:7f44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/one.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7f44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

bd7156f94b35dc76e8098572a7a6fe44c294ca793b70a64e22156df058b3afe1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/global/main.css?v=636360772800000000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:12:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"028318db6acd21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec474cdb7563d3-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
H/1.1 200
OK search.svg
www.ffbt.com/Includes/svg/ 1 KB
797 B 14ms
14ms Image
image/svg+xml 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Includes/svg/search.svg

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

7c84474c967e2bd32c2cd07e574c6e28e4c9e5fbd0982fbab3a3306e5b0db260

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/global/main.css?v=636360772800000000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Apr 2017 20:12:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"028318db6acd21:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 39ec474ced4a2678-FRA
X-Xss-Protection: 1; mode=block
Expires: Mon, 16 Oct 2017 14:29:29 GMT

GET
S 200 json Show response
clients.lk-cs.com/shared/announcements/ 410 B
257 B 399ms
377ms XHR
application/json 2400:cb00:2048:1::6814:5653
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/announcements/json?id=62173&_=1505485769408
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5653 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: ab3d7091ca8eed4043a899be38ecbf27a3be5c58b422c7b6b363fb890e9900e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:30 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: ASP.NET
status: 200
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.ffbt.com
cache-control: private
cf-ray: 39ec474d5b712702-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
S 200 vendor.fullcalendar.min.js Show response
clients.lk-cs.com/shared/js/ 188 KB
57 KB 440ms
440ms Script
application/x-javascript 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/js/vendor.fullcalendar.min.js?_=1505485769409
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 7e40d457c041dd9beba7d24877776a1c1e7e5178dcc344da9ef03e503ef2213f

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:30 GMT
content-encoding: gzip
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 57828
last-modified: Wed, 22 Feb 2017 17:43:31 GMT
server: cloudflare-nginx
etag: "80a37d2e338dd21:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: application/x-javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec474d2a6c6445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:30 GMT

GET
S 200 json Show response
clients.lk-cs.com/shared/external-links/ 1 KB
560 B 395ms
377ms XHR
application/json 2400:cb00:2048:1::6814:5653
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/external-links/json?id=62173&_=1505485769410
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5653 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 3013b79a3fef56bbb49aab04cb77da431a9162ac02d45ac9014a0114059683b5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:30 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: ASP.NET
status: 200
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.ffbt.com
cache-control: private
cf-ray: 39ec474d5b722702-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
S 200 analytics.js Show response
www.google-analytics.com/ 33 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

684517d124adb46b27ef07bdf06ecbff34c2897f4aa53bdf50e8342c5a22d989

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2017 04:27:56 GMT
server: Golfe2
age: 5182
date: Fri, 15 Sep 2017 13:03:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 13799
expires: Fri, 15 Sep 2017 15:03:07 GMT

GET
S 200 l
use.typekit.net/af/13c916/00000000000000003b9ad44f/27/ 23 KB
23 KB 29ms
9ms Font
application/font-woff2 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/13c916/00000000000000003b9ad44f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-15.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: d6e07211868f4a19136f9226043bcd4f1fe6fdff004f5353c64a3b84a19f28a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
server: nginx
etag: "16c01036af04c27cdfb4cbe73fdc98f1df172ea7"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 23672

GET
S 200 l
use.typekit.net/af/0ad641/00000000000000003b9ad452/27/ 25 KB
25 KB 30ms
12ms Font
application/font-woff2 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0ad641/00000000000000003b9ad452/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-15.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: 6e8cb32a32a3075f1ef0e858ee196b5337347698a06b1457cfa3ca35689f7ce1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
server: nginx
etag: "7a3b15a799eea633738cb16a6a249af8219a613e"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 25744

GET
S 200 l
use.typekit.net/af/d50235/00000000000000003b9ad458/27/ 25 KB
25 KB 35ms
17ms Font
application/font-woff2 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d50235/00000000000000003b9ad458/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-15.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: eb0f13cf093499881983b977b0bde097fb25d24486e496ac1926ad9d499ef4be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
server: nginx
etag: "88ff878fee440479df3185202326836c26088a83"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 25812

