www.dfcufinancial.com Open in urlscan Pro
192.124.249.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Submission: On October 25 via manual (October 25th 2023, 3:09:49 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 50 IPs in 6 countries across 47 domains to perform 113 HTTP transactions. The main IP is 192.124.249.110, located in United States and belongs to SUCURI-SEC, US. The main domain is www.dfcufinancial.com. The Cisco Umbrella rank of the primary domain is 977727.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2022. Valid for: a year.

This is the only time www.dfcufinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	192.124.249.110 192.124.249.110	30148 (SUCURI-SEC) (SUCURI-SEC)
1	192.0.54.4 192.0.54.4	62659 (Q2HOLDINGS) (Q2HOLDINGS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:c418	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2.19.126.154 2.19.126.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.59.185.136 52.59.185.136	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:277d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.87.127.42 52.87.127.42	14618 (AMAZON-AES) (AMAZON-AES)
13	2606:4700:440... 2606:4700:4400::ac40:9483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.156.114.187 35.156.114.187	16509 (AMAZON-02) (AMAZON-02)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:493::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	52.57.124.150 52.57.124.150	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
20 26	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	35.166.85.119 35.166.85.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:c800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:48:b1ee:596b:27b5	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.213.152.153 52.213.152.153	16509 (AMAZON-02) (AMAZON-02)
1 1	52.28.142.172 52.28.142.172	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.44 18.245.60.44	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
5 5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	52.3.88.53 52.3.88.53	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.35.103.141 63.35.103.141	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
113	50

21 192.124.249.110 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10110.sucuri.net

www.dfcufinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.54.4 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c418 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-154.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.185.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-185-136.eu-central-1.compute.amazonaws.com

78121.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:277d (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.87.127.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-127-42.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maprtb.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:9483 (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.114.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-114-187.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:493::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.124.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 35.204.158.49 (Groningen, Netherlands) 20 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.85.119 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-85-119.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:48:b1ee:596b:27b5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.152.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-152-153.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.142.172 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-172.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-44.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.88.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-88-53.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.103.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-103-141.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	simpli.fi 20 redirects um.simpli.fi — Cisco Umbrella Rank: 1332 tag.simpli.fi — Cisco Umbrella Rank: 7466 i.simpli.fi — Cisco Umbrella Rank: 6242	15 KB
21	dfcufinancial.com www.dfcufinancial.com — Cisco Umbrella Rank: 977727	521 KB
15	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 11257 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 7434 analytics.audioeye.com — Cisco Umbrella Rank: 8854	307 KB
7	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
7	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 75283 connect.segmint.net — Cisco Umbrella Rank: 96578 maprtb.segmint.net — Cisco Umbrella Rank: 171315	19 KB
5	gstatic.com fonts.gstatic.com	111 KB
4	w55c.net 2 redirects tags.w55c.net — Cisco Umbrella Rank: 5792	2 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3588 pbid.pro-market.net — Cisco Umbrella Rank: 14625	1 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	751 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1031	1 KB
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 3300 bs.serving-sys.com — Cisco Umbrella Rank: 2046	25 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2754	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 936 d.agkn.com — Cisco Umbrella Rank: 1055	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 933	712 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	610 B
2	t.co t.co — Cisco Umbrella Rank: 707	580 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1150	21 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	30 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3974	562 B
2	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	920 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	182 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	7 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 649	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 178	546 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 719	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1486	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 984	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 2870	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1438
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 9927	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 713	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1092	238 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	17 KB
1	siteimproveanalytics.io 78121.global.siteimproveanalytics.io	476 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 7517	10 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	12 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 30829	170 KB
113	47

	Domain	Requested by
26	um.simpli.fi	20 redirects
21	www.dfcufinancial.com	www.dfcufinancial.com
13	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	4 redirects
4	tags.w55c.net	2 redirects www.dfcufinancial.com
3	tr.snapchat.com	sc-static.net
3	ct.pinterest.com	s.pinimg.com www.dfcufinancial.com
3	connect.segmint.net	cds-sdkcfg.onlineaccess1.com cdn.segmint.net
3	cdn.segmint.net	www.dfcufinancial.com cds-sdkcfg.onlineaccess1.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	analytics.twitter.com	www.dfcufinancial.com
2	t.co	www.dfcufinancial.com
2	connect.facebook.net	www.dfcufinancial.com connect.facebook.net
2	s.pinimg.com	www.dfcufinancial.com s.pinimg.com
2	static.ads-twitter.com	www.dfcufinancial.com
2	www.google.de	www.dfcufinancial.com
2	stats.g.doubleclick.net	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com
2	secure-ds.serving-sys.com	www.dfcufinancial.com cds-sdkcfg.onlineaccess1.com
2	www.google-analytics.com	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com
2	www.googletagmanager.com	www.dfcufinancial.com www.googletagmanager.com
2	cdnjs.cloudflare.com	www.dfcufinancial.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	tag.simpli.fi	connect.segmint.net
1	maprtb.segmint.net	connect.segmint.net
1	www.facebook.com	www.dfcufinancial.com
1	sc-static.net	www.dfcufinancial.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	wsmcdn.audioeye.com	www.dfcufinancial.com
1	region1.analytics.google.com	www.googletagmanager.com
1	78121.global.siteimproveanalytics.io	www.dfcufinancial.com
1	siteimproveanalytics.com	www.dfcufinancial.com
1	cdn.jsdelivr.net	www.dfcufinancial.com
1	code.jquery.com	www.dfcufinancial.com
1	fonts.googleapis.com	www.dfcufinancial.com
1	cds-sdkcfg.onlineaccess1.com	www.dfcufinancial.com
113	59

This site contains links to these domains. Also see Links.

Domain
oac.fmsiportal.com
online.dfcufinancial.com
forms.fivision.com
www.dfcucfsinvest.com
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.dfcufinancial.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-22` - `2023-12-06`	a year	crt.sh
onlineaccess1.com GTS CA 1P5	`2023-09-15` - `2023-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.segmint.net Amazon RSA 2048 M02	`2023-03-01` - `2023-12-30`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M02	`2023-09-08` - `2024-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2023-11-01`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2023-09-17` - `2024-10-16`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Frame ID: D7D1B5558545296E053014E6F7FF7C6F
Requests: 65 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1dd5dpKA
Frame ID: F6C3772E533F34F37906708FD11E4091
Requests: 27 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 4A58C83A2BAB581B4CBEE46FFE9E9F92
Requests: 3 HTTP requests in this frame

Frame: https://s.pinimg.com/ct/core.js
Frame ID: F56C849768002F26C4F2703D04B14CF3
Requests: 4 HTTP requests in this frame

Frame: https://sc-static.net/scevent.min.js
Frame ID: 4E7B18C576D579757FF59517ADC208FC
Requests: 3 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: BE097F8DF9082FE20A9324E51462566F
Requests: 3 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: 348AD21A6D35E33FA09DF5986269C2E2
Requests: 3 HTTP requests in this frame

Frame: https://tags.w55c.net/rs?sccid=224dcbc0-1e93-8ef5-4efe-50b6a23b1c6f&scc=1&id=1db187f6ffea4268827a55dc8d075567&t=marketing
Frame ID: 5746F6D889CDB05B3052ABF00494B2E2
Requests: 1 HTTP requests in this frame