GET
S 200 l
use.typekit.net/af/8abf9f/00000000000000003b9ad455/27/ 26 KB
26 KB 35ms
17ms Font
application/font-woff2 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8abf9f/00000000000000003b9ad455/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-15.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: 3d5994a68aa658cd1929cafdce2c7d423bf88dc91ece0ff0b499dab81472b42c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
server: nginx
etag: "2cd367837b6333aeed539dc53f7c14341ab1015d"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 26140

GET
S 200 l
use.typekit.net/af/f9bfe5/00000000000000003b9ad44c/27/ 25 KB
25 KB 24ms
6ms Font
application/font-woff2 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f9bfe5/00000000000000003b9ad44c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-15.deploy.akamaitechnologies.com
Software: nginx /
Resource Hash: b34c12e4a047a6a3e7aba80562a5af91d743dc8c95f7bb4c01c589b34f9e9c9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com

Response headers

date: Fri, 15 Sep 2017 14:29:29 GMT
server: nginx
etag: "e30a99adbc6f8e48717c4da0f1ddc4f5ac21287a"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 25820

GET
H/1.1 200
OK ffbt Show response
lkcsunix.com/social/feed/ 2 KB
2 KB 868ms
137ms XHR
text/html 74.205.72.115
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lkcsunix.com/social/feed/ffbt?_=1505485769411
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.205.72.115 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: eb8046ab8a862f87868a687e4e34fd50e3ae30bd57c1f48cce0eeb170c1b65c5

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: Apache
Connection: close
X-Powered-By: PleskLin
Content-Length: 2481
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK number-changer.php Show response
101.xg4ken.com/media/number-changer/voicestar/ 235 B
184 B 122ms
28ms Script
text/plain 52.213.126.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://101.xg4ken.com/media/number-changer/voicestar/number-changer.php
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFS4MQ6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.126.26 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-126-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e8c58b4675f43e8e1323c019517bac68310dd33dc05054e0677c9b36570f505

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Content-Encoding: gzip
X-Debug-Kenshoo-Server: ip-10-174-20-238
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain
Cache-Control: no-cache, no-transform
Connection: keep-alive
Content-Length: 184

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
35 B 29ms
8ms Image
image/gif 2a02:26f0:10c:39a::20c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:39a::20c1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Last-Modified: Mon, 20 Jun 2016 07:32:15 GMT
Server: nginx
ETag: "57679bff-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Mon, 28 Aug 2017 17:02:03 GMT

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
35 B 29ms
8ms Image
image/gif 2a02:26f0:10c:39a::20c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=gwh7fqk&ht=tk&h=www.ffbt.com&f=27077.27079.27082.27083.27086&a=2837&js=1.18.23&app=typekit&e=js&_=1505485769867
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:39a::20c1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:29 GMT
Last-Modified: Mon, 20 Jun 2016 07:32:15 GMT
Server: nginx
ETag: "57679bff-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Mon, 28 Aug 2017 17:02:03 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
53 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j62&a=731150930&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ffbt.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20First%20Farmers%20Bank%20%26%20Trust&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABI~&jid=1502327388&gjid=372199885&cid=1349620888.1505485770&tid=UA-99875283-1&_gid=1297533270.1505485770&_r=1&z=1661082666

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2017 14:29:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tpid=8A149905C9E3BB59966D5F47020EAB55
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55

49 B
49 B

34ms
34ms

Image
image/gif

34.251.221.71
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.221.71 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-221-71.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Cache-Control: no-cache
X-Server: 172.25.11.12
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=8A149905C9E3BB59966D5F47020EAB55
Cache-Control: no-cache
X-Server: 172.25.10.143
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content / Show response
performance.typekit.net/ 0
0 410ms
101ms XHR
text/plain 34.202.80.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://performance.typekit.net/
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gwh7fqk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.80.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-202-80-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Sep 2017 14:29:30 GMT
Cache-Control: private
Connection: keep-alive

GET
H/1.1 200
OK number-changer.js Show response
adtrack.voicestar.com/euinc/ 31 KB
8 KB 408ms
103ms Script
text/javascript 174.137.122.143
Marchex

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.voicestar.com/euinc/number-changer.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFS4MQ6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 174.137.122.143 Seattle, United States, ASN54668 (MARCHEX-EAST - Marchex, Inc., US),
Reverse DNS: adtrack.som1.marchex.com
Software: Apache/2.2 /
Resource Hash: 8924726643d638185235dbe76db35a7a18eba53da67d4169b523ddecddcf4575

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Content-Encoding: gzip
Server: Apache/2.2
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=200

GET
H/1.1

200
OK

8A149905C9E3BB59966D5F47020EAB55
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/
Redirect Chain

https://um.simpli.fi/turn
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A149905C9E3BB59966D5F47020EAB55

43 B
43 B

83ms
30ms

Image
image/gif

46.228.164.13
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzU4MjU1MDUw/mpuid/8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A149905C9E3BB59966D5F47020EAB55

43 B
43 B

401ms
100ms

Image
image/gif

52.6.185.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.185.139 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-185-139.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
S 200 arrow.png
clients.lk-cs.com/id/62173/images/ 18 KB
18 KB 442ms
442ms Image
image/png 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.lk-cs.com/id/62173/images/arrow.png
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: f6f17f81248325d774e5e32570255a28e6d14bfc2bfbacbda57b614bc9f59ecc

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:30 GMT
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 18258
last-modified: Fri, 15 Jul 2016 16:27:04 GMT
server: cloudflare-nginx
etag: "70eee7b8b5ded11:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec474fac5c6445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:30 GMT

GET
H/1.1

200
OK

sync
sync.adaptv.advertising.com/
Redirect Chain

https://um.simpli.fi/adaptv
https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A149905C9E3BB59966D5F47020EAB55

42 B
42 B

405ms
101ms

Image
image/gif

52.20.220.238
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.220.238 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-220-238.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.adaptv.advertising.com/sync?type=gif&key=simplifi&uid=8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
S

200

engine
fei.pro-market.net/
Redirect Chain

https://um.simpli.fi/datonics
https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img;sr

43 B
61 B

22ms
22ms

Image
image/gif

107.178.240.89
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img;sr
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.240.89 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS: 89.240.178.107.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2017 14:29:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-1.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2017 14:29:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-1.c.datonics-gcp-01.internal
status: 302
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://fei.pro-market.net/engine?du=24;csync=8A149905C9E3BB59966D5F47020EAB55;mimetype=img;sr
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=8A149905C9E3BB59966D5F47020EAB55

43 B
43 B

385ms
95ms

Image
image/gif

63.251.114.136
Internap Network ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.114.136 , United States, ASN12181 (INTERNAP-2BLK - Internap Network Services Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap5ewr1
Content-Type: image/gif
Content-Length: 43
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ce.lijit.com/merge?pid=2&3pid=8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

362248.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=8A149905C9E3BB59966D5F47020EAB55
https://idsync.rlcdn.com/419566.gif?partner_uid=8A149905C9E3BB59966D5F47020EAB55&redirect=1
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2fdabd378b3a74a9dd500d534444a95cc118985513a7fd3449ef2bc05a49f69eb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=2fdabd378b3a74a9dd500d534444a95cc118985513a7fd3449ef2bc05a49f69eb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=01025480891911577021352874554778732163

43 B
43 B

104ms
104ms

Image
image/gif

52.1.225.34
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=01025480891911577021352874554778732163
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.225.34 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-225-34.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
X-TID: PTAW9Z0PTJw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://idsync.rlcdn.com/362248.gif?partner_uid=01025480891911577021352874554778732163
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
S 200 event-list Show response
clients.lk-cs.com/shared/events/ 969 B
377 B 374ms
374ms XHR
application/json 2400:cb00:2048:1::6814:5653
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/events/event-list?id=62173&calId=0&limit=3&_=1505485769412
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5653 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: b7bee629f685a6cdb729b1cfee7724af3a8f73d68b1ede083249b680414f6aea

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:30 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: ASP.NET
status: 200
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.ffbt.com
cache-control: private
cf-ray: 39ec47509d5f2702-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
S

204

sync
pixel.advertising.com/ups/55964/
Redirect Chain

https://um.simpli.fi/aol
https://ums.adtech.de/mapuser?providerid=1051;userid=8A149905C9E3BB59966D5F47020EAB55
https://ums.adtech.de/mapuser?providerid=1051;cfp=1;rndc=1505485769;userid=8A149905C9E3BB59966D5F47020EAB55
https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0
https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0&verify=true