Frame: https://tags.w55c.net/rs?sccid=3538a9d4-9627-b901-6791-6ad915ef7f56&scc=1&id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing
Frame ID: 8C3CB7E4EFB8AD5F95AF213294D3578C
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2FEF6CE0DB0C9D709CD59CF0057EB245
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=241a3c01-f453-4009-9bc1-3b90dccbec19&u_scsid=f433c4fb-9df4-48bd-bb3b-690228bc4482&u_sclid=ddc4bc9d-20a6-4177-8923-6bd41d178026
Frame ID: F896D29D0E9951E256BFE9C8761F3FE6
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2a460da
Frame ID: 989DAF1F74BB107A9E844EE814B1D0DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DFCU Online - DFCU Financial close carousel

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

113
Requests

80 %
HTTPS

39 %
IPv6

47
Domains

59
Subdomains

50
IPs

6
Countries

1595 kB
Transfer

3904 kB
Size

41
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://oac.fmsiportal.com/AppointmentWidget/?urlCode=AOMFL04HS29XWOHL1POI
Title: Appointment

Search URL Search Domain Scan URL

URL: https://online.dfcufinancial.com/dfcufinancialonline/Login.aspx
Title: DFCU Online

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/dfcufinancial/oa/default.aspx
Title: Become a Member

Search URL Search Domain Scan URL

URL: http://www.dfcucfsinvest.com/
Title: Investments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/DFCU-Financial/1462138237350971

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dfcufinancial

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/73445?trk=vsrp_companies_cluster_name&trkInfo=VSRPsearchId%3A759341891402515955989%2CVSRPtargetId%3A73445%2CVSRPcmpt%3Acompanies_cluster

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://tags.w55c.net/rs?id=1db187f6ffea4268827a55dc8d075567&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=224dcbc0-1e93-8ef5-4efe-50b6a23b1c6f&scc=1&id=1db187f6ffea4268827a55dc8d075567&t=marketing

Request Chain 59

https://tags.w55c.net/rs?id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=3538a9d4-9627-b901-6791-6ad915ef7f56&scc=1&id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing

Request Chain 72

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 85

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 86

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/2FBF231D9DD24571B43AD3832185E3BD HTTP 302
https://sync.1rx.io/usersync/simplifi/2FBF231D9DD24571B43AD3832185E3BD?zcc=1&cb=1698246586184 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003

Request Chain 87

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=2FBF231D9DD24571B43AD3832185E3BD&dongle=yf3

Request Chain 88

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 89

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 90

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2FBF231D9DD24571B43AD3832185E3BD HTTP 302
https://d.agkn.com/pixel/10751/?che=1698246586234&ip=217.114.218.27&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219743204680003302519 HTTP 302
https://um.simpli.fi/aa_px?sk=219743204680003302519 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 91

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 94

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2FBF231D9DD24571B43AD3832185E3BD;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2FBF231D9DD24571B43AD3832185E3BD;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzkwODcxNjM4NDg3MzE3MDUwOQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEBzoWnfwpGgsUPvFyPzrsrA&google_cver=1

Request Chain 95

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0&xl8blockcheck=1

Request Chain 97

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 98

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 99

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 100

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 101

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 102

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698246586047&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=ui85ZaTlCLKYlQeU_L_YDg&sscte=1&crd=&pscrd=IhMIpKqIxL2RggMVMkzlCh0U_g_r HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIxL2RggMVMkzlCh0U_g_r&is_vtc=1&ocp_id=ui85ZaTlCLKYlQeU_L_YDg&cid=CAQSKQDICaaN42Jm4K8kpPnyQzBQxJfnObDNywC87gN3VcO2HDDuio3kO3f3&random=794843534 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIxL2RggMVMkzlCh0U_g_r&is_vtc=1&ocp_id=ui85ZaTlCLKYlQeU_L_YDg&cid=CAQSKQDICaaN42Jm4K8kpPnyQzBQxJfnObDNywC87gN3VcO2HDDuio3kO3f3&random=794843534&ipr=y

Request Chain 104

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=2FBF231D9DD24571B43AD3832185E3BD HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2FBF231D9DD24571B43AD3832185E3BD

Request Chain 105

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2FBF231D9DD24571B43AD3832185E3BD&expires=365

Request Chain 106

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2FBF231D9DD24571B43AD3832185E3BD

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEIERXY-8qB1O4a28bq4-YVE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FBF231D9DD24571B43AD3832185E3BD HTTP 302
https://um.simpli.fi/g_match?id=

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dfcu-online Show response
www.dfcufinancial.com/services/anywhere-banking/ 58 KB
17 KB 739ms
652ms Document
text/html 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

805f4308362361fc6925c4426e069643be3c6a992dc26bf163a19a8991a4b8c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: deflate
content-length: 17202
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 15:09:41 GMT
expires: -1
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-inetsitetype: production
x-sucuri-cache: MISS
x-sucuri-id: 15010
x-xss-protection: 1; mode=block

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 302 KB
170 KB 268ms
207ms Script
application/javascript 192.0.54.4
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4afacb34cb482f73352555afbf6b759784b2da0ea9837a1d659ac6d18a6138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:42 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 81bb61d44e3b3828-FRA
expires: 0

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 93ms
43ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:400,300|Roboto+Slab:400,700

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83ca7ff82e7535ce52c0aa459efff3ebc46409d530b8e4bdfe7a377f62d83790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 15:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:09:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 15:09:42 GMT

GET
H2 200 GetResource.ashx
www.dfcufinancial.com/CMSPages/ 2 KB
1 KB 23ms
20ms Stylesheet
text/css 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=lightbox&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

35448410d6184659f33a51be96e967d883f51f363b98830500a73fa885fa452d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="Lightbox.css"
content-length: 861
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 19 Sep 2023 16:29:42 GMT
server: nginx
etag: "cssstylesheet|16b62e59-7117-4596-aeb4-3a82e881107d"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-inetsitetype: production
x-sucuri-id: 15010
expires: Thu, 26 Oct 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx
www.dfcufinancial.com/CMSPages/ 200 KB
37 KB 31ms
28ms Stylesheet
text/css 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=sitestyle&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

4a95d68533578ff5db751d35076230f3abf3effc48e42167bda0ef70dbf19931

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="Sitestyle.css"
content-length: 36924
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 28 Feb 2023 21:32:44 GMT
server: nginx
etag: "cssstylesheet|ad9b07c7-3efa-4fbc-898b-8c1bcb517689"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-inetsitetype: production
x-sucuri-id: 15010
expires: Thu, 26 Oct 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx
www.dfcufinancial.com/CMSPages/ 16 KB
4 KB 51ms
48ms Stylesheet
text/css 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=dfcu2023&version=b66c0447-9304-444e-9d1a-8c2fcb410759

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

48e1e8cf5aedc8bc7103dc90515d429ca23696bb9f8fca5a21a60c2ddab3d717

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="Dfcu2023.css"
content-length: 3441
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Sep 2023 19:09:13 GMT
server: nginx
etag: "cssstylesheet|b66c0447-9304-444e-9d1a-8c2fcb410759"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-inetsitetype: production
x-sucuri-id: 15010
expires: Thu, 26 Oct 2023 15:00:30 GMT

GET
H2 200 ekko-lightbox.css
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ 7 KB
3 KB 100ms
33ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2505010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2408
last-modified: Mon, 04 May 2020 16:09:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e41-1be7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQDgM6YIEEmGuaUrFWKX3DplClKRmSuQrBnEk56zevBEqyw7wm9s19rDXlKTKT1ctRqTq0V713MgXS8G6g9NOf69bLhQfteVdtl7MqUsUjVLEv%2BFE9Bx3iQeONI8Y4M7HyP56JgU4ADo06jki8UsqtzQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81bb61d44eb55d3c-FRA
expires: Mon, 14 Oct 2024 15:09:42 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 63ms
20ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://www.dfcufinancial.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3444384
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230116-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698246582.425641,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 27, 4550

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 265ms
22ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 01:05:39 GMT
Via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Sep 2023 12:33:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 50644
ETag: "6bdf8bf9c48aef3424ec8556d42ae32e"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16163
X-Amz-Cf-Id: UgpyQH611EVpKllwKPKC1_x8U2ttgQsmmJ8T2hR7nTyNP3tESwawAQ==

GET
H2 200 WebResource.axd Show response
www.dfcufinancial.com/ 23 KB
6 KB 50ms
48ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZAXO9j24o-ZZIG2J4pNa1aCea0DY690fXP19aOU2bUVuII9KElF9Hg0pnEpt9E8Tdw2&t=638259260865233147

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 6007
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 26 Jul 2023 03:54:46 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 23 Oct 2024 14:56:40 GMT

GET
H2 200 ScriptResource.axd Show response
www.dfcufinancial.com/ 100 KB
25 KB 51ms
49ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvmMnN0Xk1bk2FZIopKdWg6C3oNi0avVnFFNOjjphicotqa5OaH-1D8LbZRoABYJ5FY2kifulCrRfXMuX6BbT7M0r1rrSh-MxNoj9GGHNlCEQzNESQwbkbamaB3PGmJb2l2t4ZNH5bPhF8rjHaDbYY5I1&t=ffffffffb1d0f179

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 25609
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Oct 2023 14:56:40 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 23 Oct 2024 14:56:40 GMT

GET
H2 200 ScriptResource.axd Show response
www.dfcufinancial.com/ 39 KB
10 KB 51ms
49ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OLueg0xx2Ut7EvFmiYf4CuGC2Rk8j1xxJZcgsa8X7xgo9BBp3cTOAu0FIfz5Yd8v3dOEdIbpxdu3SIthSZmMFBJ10WFYAgm_RkK-pICjENfhWZNP1vOYHnSOcuPpG33XrKiuOR-tj2F_DnNZ2SlDfLA1&t=ffffffffb1d0f179

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 9984
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 24 Oct 2023 14:56:40 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 23 Oct 2024 14:56:40 GMT

GET
H2 200 dfcu-logo.svg
www.dfcufinancial.com/getmedia/aedc1e05-3f03-4d79-a672-3bb43915b946/ 5 KB
5 KB 51ms
50ms Image
image/svg+xml 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfcufinancial.com/getmedia/aedc1e05-3f03-4d79-a672-3bb43915b946/dfcu-logo.svg?ext=.svg

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

2a571d0b804f432802a104933baf75c81ff82986165a75a312d9f734f90ea596

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
content-disposition: attachment; filename="dfcu-logo.svg"
content-length: 5070
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 16 Mar 2023 19:19:09 GMT
server: nginx
etag: "3/16/2023 7:19:09 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero-default.jpg
www.dfcufinancial.com/8BASE/media/images/heroimages/ 169 KB
170 KB 193ms
192ms Image
image/jpeg 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfcufinancial.com/8BASE/media/images/heroimages/hero-default.jpg?ext=.jpg

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

8b573273f7574cdb82b401f679f67982a85323349f984d6f0fab55330e3274d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: MISS
content-length: 173248
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 08 Dec 2015 15:20:33 GMT
server: nginx
etag: "321799fbcb31d11:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ncua-blue.svg
www.dfcufinancial.com/8base/media/images/logos/ 134 KB
134 KB 22ms
21ms Image
image/svg+xml 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfcufinancial.com/8base/media/images/logos/ncua-blue.svg

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

05da20e0291dba8791e033bf7e3afd8876369044ebabbd35a43a60a586b18f47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
content-length: 136739
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 10 May 2023 14:40:01 GMT
server: nginx
etag: "1518784d4d83d91:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ehl.svg
www.dfcufinancial.com/8base/media/images/logos/ 689 B
1 KB 21ms
21ms Image
image/svg+xml 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfcufinancial.com/8base/media/images/logos/ehl.svg

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

11ebfbebd500f2de867eb3ff78775054b1c1d5970c515f8d121f8b5de960ee8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
content-length: 689
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 10 May 2023 14:40:02 GMT
server: nginx
etag: "2335fe4d4d83d91:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 39 KB
12 KB 91ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfcufinancial.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12784449
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230057-FRA, cache-yyz4520-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ew3xnGieTE1%2BJh0ZGcQ1guUxQY2BtZU8SL%2BZF4jRa1EL4S6gPVdfIumqFRLsJY3uCjTZB7FT3tN8yBQTpPfMHPPBowAUyDWKrPx0Dgwn%2FVQoTBVRiGUNJjSExiQZh5vzrFA0flMtYQyI62hseA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81bb61d51e40371c-FRA

GET
H2 200 ekko-lightbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ 14 KB
4 KB 38ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.min.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635ad19704f34f92b98610817c01560010f8714d77406b9137a3f96a97d6cd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2466864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3757
last-modified: Mon, 04 May 2020 16:09:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e41-3961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLK%2BejohhTlW3S%2FM9YIEOaMrGwYi7OCrV2i1efip6KbfX1nm3rr5y8YtbH%2BBotJMuzYuhBCMARpTx9jfSoB6Q4YNYWqfgGejcKXHu0J3aBHZVKzeZ8WohwutI2Z2SjJ8e%2B9HXEhP3QGt5QU52kc6E2I%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81bb61d54fe85d3c-FRA
expires: Mon, 14 Oct 2024 15:09:42 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 2 KB
1 KB 22ms
22ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/inetsolution/global.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

9afd5a288214a4371e84adc8d5dabc77acbcfdea549d205144466207370f8a50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="global.js"
content-length: 686
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 21 Nov 2017 20:35:17 GMT
server: nginx
etag: "file|11/21/2017 3:35:17 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 16 KB
5 KB 21ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=/CMSScripts/Custom/bootstrap/jasny-bootstrap.min.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

1fc35aced07c956c6d19908ab6ca08b8d7d3bb6805204cecddfda9316be8f4f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="jasny-bootstrap.min.js"
content-length: 4839
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 10 Aug 2015 17:17:51 GMT
server: nginx
etag: "file|8/10/2015 1:17:51 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 21 KB
8 KB 21ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/inetsolution/jquery.magnific-popup.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

c7a521be007b8d197d197c165d1e2be63bb250be8ce51c5c48b3ac4c263a85d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="jquery.magnific-popup.js"
content-length: 7743
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 30 Aug 2018 21:02:34 GMT
server: nginx
etag: "file|8/30/2018 5:02:34 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 37 KB
13 KB 21ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=/CMSScripts/Custom/inetsolution/jquery.tablesorter.min.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

4454849eab522f11da22642a43bf7be2333b9e30a5bf912c09290f31a8bb82ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="jquery.tablesorter.min.js"
content-length: 12646
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Oct 2015 19:56:12 GMT
server: nginx
etag: "file|10/7/2015 3:56:12 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 19 KB
7 KB 21ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=/CMSScripts/Custom/inetsolution/jquery.tablesorter.pager.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

dcf44a1b5780e391e9ac67a5f09f568fc533ae65fe41792962ffb81a7ac3c0af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="jquery.tablesorter.pager.js"
content-length: 6421
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Oct 2015 19:48:42 GMT
server: nginx
etag: "file|10/7/2015 3:48:42 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 2 KB
1 KB 22ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=/CMSScripts/Custom/inetsolution/js.cookie-2.0.3.min.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

67db9831abcc4684c5324a190e7bc2904da29f8d2632c3da10a06875179c6581

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="js.cookie-2.0.3.min.js"
content-length: 843
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 13 Oct 2015 20:52:45 GMT
server: nginx
etag: "file|10/13/2015 4:52:45 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 GetResource.ashx Show response
www.dfcufinancial.com/CMSPages/ 2 KB
2 KB 22ms
21ms Script
application/x-javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSPages/GetResource.ashx?scriptfile=~/CMSScripts/Custom/inetsolution/popuppo.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