0
0

7ms
7ms

Image
text/plain

52.58.109.116
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0&verify=true
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.109.116 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-109-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

status: 204
date: Fri, 15 Sep 2017 14:29:30 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 15 Sep 2017 14:29:30 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55964/sync?uid=8A149905C9E3BB59966D5F47020EAB55&_origin=0&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK getnumdata.js Show response
adtrack.voicestar.com/euinc/ 249 B
181 B 102ms
101ms Script
text/javascript 174.137.122.143
Marchex

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.voicestar.com/euinc/getnumdata.js?var=_vsrkpd.d;acc=Ch4Npll6OhxBYQD-;cky=rkpd_Ch4Npll6OhxBYQD-;ign=1;url=https%3A%2F%2Fwww.ffbt.com%2F;
Requested by: Host: adtrack.voicestar.com
URL: https://adtrack.voicestar.com/euinc/number-changer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 174.137.122.143 Seattle, United States, ASN54668 (MARCHEX-EAST - Marchex, Inc., US),
Reverse DNS: adtrack.som1.marchex.com
Software: Apache/2.2 /
Resource Hash: 9bbcc22c8710907b71299057ce09076857e2b0da09cca26fd22106282af53db8

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Content-Encoding: gzip
Server: Apache/2.2
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI COR NID TAI OUR BUS STA"
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/javascript
Keep-Alive: timeout=1, max=143

GET
H/1.1

200
OK

y_match
um.simpli.fi/
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~6df59d9d88a5fd320eaa9784cd28c41c2b86a6bf&sigv=1&nwid=10001117430
https://um.simpli.fi/y_match?xid=c5zIWdZ5BXbVZfetqKxHklRp

43 B
43 B

12ms
11ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/y_match?xid=c5zIWdZ5BXbVZfetqKxHklRp
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: ATS
Age: 0
Strict-Transport-Security: max-age=0
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://um.simpli.fi/y_match?xid=c5zIWdZ5BXbVZfetqKxHklRp
Cache-Control: private
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK pixel.gif
px.marchex.io/ 43 B
43 B 405ms
99ms Image
image/gif 52.72.11.222
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1505485770492
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.11.222 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-11-222.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Last-Modified: Thu, 08 Jun 2017 23:27:02 GMT
Server: Apache
ETag: "30000083-2b-5517b30a8b960"
P3P: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK pixel.gif
px.marchex.io/ 43 B
43 B 406ms
101ms Image
image/gif 52.72.11.222
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1505485770492&p=k0tGxQ,h3sMxQ,AZ2NxQ,X4VjYR
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.11.222 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-11-222.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Last-Modified: Thu, 08 Jun 2017 23:27:02 GMT
Server: Apache
ETag: "30000083-2b-5517b30a8b960"
P3P: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H/1.1

200
OK

aa_px
um.simpli.fi/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9201915418
https://d.agkn.com/pixel/5502/?sk=164701602449001007528&pd=&l0=https://um.simpli.fi/aa_px?sk=164701602449001007528
https://um.simpli.fi/aa_px?sk=164701602449001007528

43 B
43 B

12ms
11ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/aa_px?sk=164701602449001007528
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:31 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164701602449001007528
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
load.s3.amazonaws.com/
Redirect Chain

https://loadr.exelator.com/load/?p=104&g=870&j=0
https://load.s3.amazonaws.com/pixel.gif

43 B
43 B

394ms
99ms

Image
image/gif

52.216.81.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.s3.amazonaws.com/pixel.gif
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.81.16 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:31 GMT
Last-Modified: Mon, 14 Feb 2011 11:09:26 GMT
Server: AmazonS3
x-amz-request-id: 9A3C0C5F1701327D
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Content-Type: image/gif
x-amz-meta-s3fox-filesize: 43
x-amz-meta-s3fox-modifiedtime: 1297679395316
Accept-Ranges: bytes
Content-Length: 43
x-amz-id-2: XTglFJ5C4oKiz9UjmmXyhPLk6sXLJVSIexIu7Nx2XfJgcfBvkm7Bv7egCboWUO1sMbMvMhgV6XI=

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: nginx/1.10.1
X-Powered-By: Undertow/1
P3P: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location: https://load.s3.amazonaws.com/pixel.gif
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0

GET
S

200

/
www.google.de/ads/conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1505485769248&cv=7&fst=1505485769248&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
https://www.google.com/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id...
https://www.google.de/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id=...