88c709c99a9ccb4391b33517947a5773b37b599f1910e33acd2e944dd4e3d526

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: deflate
x-sucuri-cache: HIT
content-disposition: attachment; filename="popuppo.js"
content-length: 1085
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 06 Dec 2016 21:18:47 GMT
server: nginx
etag: "file|12/6/2016 4:18:47 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
x-inetsitetype: production
x-sucuri-id: 15010
expires: Wed, 01 Nov 2023 15:00:30 GMT

GET
H2 200 speedbump.js Show response
www.dfcufinancial.com/CMSScripts/Custom/inetsolution/ 4 KB
2 KB 23ms
22ms Script
application/javascript 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/CMSScripts/Custom/inetsolution/speedbump.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

52b8fe444191b28ad75c6f23473d49a2965c9fd6a5a520d7d22a98e3111ccc7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1276
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 22 Oct 2018 14:33:48 GMT
server: nginx
etag: "df54923e146ad41:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-inetsitetype: production
cache-control: max-age=315360000
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H/1.1 200
OK 5984102c-dfab-4cb7-b227-6c60b462b7f1.json
cdn.segmint.net/ Frame 0
0 812ms
399ms Preflight 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/5984102c-dfab-4cb7-b227-6c60b462b7f1.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.dfcufinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 15:09:44 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
X-Amz-Cf-Id: XyUPwisFooiJy6M4YC0pX86a6uY4-5D3JRkbbNHRgwufGXFLnHdqFA==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 308 KB
96 KB 474ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZR69K

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

346a565f45dbd87fe8d6f0a8324cbe5add645feab6c14858eabace1661b60d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 15:09:43 GMT

GET
H/1.1 200
OK 5984102c-dfab-4cb7-b227-6c60b462b7f1.json Show response
cdn.segmint.net/ 313 B
923 B 26ms
20ms XHR
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/5984102c-dfab-4cb7-b227-6c60b462b7f1.json
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54d17b26595019c50c27508837a3b05f8fb85636307949fe11177865cd099231

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Oct 2023 15:00:47 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 551
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Mon, 09 Mar 2020 17:52:33 GMT
Server: AmazonS3
ETag: "3466713880e7509f55e8aed3b29518b9"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: 3ve0pOK7g23pEgkYj-uAP3yrgVUSrMnDGnUkSK1aeOiSA5Y2VHQ6hQ==

GET
H2 200 siteanalyze_78121.js Show response
siteimproveanalytics.com/js/ 27 KB
10 KB 468ms
57ms Script
application/javascript 2606:4700:e6::ac40:c418
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_78121.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c418 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07adb6ab966baf5a5a8d9b0044432b2a7091fcb3c1c6d396b0acca36c358fab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:43 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DSENWPJ2143ZSB29
alt-svc: h3=":443"; ma=86400
content-length: 9264
x-amz-id-2: BCYK7znQs9cmZCXw1ZEagKRGiZiAZK96crD3dOQbvCzwwu5+AMBwecbXtQuWloEH+L5ZinbKMZw=
last-modified: Tue, 07 Mar 2023 20:49:10 GMT
server: cloudflare
etag: "19fb78592289a4c82210363323e9d86d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjaALokH80xPjiZVvdLaflGypYD4ME7SS8DOZCYNNIdwNdp0qPi7qXoiXBufKqeRiuaotGDggyjL8UCXHcY4UHtCPXNddmSyxlc7AIGkXsQ2uPUfCwMPqiGLdPVI%2BEHvKSJVts8frR5dQI2oqHaF1fbZFsqdja0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 81bb61d958535b5c-FRA

GET
H2 200 cream_pixels.png
www.dfcufinancial.com/8BASE/media/images/core/ 186 B
631 B 606ms
605ms Image
image/png 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfcufinancial.com/8BASE/media/images/core/cream_pixels.png

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=sitestyle&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

89997a113ef07f2057da060c8c178c3008d26134eda5852d04ff4cb2835a2870

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=sitestyle&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:43 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: MISS
content-length: 186
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 10 Aug 2015 14:58:22 GMT
server: nginx
etag: "7a18a807dd3d01:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 438ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:400,300|Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 78209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 17:26:14 GMT

GET
H2 200 fontawesome-webfont.woff
www.dfcufinancial.com/8BASE/media/fonts/ 70 KB
70 KB 23ms
22ms Font
application/x-font-woff 192.124.249.110
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfcufinancial.com/8BASE/media/fonts/fontawesome-webfont.woff?v=4.3.0

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=sitestyle&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.110 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10110.sucuri.net

Software

nginx /

Resource Hash

e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dfcufinancial.com/CMSPages/GetResource.ashx?stylesheetname=sitestyle&version=ad9b07c7-3efa-4fbc-898b-8c1bcb517689
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:42 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
content-length: 71508
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Aug 2015 20:16:08 GMT
server: nginx
etag: "b0e11fe44d6d01:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-font-woff
cache-control: max-age=315360000
x-inetsitetype: production
x-sucuri-id: 15010
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 424ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:400,300|Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:07:48 GMT
x-content-type-options: nosniff
age: 594115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:07:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 408ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:400,300|Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 161460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 403ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:400,300|Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 144456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
BLOB 200
OK 961cd7f4-23e7-4e93-8b1a-4131bb727a6d
https://www.dfcufinancial.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dfcufinancial.com/961cd7f4-23e7-4e93-8b1a-4131bb727a6d
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
87 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SJZ0WLRJTP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZR69K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

611c99f79cf64696d424ff49204b608ddfc24e239529759f6b2fd1f0f46ec13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 15:09:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZR69K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 13:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4690
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 15:51:33 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 74 KB
22 KB 190ms
38ms Script
application/javascript 2.19.126.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=5050
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:43 GMT
content-encoding: gzip
x-amz-request-id: XKGHZFD3MWE70SZ5
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 21820
x-amz-id-2: gWr3vmZpuUzRmaKoPVdSs4ykeAN462JpboAK4ld9+bVsv5xw5w9p3fV9vmBtMtnNjQiNw7PfAEA=
last-modified: Wed, 06 Sep 2023 14:35:36 GMT
server: AmazonS3
etag: "220840acac0b72605c541d1c968febe3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=812
accept-ranges: bytes
x-amz-cf-id: Jp9zwROH3po8zTkriAo-o-qhv3WHYM2JGt8p3Mza7an2zSSb460m_g==

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 image.aspx
78121.global.siteimproveanalytics.io/ 34 B
476 B 139ms
19ms Image
image/gif 52.59.185.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://78121.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&title=DFCU%20Online%20-%20DFCU%20Financial&res=1600x1200&accountid=78121&rt=1879&prev=24146014-9b33-45da-6bf7-e7abd1363e16&luid=e4595354-ba22-50f4-9731-c013e26e769c&rnd=31264
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.185.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-185-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 25 Oct 2023 15:09:43 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 25 Oct 2023 15:09:43 UTC

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 84ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SJZ0WLRJTP&gtm=45je3an0v867555634z871628070&_p=1997314714&_gaz=1&cid=314289036.1698246584&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698246583&sct=1&seg=0&dl=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&dt=DFCU%20Online%20-%20DFCU%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SJZ0WLRJTP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfcufinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 94ms
30ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SJZ0WLRJTP&cid=314289036.1698246584&gtm=45je3an0v867555634z871628070&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SJZ0WLRJTP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfcufinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 103ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SJZ0WLRJTP&cid=314289036.1698246584&gtm=45je3an0v867555634z871628070&aip=1&z=1153359938

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 31ms
30ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1997314714&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&ul=en-us&de=UTF-8&dt=DFCU%20Online%20-%20DFCU%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=560649533&gjid=1392375509&cid=314289036.1698246584&tid=UA-15287869-1&_gid=887864154.1698246584&_r=1&_slc=1&gtm=45He3an0n71TZR69Kv71628070&z=1862417070

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfcufinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 41ms
30ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15287869-1&cid=314289036.1698246584&jid=560649533&gjid=1392375509&_gid=887864154.1698246584&_u=YADAAAAAAAAAAC~&z=1135639305

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Oct 2023 15:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfcufinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5050 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 11 KB
2 KB 558ms
464ms XHR
application/octet-stream 2.19.126.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/5050
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a926511a1fe5770671ed030998e2f38a2ad0744b4c016610930339cb534897cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: gJEHY0sk0dF1VCgvCQo63gBX0vSM5RWy
content-encoding: gzip
date: Wed, 25 Oct 2023 15:09:44 GMT
last-modified: Wed, 25 Oct 2023 14:23:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "13fb83b6661305f3ff66dcc673f95b7c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: xSpuTko55JZmSVvCeDk-L1FMFRF5KNYl-JKieVHTiQCXKT-aA1kMFw==
content-length: 1302

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1 KB
694 B 501ms
82ms Script
application/javascript 2606:4700:4400::6812:277d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:277d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9167f30f937b4fc11de25964e404eb08b09659be0f3434fbd92af624ab9ee33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 113
etag: W/"2b51869ac9b08240168d30702a01f618"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 81bb61deeab318b3-FRA

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 686ms
137ms Preflight 52.87.127.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-127-42.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dfcufinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.dfcufinancial.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 15:09:44 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
646 B 968ms
131ms XHR
text/plain 52.87.127.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-127-42.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:45 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://www.dfcufinancial.com
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1dd5dpKA Show response
connect.segmint.net/iframe/doughnut/ Frame F6C3 509 B
1 KB 1520ms
143ms Document
text/html 52.87.127.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1dd5dpKA

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-127-42.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dfcufinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Wed, 25 Oct 2023 15:09:45 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: ad0a274e0fad1f60
X-B3-TraceId: ad0a274e0fad1f60
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 56 KB
20 KB 476ms
254ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=02b9012fe6ac5e24a6a4bf82a085650e&cb=2a460da
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4ddc415e653377680ec839b0e5fc6168952beb1d63b3b3bab3c2166159c780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: br
surrogate-keys: 02b9012fe6ac5e24a6a4bf82a085650e
cf-cache-status: HIT
server: cloudflare
etag: W/"62d3a6b6680f41b32fff2dae412acf45"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600, s-maxage=21600
cf-ray: 81bb61e08f33bb32-FRA

GET
H2 200 Serving Show response
bs.serving-sys.com/ 5 KB
2 KB 240ms
70ms Script
text/html 35.156.114.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=5050&dispType=js&sync=0&sessionid=3477946519260608806&pageurl=$$https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online$$&activityValues=$$Session%3D3199300662222430953$$&ns=0&rnd=1755053446&uinadv=%7B%7D&ccpastatus=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=5050
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.114.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-114-187.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c4ecedb6a69050b6d3c2bd4934738a2f26831dd1adf609fd57cd6b428a9031ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 1615
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 4A58 56 KB
15 KB 129ms
35ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230042-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ Frame F56C 4 KB
2 KB 228ms
25ms Script
application/javascript 2a02:26f0:480:493::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:493::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "9928a24818ebe5caf4dcef81e67e3283"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1736

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 4E7B 38 KB
17 KB 148ms
72ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16800
x-amz-cf-id: n55JrdyqVmh3ohMstVa7XHZitib-2GgE_1LSKVqTqr4izQ96OqlOPQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame BE09 56 KB
15 KB 106ms
38ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230042-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 348A 199 KB
53 KB 97ms
35ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 15:09:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: CE66PPYANDO4wVpo+ezOmohNP7kspgYy6UFPNbzgBTJuxhB7xpYnr51gjyzpZeO6MIAesYqrhVrSsn/KNMOpEw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/ Frame 5746
Redirect Chain

https://tags.w55c.net/rs?id=1db187f6ffea4268827a55dc8d075567&t=marketing
https://tags.w55c.net/rs?sccid=224dcbc0-1e93-8ef5-4efe-50b6a23b1c6f&scc=1&id=1db187f6ffea4268827a55dc8d075567&t=marketing

42 B
580 B

23ms
23ms

Image
image/gif

52.57.124.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=224dcbc0-1e93-8ef5-4efe-50b6a23b1c6f&scc=1&id=1db187f6ffea4268827a55dc8d075567&t=marketing

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

HTTP/1.1

Server

52.57.124.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=224dcbc0-1e93-8ef5-4efe-50b6a23b1c6f&scc=1&id=1db187f6ffea4268827a55dc8d075567&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/ Frame 8C3C
Redirect Chain

https://tags.w55c.net/rs?id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing
https://tags.w55c.net/rs?sccid=3538a9d4-9627-b901-6791-6ad915ef7f56&scc=1&id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing

42 B
580 B

24ms
24ms

Image
image/gif

52.57.124.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=3538a9d4-9627-b901-6791-6ad915ef7f56&scc=1&id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

HTTP/1.1

Server

52.57.124.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=3538a9d4-9627-b901-6791-6ad915ef7f56&scc=1&id=8ea23bde30f94354b287cc0d506c7bb3&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 4A58 43 B
377 B 178ms
125ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=29e9052f-5e66-414c-8832-63d9ff97da7d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9bf7601d-2aa8-478c-b025-786bc858f8d0&tw_document_href=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_document_referrer=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzm&type=javascript&version=2.3.29

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 102
date: Wed, 25 Oct 2023 15:09:44 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8908fce0c5f918fc
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 26e8317231118780f1d40c0ab25dfbe8e0d55ff91d8b8a012ae8de8a08f9defd
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 4A58 43 B
395 B 180ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=29e9052f-5e66-414c-8832-63d9ff97da7d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9bf7601d-2aa8-478c-b025-786bc858f8d0&tw_document_href=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_document_referrer=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzm&type=javascript&version=2.3.29

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 102
date: Wed, 25 Oct 2023 15:09:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 62017c4b8fe0f9da
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 19a4d0cfcf2bc0390cff17e49a1db3cc32948dcf120a2be37ae8df89c1f31ad0
content-length: 43

GET
H2 200 adsct
t.co/i/ Frame BE09 43 B
203 B 175ms
125ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=65052831-7ba4-42b1-a795-7861e167d662&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84b9512a-fda5-4a47-83cb-239b3a7dcf44&tw_document_href=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_document_referrer=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzm&type=javascript&version=2.3.29

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 25 Oct 2023 15:09:44 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d069e90200ae81f7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 26e8317231118780f1d40c0ab25dfbe8e0d55ff91d8b8a012ae8de8a08f9defd
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame BE09 43 B
215 B 178ms
127ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=65052831-7ba4-42b1-a795-7861e167d662&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84b9512a-fda5-4a47-83cb-239b3a7dcf44&tw_document_href=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_document_referrer=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzwzm&type=javascript&version=2.3.29

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 25 Oct 2023 15:09:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a41d33bd19f6e17d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 19a4d0cfcf2bc0390cff17e49a1db3cc32948dcf120a2be37ae8df89c1f31ad0
content-length: 43