42 B
60 B

40ms
40ms

Image
image/gif

2a00:1450:401b:801::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id=yuO7WZ2TKaTOxgKCkor4Cw&random=1773262513&ipr=y&ulfeg=n

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2017 14:29:30 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Sep 2017 14:29:30 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/conversion/1026675585/?random=1268027092&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&ocp_id=yuO7WZ2TKaTOxgKCkor4Cw&random=1773262513&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 504
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2017 14:29:30 GMT

GET
H/1.1

200
OK

pixel.gif
cdn.spotxcdn.com/media/thumbs/pixel/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A149905C9E3BB59966D5F47020EAB55
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=8A149905C9E3BB59966D5F47020EAB55&__user_check__=1
https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif

43 B
43 B

21ms
6ms

Image
image/gif

92.123.92.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.92.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-198.deploy.akamaitechnologies.com
Software: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Last-Modified: Thu, 26 May 2011 15:59:36 UTC
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ad.turn.com
Cache-Control: max-age=174931
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 43

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: nginx/1.12.0
Location: //cdn.spotxcdn.com/media/thumbs/pixel/pixel.gif
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK feed-facebook.png
www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/images/ 478 B
478 B 12ms
12ms Image
image/png 2400:cb00:2048:1::6814:7e44
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffbt.com/Sitefinity/WebsiteTemplates/Custom/App_Themes/DefaultTheme/images/feed-facebook.png

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6814:7e44 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

265ea205adfee7810e5e7c35e00843e8a4f87ae403bb5d8701ff4c2a82853b89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 18 Apr 2017 12:51:00 GMT
Server: cloudflare-nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=788520
Connection: keep-alive
CF-RAY: 39ec4752dcdd0893-FRA
Content-Length: 478
X-Xss-Protection: 1; mode=block
Expires: Sun, 24 Sep 2017 17:31:30 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=8A149905C9E3BB59966D5F47020EAB55

0
0

50ms
12ms

Image
text/html

185.33.223.209
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=8A149905C9E3BB59966D5F47020EAB55

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.223.209 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:32 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.134:80
AN-X-Request-Uuid: a0bf9201-1f96-4922-b873-d2c4cdc53afe
Server: nginx/1.11.5
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ib.adnxs.com/setuid?entity=66&code=8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/
Redirect Chain

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A149905C9E3BB59966D5F47020EAB55

49 B
60 B

29ms
17ms

Image
image/gif

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
Via: 1.1 varnish
Server: Jetty(9.2.22.v20170606)
Transfer-Encoding: chunked
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif; charset=ISO-8859-1
CW-Server: ams-bh02
X-Served-By: cache-hhn1546-HHN

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365

42 B
42 B

18ms
18ms

Image
image/gif

62.67.193.75
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.75 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: VE_KoFikMytjCYYJpXuqaw
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: /tap.php?cookie_redirect=1&v=6286&nid=2132&put=8A149905C9E3BB59966D5F47020EAB55&expires=365
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8A149905C9E3BB59966D5F47020EAB55
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=8A149905C9E3BB59966D5F47020EAB55

43 B
43 B

13ms
13ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.117.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: OXGW/11.117.0
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=8A149905C9E3BB59966D5F47020EAB55
Date: Fri, 15 Sep 2017 14:29:30 GMT
Server: OXGW/11.117.0
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A149905C9E3BB59966D5F47020EAB55

42 B
42 B

37ms
13ms

Image
image/gif

185.64.189.236
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A149905C9E3BB59966D5F47020EAB55
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.236 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2017 14:29:30 GMT
X-lat: Pug22025:0:315
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8A149905C9E3BB59966D5F47020EAB55
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

204
No Content

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEMCr7kB3q0CFWvOFq0oSAoc&google_cver=1
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A149905C9E3BB59966D5F47020EAB55
https://um.simpli.fi/g_match?id=

0
0

12ms
11ms

Image
text/plain

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: www.ffbt.com
URL: https://www.ffbt.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Fri, 15 Sep 2017 14:29:30 GMT
X-Content-Type-Options: nosniff
Server: openresty
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2017 14:29:30 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 229
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 json Show response
clients.lk-cs.com/shared/banners/ 2 KB
646 B 107ms
106ms XHR
application/json 2400:cb00:2048:1::6814:5653
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.lk-cs.com/shared/banners/json?id=62173&_=1505485769413
Requested by: Host: www.ffbt.com
URL: https://www.ffbt.com/ScriptResource.axd?d=VZjptyMwNT8jj8HXBkKpyjysg5_QKFSdzduNSVHLoGp8wg-AUEl-alIB8m7CGTt96XuYPxciTLk-ybY_8fAZAWfLsViroPuD1LZcuUpRsXfd2_392cTbB4x2Dy78nscCPSYNWWgD0aFNyZRuJ9lPLuhDiG816LIScQCyFmFMbUcdFNBgzFe7JSwxmEQ9MXYhl2btnK6H1sUkPx1Kv7xhiw2&t=4ad06ee9
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5653 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: a6be7a47030ac0817c8a74c6eb2d2ad0333721906331b411bb31ff8d988209e2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ffbt.com/
Origin: https://www.ffbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:31 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: ASP.NET
status: 200
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.ffbt.com
cache-control: private
cf-ray: 39ec4758fb892702-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
S 200 621735521247611-compressed.jpg
clients.lk-cs.com/id/62173/images/ 154 KB
155 KB 473ms
472ms Image
image/jpeg 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.lk-cs.com/id/62173/images/621735521247611-compressed.jpg
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 1cf9f652792d48e2dc7522409098da718e3d9a985bd1cf7f0add6e2a1aae63ec

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:32 GMT
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 158189
last-modified: Fri, 30 Jun 2017 12:59:33 GMT
server: cloudflare-nginx
etag: "223a31b8a0f1d21:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4759bb356445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:32 GMT

GET
S 200 621735561981020-compressed.jpg
clients.lk-cs.com/id/62173/images/ 131 KB
131 KB 460ms
459ms Image
image/jpeg 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.lk-cs.com/id/62173/images/621735561981020-compressed.jpg
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 5a5733d2d2cbb17c2b7cfc238a67af60e5d70c02dfd45ab078791cac33755a1e

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:32 GMT
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 133697
last-modified: Wed, 16 Aug 2017 16:28:32 GMT
server: cloudflare-nginx
etag: "68753b3ac16d31:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4759bb366445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:32 GMT

GET
S 200 621735543764640-compressed.jpg
clients.lk-cs.com/id/62173/images/ 149 KB
149 KB 467ms
467ms Image
image/jpeg 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.lk-cs.com/id/62173/images/621735543764640-compressed.jpg
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 5c43784cc3217a0cd712aef29c3306ea4b4fd9adaf3091a1724054589db17d9e

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:32 GMT
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 152075
last-modified: Wed, 26 Jul 2017 14:27:55 GMT
server: cloudflare-nginx
etag: "6824545f1b6d31:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4759bb376445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:32 GMT

GET
S 200 621735514521470-compressed.jpg
clients.lk-cs.com/id/62173/images/ 244 KB
244 KB 447ms
446ms Image
image/jpeg 2400:cb00:2048:1::6814:5753
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.lk-cs.com/id/62173/images/621735514521470-compressed.jpg
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:5753 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: e122cfb7805b4a0f74a7c65ee89c9f5554dbbeaa71944a83e1f1b2953b65b72e

Request headers

Referer: https://www.ffbt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Fri, 15 Sep 2017 14:29:32 GMT
cf-cache-status: MISS
x-powered-by: ASP.NET
status: 200
content-length: 249657
last-modified: Thu, 22 Jun 2017 18:09:25 GMT
server: cloudflare-nginx
etag: "1f906fae82ebd21:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 39ec4759bb386445-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Sat, 15 Sep 2018 14:29:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ffbtci.secure.fundsxpress.com
URL: https://ffbtci.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=2017&iid=FFBTCI