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 92 KB
17 KB 885ms
838ms Script
text/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=02b9012fe6ac5e24a6a4bf82a085650e&lang=en&cb=2a460da
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=02b9012fe6ac5e24a6a4bf82a085650e&cb=2a460da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b924c7321f13c17d0e4375d710b175ce3aebeb95416a6562be42926a4289de1

Request headers

Referer: https://www.dfcufinancial.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
content-encoding: br
surrogate-key: prod 02b9012fe6ac5e24a6a4bf82a085650e 2a460da
last-modified: Wed, 25 Oct 2023 14:53:27 GMT
server: cloudflare
cf-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 81bb61e2897e1b93-FRA

GET
H2 200 jquery.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 33ms
33ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=02b9012fe6ac5e24a6a4bf82a085650e&cb=2a460da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef39f6e8f10b13e9066fe59b2f37306d88cbd7f3ab07877513fffb416f1f6049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:39 GMT
server: cloudflare
age: 994
etag: W/"6537ebcb-17d97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e239adbb32-FRA
expires: Thu, 24 Oct 2024 15:09:44 GMT

GET
H2 200 startup.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 429 KB
115 KB 53ms
53ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=02b9012fe6ac5e24a6a4bf82a085650e&cb=2a460da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04211a16666e82334194c7c6ff64c170e6dc1ffe682d3a3bed745d9425da30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:40 GMT
server: cloudflare
age: 1113
etag: W/"6537ebcc-6b21d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e239afbb32-FRA
expires: Thu, 24 Oct 2024 15:09:44 GMT

GET
H2 200 1023099481095036 Show response
connect.facebook.net/signals/config/ Frame 348A 133 KB
35 KB 196ms
194ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1023099481095036?v=2.9.135&r=stable&domain=www.dfcufinancial.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41c84aacad5bc82a45cf5db39cc52dd1890aeba241547a49a0b7d08b063787a6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 15:09:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7zSf+paZ8UnnOZdbvOiLeMHGmw2gPuivaHOaoeQ4nUP4jGZjw8xjOmlGbcneRkvM6z74Xt/uxeIJgSRyXvNMYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.15c91276.js Show response
s.pinimg.com/ct/lib/ Frame F56C 65 KB
19 KB 27ms
26ms Script
application/javascript 2a02:26f0:480:493::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:493::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "22b382da8bd5bbd651c2ead900859322"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18887

GET
H2 200 / Show response
ct.pinterest.com/user/ Frame F56C 568 B
617 B 135ms
77ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613372013376&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1698246584757&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:44 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1584240803584244
content-length: 385
pin-unauth: dWlkPU9UUmlNakF6WW1RdE9URmhOaTAwT0RrMUxXSTFZV010WXpsbFl6QTRNalkxT0RZNQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dfcufinancial.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ Frame F56C 35 B
377 B 133ms
77ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613372013376&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215c91276%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698246584758
Requested by: Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:44 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 2279691430037722
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 348A 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1023099481095036&ev=PageView&dl=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&rl=https%3A%2F%2Fwww.dfcufinancial.com%2Fservices%2Fanywhere-banking%2Fdfcu-online&if=true&ts=1698246584918&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698246584917.1279019622&it=1698246584690&coo=false&rqm=GET

Requested by

Host: www.dfcufinancial.com
URL: https://www.dfcufinancial.com/services/anywhere-banking/dfcu-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Oct 2023 15:09:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame F6C3
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=2FBF231D9DD24571B43AD3832185E3BD

43 B
412 B

590ms
136ms

Image
image/gif

52.87.127.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=2FBF231D9DD24571B43AD3832185E3BD
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1dd5dpKA
Protocol: HTTP/1.1
Server: 52.87.127.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-127-42.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:45 GMT
Server: openresty
X-B3-TraceId: bb06e4a47f61ff0f
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: bb06e4a47f61ff0f
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Wed, 25 Oct 2023 15:09:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:45 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame F6C3 3 KB
3 KB 102ms
32ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1dd5dpKA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:45 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F5FiRYmszZL5vetQHxrC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 2FEF 565 B
427 B 53ms
52ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.dfcufinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 15:09:45 GMT
pinterest-version: 8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3072385243874494

GET
H2 200 241a3c01-f453-4009-9bc1-3b90dccbec19.js Show response
tr.snapchat.com/config/com/ Frame 4E7B 173 B
454 B 85ms
31ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/241a3c01-f453-4009-9bc1-3b90dccbec19.js?v=3.4.11-2310110039

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

8c563fb6d8c1c7c7d15ee932313330a559690e7f4d6245b67ddc4dc4dd47c125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfcufinancial.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.dfcufinancial.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame F896 0
201 B 86ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=241a3c01-f453-4009-9bc1-3b90dccbec19&u_scsid=f433c4fb-9df4-48bd-bb3b-690228bc4482&u_sclid=ddc4bc9d-20a6-4177-8923-6bd41d178026

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfcufinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 25 Oct 2023 15:09:45 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 smartrems.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 36ms
35ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:40 GMT
server: cloudflare
age: 997
etag: W/"6537ebcc-21d4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e87b41bb32-FRA
expires: Thu, 24 Oct 2024 15:09:45 GMT

POST
H2 200 p
tr.snapchat.com/ Frame 4E7B 0
96 B 35ms
34ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.dfcufinancial.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame 989D 813 B
590 B 37ms
37ms Document
text/html 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2a460da
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7

Request headers

Referer: https://www.dfcufinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 505596
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 81bb61e91c25bb32-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 15:09:45 GMT
last-modified: Thu, 19 Oct 2023 18:39:33 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 618ms
204ms Ping
text/plain 35.166.85.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.85.119 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-85-119.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dfcufinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 15:09:46 GMT
content-length: 0

GET
H2 200 3772.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
335 B 31ms
30ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:40 GMT
server: cloudflare
age: 1000
etag: W/"6537ebcc-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e91c39bb32-FRA
expires: Thu, 24 Oct 2024 15:09:45 GMT

GET
H2 200 5121.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
306 B 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:40 GMT
server: cloudflare
age: 1000
etag: W/"6537ebcc-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e91c3bbb32-FRA
expires: Thu, 24 Oct 2024 15:09:45 GMT

GET
H2 200 874.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
223 B 38ms
38ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:39 GMT
server: cloudflare
age: 812
etag: W/"6537ebcb-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61e91c3ebb32-FRA
expires: Thu, 24 Oct 2024 15:09:45 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame F6C3 804 B
1 KB 38ms
29ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 48b72a5ef60438bc8b102682ad4f50842f7dd9b59774f3b12a5ae6eeb73a174a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: openresty
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

/
s.ad.smaato.net/c/ Frame F6C3
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2FBF231D9DD24571B43AD3832185E3BD

0
238 B

155ms
39ms

Image
text/plain

2600:9000:211e:c800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 2600:9000:211e:c800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
cache-control: no-cache, must-revalidate
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: wRI_6ByKJSDyU_ARucZK6LRFAO2WjZVU6rcVppJv_CjzYJh9ynIfaw==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003
sync.targeting.unrulymedia.com/csync/ Frame F6C3
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/2FBF231D9DD24571B43AD3832185E3BD
https://sync.1rx.io/usersync/simplifi/2FBF231D9DD24571B43AD3832185E3BD?zcc=1&cb=1698246586184
https://sync.targeting.unrulymedia.com/csync/RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003

43 B
378 B

132ms
35ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003
pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=2FBF231D9DD24571B43AD3832185E3BD&dongle=yf3

37 B
140 B

86ms
22ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=2FBF231D9DD24571B43AD3832185E3BD&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=2FBF231D9DD24571B43AD3832185E3BD&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=2FBF231D9DD24571B43AD3832185E3BD