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure.fundsxpress.com/	1970-01-01 00:00:00	Name: secure.fx.sid.fxweb Value: login%232%23a16584010df584f8%23a43424b78fb4bfa03898da15fde2be48467ed616b60d1dbaad99a12d2596278d5ab81525d05a940aedfc94546541468ff7f354972bdcc920
.secure.fundsxpress.com/	1970-01-01 00:00:00	Name: XSRF-TOKEN Value: zGuBpgXmyg
.ffbt.com/	2017-09-15 14:30:29	Name: _gat Value: 1
.ffbt.com/	2017-09-16 14:29:29	Name: _gid Value: GA1.2.1297533270.1505485770
.ffbt.com/	2019-09-15 14:29:29	Name: _ga Value: GA1.2.1349620888.1505485770
.ffbt.com/	2018-09-15 14:29:28	Name: __cfduid Value: df0557a526610b575dc5f553b22f951961505485768

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101.xg4ken.com
aa.agkn.com
ads.yahoo.com
adtrack.voicestar.com
ajax.googleapis.com
bcp.crwdcntrl.net
bh.contextweb.com
cdn.spotxcdn.com
ce.lijit.com
clients.lk-cs.com
cm.g.doubleclick.net
d.agkn.com
d.turn.com
dpm.demdex.net
fei.pro-market.net
ffbtci.secure.fundsxpress.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
lkcsunix.com
load.s3.amazonaws.com
loadr.exelator.com
match.adsrvr.org
p.typekit.net
performance.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.marchex.io
stags.bluekai.com
sync.adaptv.advertising.com
sync.intentiq.com
sync.search.spotxchange.com
tags.bluekai.com
um.simpli.fi
ums.adtech.de
urldefense.proofpoint.com
us-u.openx.net
use.typekit.net
usync.nexage.com
www.ffbt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
ffbtci.secure.fundsxpress.com
104.108.53.91
107.178.240.89
151.101.112.166
152.163.56.2
156.154.200.36
159.253.128.183
172.217.22.98
172.217.23.130
173.241.240.143
174.137.122.143
184.169.153.255
185.33.223.209
185.64.189.236
185.94.180.126
195.93.42.12
216.52.1.12
2400:cb00:2048:1::6814:5653
2400:cb00:2048:1::6814:5753
2400:cb00:2048:1::6814:7e44
2400:cb00:2048:1::6814:7f44
2a00:1288:110:422::3000
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:824::200a
2a00:1450:401b:801::2003
2a00:1450:401b:801::2004
2a02:26f0:10c:39a::20c1
34.202.80.105
34.251.221.71
46.228.164.13
5.153.20.138
52.1.225.34
52.20.220.238
52.211.103.202
52.213.126.26
52.216.81.16
52.58.109.116
52.6.185.139
52.72.11.222
54.69.22.47
62.67.193.75
63.251.114.136
67.231.146.66
74.205.72.115
92.123.92.198
92.123.94.15
000288ba0c6f985b9f894694d67394ed5187f648035b45b78cab479d668c0b0b
02dc4e34c2446dcab74a375ae0c99405bb33d355d36fb835c5a44a8839978946
04da97b980eb4afb9b5e402e8dc4f0a353b0848bcc8be60b9009b0b4c6aa2446
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1629caf1c9f8e896e42d512484c6250f6920942434b1310001d0fbb70299cd09
1cf9f652792d48e2dc7522409098da718e3d9a985bd1cf7f0add6e2a1aae63ec
1d6ad0245df76857640442457cebd57d660cc39566ab3c3a5f1b53f0803ec0e2
265ea205adfee7810e5e7c35e00843e8a4f87ae403bb5d8701ff4c2a82853b89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3013b79a3fef56bbb49aab04cb77da431a9162ac02d45ac9014a0114059683b5
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3703f722275b5a728213fc5a01b65c49a406be6290e5f6c83626377278da3b29
38dba1d88a1ddd3a0bc8234e03cad9cc0cf6c2193bfd7f7f4038eea2d0763b9d
3d5994a68aa658cd1929cafdce2c7d423bf88dc91ece0ff0b499dab81472b42c