43 B
175 B

412ms
119ms

Image
image/gif

2600:1f18:612b:4264:48:b1ee:596b:27b5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 2600:1f18:612b:4264:48:b1ee:596b:27b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 25 Oct 2023 15:09:46 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame F6C3
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD

95 B
437 B

36ms
36ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2FBF231D9DD24571B43AD3832185E3BD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame F6C3
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2FBF231D9DD24571B43AD3832185E3BD
https://d.agkn.com/pixel/10751/?che=1698246586234&ip=217.114.218.27&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219743204680003302519
https://um.simpli.fi/aa_px?sk=219743204680003302519
https://um.simpli.fi/empty.gif

43 B
361 B

26ms
26ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame F6C3
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2FBF231D9DD24571B43AD3832185E3BD

0
0

200ms
22ms

Image
text/html

18.245.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 18.245.60.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-44.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F6C3 43 B
409 B 33ms
28ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame F6C3 43 B
409 B 34ms
28ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame F6C3
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=2FBF231D9DD24571B43AD3832185E3BD;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=2FBF231D9DD24571B43AD3832185E3BD;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzkwODcxNjM4NDg3MzE3MDUwOQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEBzoWnfwpGgsUPvFyPzrsrA&google_cver=1

43 B
388 B

34ms
31ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEBzoWnfwpGgsUPvFyPzrsrA&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:45 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEBzoWnfwpGgsUPvFyPzrsrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame F6C3
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0&xl8blockcheck=1

0
771 B

25ms
25ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=2FBF231D9DD24571B43AD3832185E3BD&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame F6C3 43 B
409 B 57ms
52ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=2FBF231D9DD24571B43AD3832185E3BD

0
421 B

540ms
131ms

Image
text/plain

52.3.88.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=2FBF231D9DD24571B43AD3832185E3BD
Protocol: HTTP/1.1
Server: 52.3.88.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-88-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 25 Oct 2023 15:09:45 GMT

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame F6C3
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=2FBF231D9DD24571B43AD3832185E3BD

62 B
445 B

337ms
187ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 25 Oct 2023 15:09:46 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

404

tpid=2FBF231D9DD24571B43AD3832185E3BD
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame F6C3
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2FBF231D9DD24571B43AD3832185E3BD

49 B
266 B

150ms
46ms

Image
image/gif

63.35.103.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 63.35.103.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-103-141.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.248
content-length: 49
expires: 0

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=2FBF231D9DD24571B43AD3832185E3BD

0
311 B

131ms
39ms

Image
text/plain

216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=2FBF231D9DD24571B43AD3832185E3BD
Protocol: HTTP/1.1
Server: 216.52.2.86 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 25 Oct 2023 15:09:46 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=2FBF231D9DD24571B43AD3832185E3BD

0
98 B

182ms
29ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame F6C3
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698246586047&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIx...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIxL...

42 B
154 B

46ms
45ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIxL2RggMVMkzlCh0U_g_r&is_vtc=1&ocp_id=ui85ZaTlCLKYlQeU_L_YDg&cid=CAQSKQDICaaN42Jm4K8kpPnyQzBQxJfnObDNywC87gN3VcO2HDDuio3kO3f3&random=794843534&ipr=y

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1329414357&cv=7&fst=1698246586047&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIpKqIxL2RggMVMkzlCh0U_g_r&is_vtc=1&ocp_id=ui85ZaTlCLKYlQeU_L_YDg&cid=CAQSKQDICaaN42Jm4K8kpPnyQzBQxJfnObDNywC87gN3VcO2HDDuio3kO3f3&random=794843534&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame F6C3 0
272 B 58ms
54ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=2FBF231D9DD24571B43AD3832185E3BD
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2FBF231D9DD24571B43AD3832185E3BD

43 B
896 B

38ms
34ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2FBF231D9DD24571B43AD3832185E3BD

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
an-x-request-uuid: 12f5270d-9459-4f6a-ae96-86a479fc8455
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
an-x-request-uuid: 6fd7cbe0-5dfd-4719-a139-e1af86aa7509
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2FBF231D9DD24571B43AD3832185E3BD
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F6C3
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2FBF231D9DD24571B43AD3832185E3BD&expires=365

0
239 B

127ms
35ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2FBF231D9DD24571B43AD3832185E3BD&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2FBF231D9DD24571B43AD3832185E3BD&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F6C3
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2FBF231D9DD24571B43AD3832185E3BD

43 B
273 B

107ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2FBF231D9DD24571B43AD3832185E3BD
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2FBF231D9DD24571B43AD3832185E3BD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 15:09:46 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame F6C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEIERXY-8qB1O4a28bq4-YVE&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FBF231D9DD24571B43AD3832185E3BD
https://um.simpli.fi/g_match?id=

0
320 B

28ms
27ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 24 Oct 2023 15:09:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 15:09:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launcher.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 80 KB
19 KB 62ms
62ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690102febca4e038c2744a21486d7f82d6c916e6d026188acf29c248c1a174d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:40 GMT
server: cloudflare
age: 821
etag: W/"6537ebcc-13e94"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61fbdf90bb32-FRA
expires: Thu, 24 Oct 2024 15:09:48 GMT

GET
H2 200 compliance.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 151 KB
44 KB 51ms
51ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49801e29bc6290235cff78b47b194fed430580c341b49c4ded664ce9d574125d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:39 GMT
server: cloudflare
age: 812
etag: W/"6537ebcb-25d61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61fbdf93bb32-FRA
expires: Thu, 24 Oct 2024 15:09:48 GMT

GET
H2 200 6365.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 1 KB
485 B 32ms
31ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/6365.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:39 GMT
server: cloudflare
age: 6526
etag: W/"6537ebcb-42e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61fc6862bb32-FRA
expires: Thu, 24 Oct 2024 15:09:48 GMT

GET
H2 200 site-menu.bundle.2a460da.js Show response
wsv3cdn.audioeye.com/v2/build/ 53 KB
15 KB 34ms
33ms Script
application/javascript 2606:4700:4400::ac40:9483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/site-menu.bundle.2a460da.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2a460da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc4404415e9ee27e69cf3babd8d190d74f7873db803f29599c49e2f9d9cf560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dfcufinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 15:09:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:07:39 GMT
server: cloudflare
age: 6627
etag: W/"6537ebcb-d33a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bb61fc786cbb32-FRA
expires: Thu, 24 Oct 2024 15:09:48 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