3e8c58b4675f43e8e1323c019517bac68310dd33dc05054e0677c9b36570f505
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5800f7b73a31ce927fee2104ad2bc29b67b3e243ab0845ab73bb4ebf1bd87568
5a5733d2d2cbb17c2b7cfc238a67af60e5d70c02dfd45ab078791cac33755a1e
5c43784cc3217a0cd712aef29c3306ea4b4fd9adaf3091a1724054589db17d9e
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6740ad388b478c2e89c948167568264eb4da02d2b957224dacb8dfb6738390a7
684517d124adb46b27ef07bdf06ecbff34c2897f4aa53bdf50e8342c5a22d989
6dc19c6d05a04c7b5327262b09bc76617e319e77818fcb3537d89812a47d9389
6e8cb32a32a3075f1ef0e858ee196b5337347698a06b1457cfa3ca35689f7ce1
71b0a8592c1f630f017d61d1b4daa190713b5560c41e1fb208ca3b1ca1de9304
7c84474c967e2bd32c2cd07e574c6e28e4c9e5fbd0982fbab3a3306e5b0db260
7e40d457c041dd9beba7d24877776a1c1e7e5178dcc344da9ef03e503ef2213f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a4cc15e5693cd8b5946fa33b9a1cf154cb86f652d1f43be53a6d73ff8cf927
8924726643d638185235dbe76db35a7a18eba53da67d4169b523ddecddcf4575
91c1307ad066438dab1c961dd77f96e8248b24cbc48908fbd5dea0478d5e3e44
9b8360071821f1cb222b51dd7a5e0cb5e954e5142ddc3e739aef358f6a5a175c
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bbcc22c8710907b71299057ce09076857e2b0da09cca26fd22106282af53db8
a6be7a47030ac0817c8a74c6eb2d2ad0333721906331b411bb31ff8d988209e2
ab380189ad8e114011249af1a1efb0a21115e14641e3565450ab4d8fbfe4c610
ab3d7091ca8eed4043a899be38ecbf27a3be5c58b422c7b6b363fb890e9900e8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34c12e4a047a6a3e7aba80562a5af91d743dc8c95f7bb4c01c589b34f9e9c9d
b7bee629f685a6cdb729b1cfee7724af3a8f73d68b1ede083249b680414f6aea
bd7156f94b35dc76e8098572a7a6fe44c294ca793b70a64e22156df058b3afe1
bdf2d0db60b7c0cf9e4d43d5dde5f8eeeaf2d8ec7dc6ded833ea15c26b507b5a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb0e980e96e3761358a9d1310c2675c52a3cf89f71e9d65b1a423dbe11ccdcef
cdc3314c35b4d780daa7ac09c47f77163d69422e8bcb61fed0209915a02200a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d6e07211868f4a19136f9226043bcd4f1fe6fdff004f5353c64a3b84a19f28a6
e0d1fe115b484bc0e5d26ebb6bb6043829efd647684c1204868e8e1e3336f871
e122cfb7805b4a0f74a7c65ee89c9f5554dbbeaa71944a83e1f1b2953b65b72e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb0f13cf093499881983b977b0bde097fb25d24486e496ac1926ad9d499ef4be
eb8046ab8a862f87868a687e4e34fd50e3ae30bd57c1f48cce0eeb170c1b65c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9e00d8daae15b57a5391580bf116e58d8d3fab9212afd8bfe7f52cf34b788a
f44aa3b99b4ba5d0ca208287ad5c426f0fdae10122fc2584812ae3ca4b958065
f6f17f81248325d774e5e32570255a28e6d14bfc2bfbacbda57b614bc9f59ecc
f9d7ae35aba9f8ba59b293b59b3419c309225828966b66ca0bcb6a7f0dd627a6

www.ffbt.com Open in urlscan Pro 2400:cb00:2048:1::6814:7f44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

26 %IPv6

40 Domains

47 Subdomains

35 IPs

6 Countries

1848 kBTransfer

3172 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.ffbt.com Open in urlscan Pro
2400:cb00:2048:1::6814:7f44 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

26 %
IPv6

40
Domains

47
Subdomains

35
IPs

6
Countries

1848 kB
Transfer

3172 kB
Size

6
Cookies

77 HTTP transactions
0 data transactions