Referer
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dfcufinancial.com/
Origin: https://www.dfcufinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:34:38 GMT
x-content-type-options: nosniff
age: 322510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 21:34:38 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 15:45:32	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.dfcufinancial.com/	1970-01-21 00:31:08	Name: CMSPreferredCulture Value: en-US
www.dfcufinancial.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: sBXCg/76IRJ0UwM0PGXco3B7OoZE04jdmLK31JN7
.onlineaccess1.com/	1969-12-31 23:59:59	Name: __cfruid Value: 56019284a3f0cc0d67e65c918ea727a4b7e610f7-1698246582
.dfcufinancial.com/	1970-01-20 17:53:42	Name: _gcl_au Value: 1.1.1863540874.1698246583
.dfcufinancial.com/	1970-01-21 01:20:06	Name: nmstat Value: 24146014-9b33-45da-6bf7-e7abd1363e16
.dfcufinancial.com/	1970-01-21 01:20:06	Name: _ga_SJZ0WLRJTP Value: GS1.1.1698246583.1.0.1698246583.60.0.0
.dfcufinancial.com/	1970-01-21 01:20:06	Name: _ga Value: GA1.2.314289036.1698246584
.dfcufinancial.com/	1970-01-20 15:45:32	Name: _gid Value: GA1.2.887864154.1698246584
.dfcufinancial.com/	1970-01-20 15:44:06	Name: _gat_UA-15287869-1 Value: 1
78121.global.siteimproveanalytics.io/	1970-01-20 15:54:11	Name: AWSALBCORS Value: C3fzIyU0R/Wsd5G3OZXMc49ZRkCO0I1Kn/bsqe3v6f0Zrzx9zYrT3s/fgDb30u1+zhDQNBxo7QrAlsRIC3KiuHFydECgWm8MtFgCfdbMjvXtTEIjkxV7SzjZfAUk
.dfcufinancial.com/	1970-01-21 01:13:53	Name: _scid Value: 442af936-b699-4de1-a79f-6f49dc0cebb5
.dfcufinancial.com/	1970-01-21 01:13:53	Name: _scid_r Value: 442af936-b699-4de1-a79f-6f49dc0cebb5
.w55c.net/	1970-01-21 01:13:30	Name: wfivefivec Value: xnOuvCEd1QVFvW2
.t.co/	1970-01-21 01:20:06	Name: muc_ads Value: 5628f0ca-2350-4f58-a8b2-b5479912719c
.twitter.com/	1970-01-21 01:20:06	Name: personalization_id Value: "v1_xwKO46DKVgoqIoHee1Y2JQ=="
.pinterest.com/	1970-01-21 00:29:42	Name: ar_debug Value: 1
.dfcufinancial.com/	1970-01-21 00:29:42	Name: _pin_unauth Value: dWlkPU9UUmlNakF6WW1RdE9URmhOaTAwT0RrMUxXSTFZV010WXpsbFl6QTRNalkxT0RZNQ
.dfcufinancial.com/	1970-01-20 17:53:42	Name: _fbp Value: fb.1.1698246584917.1279019622
.segmint.net/	1970-01-21 01:20:06	Name: SegmintId Value: 89e4fc7f851e44229bad4e95c0a35589
.simpli.fi/	1970-01-21 00:31:08	Name: suid Value: 2FBF231D9DD24571B43AD3832185E3BD
www.dfcufinancial.com/	1970-01-21 00:29:42	Name: _aeaid Value: 447ebca6-6afc-4c0d-a17b-5967ee5df446
.simpli.fi/	1970-01-20 15:54:11	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-20 17:10:30	Name: TapAd_TS Value: 1698246586173
.tapad.com/	1970-01-20 17:10:30	Name: TapAd_DID Value: dce3d460-d6af-414c-8a79-383134c00487
.1rx.io/	1970-01-21 00:29:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003%22%7D
.pro-market.net/	1970-01-20 16:27:18	Name: anHistory Value: "1o34dza43lpal+2+!#7%.%B#Z?/"
.tapad.com/	1970-01-20 17:10:30	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 17:53:42	Name: uuid2 Value: 2088836763375021584
.agkn.com/	1970-01-21 00:29:42	Name: ab Value: 0001%3AgNPCLWRHUEz4BZsZGzbH9mLZRcYgQ9Qv
.exelator.com/	1970-01-20 18:36:54	Name: EE Value: "45aead6bef5d8362a67f010bd58c0a09"
.doubleclick.net/	1970-01-21 01:05:42	Name: IDE Value: AHWqTUkZ2f0S8rKZwAYg_hXEtNsZ_SbsjzzfuzpSM7gX2fA-CW3uU2H3O6_3MmxC
.exelator.com/	1970-01-20 18:36:54	Name: ud Value: "eJxrXxzq6XKLQcHENDE1McUsKTXNNMXC2Mwo0cw8zcDQICnF1CLZINHAcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6IhfXxUUpaQyLSopPBR%252FdvBEAxrArGA%253D%253D"
.adnxs.com/	1970-01-20 17:53:42	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Ilbmt](!]tbPl1N!7OnM$=BWbtfo't_i+JKTeU9!MlxJ3bk`:`odYzwZdYV/lf`OYmwCo/O/X%W#.wL4W1Qw28`5#Ev
.pro-market.net/	1970-01-20 20:03:18	Name: anProfile Value: "1o34dza43lpal+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000010+s2=(s33bga)+vm=24-2FBF231D9DD24571B43AD3832185E3BD:53-CAESEBzoWnfwpGgsUPvFyPzrsrA"
.targeting.unrulymedia.com/	1970-01-21 00:29:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-65ad37b0-88a7-4acd-8135-eaacc5430e71-003%22%7D
.agkn.com/	1970-01-21 00:29:42	Name: u Value: C\|0AAAAAAAALMvsOgAAAAAA
.bluekai.com/	1970-01-20 20:07:37	Name: bku Value: blx99nGFmVVLLkTx
.bluekai.com/	1970-01-20 20:07:37	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEJsxAR01paWmDHW1MxNBpaYBeBOHe1T1p/hmePa16JW9y9GbQr5
.bfmio.com/	1970-01-21 00:29:42	Name: __141_cid Value: 2FBF231D9DD24571B43AD3832185E3BD
.bfmio.com/	1970-01-21 00:29:42	Name: __io_cid Value: e18c9476e5766fd1e6fb37cb60a55c43c3595948

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2FBF231D9DD24571B43AD3832185E3BD Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2FBF231D9DD24571B43AD3832185E3BD Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2FBF231D9DD24571B43AD3832185E3BD Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78121.global.siteimproveanalytics.io
aa.agkn.com
analytics.audioeye.com
analytics.twitter.com
bcp.crwdcntrl.net
bs.serving-sys.com
cdn.jsdelivr.net
cdn.segmint.net
cdnjs.cloudflare.com
cds-sdkcfg.onlineaccess1.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
connect.segmint.net
ct.pinterest.com
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
maprtb.segmint.net
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.ad.smaato.net
s.pinimg.com
sc-static.net
secure-ds.serving-sys.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
t.co
tag.simpli.fi
tags.w55c.net
tr.snapchat.com
um.simpli.fi
us-u.openx.net
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.dfcufinancial.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.197
104.244.42.67
13.248.245.213
143.204.207.250
146.75.116.157
151.101.128.84
172.217.16.194
18.198.69.109
18.245.60.44
192.0.54.4
192.124.249.110
2.19.126.154
2001:4860:4802:32::36
216.52.2.86
2600:1901:0:8eee::
2600:1f18:612b:4264:48:b1ee:596b:27b5
2600:9000:211e:c800:1b:5138:8a40:93a1
2606:4700:4400::6812:277d
2606:4700:4400::ac40:9483
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700:e6::ac40:c418
2a00:1450:4001:806::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c04::9b
2a02:26f0:480:493::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
34.111.113.62
34.98.64.218
35.156.114.187
35.166.85.119
35.190.43.134
35.204.158.49
35.204.89.238
35.244.174.68
37.252.171.52
46.228.174.117
52.213.152.153
52.28.142.172
52.3.88.53
52.57.124.150
52.59.185.136
52.87.127.42
63.35.103.141
69.173.144.138
69.192.160.219
99.86.4.76
05da20e0291dba8791e033bf7e3afd8876369044ebabbd35a43a60a586b18f47
07adb6ab966baf5a5a8d9b0044432b2a7091fcb3c1c6d396b0acca36c358fab3
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
11ebfbebd500f2de867eb3ff78775054b1c1d5970c515f8d121f8b5de960ee8a
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1fc35aced07c956c6d19908ab6ca08b8d7d3bb6805204cecddfda9316be8f4f4
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2a571d0b804f432802a104933baf75c81ff82986165a75a312d9f734f90ea596
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
346a565f45dbd87fe8d6f0a8324cbe5add645feab6c14858eabace1661b60d99
35448410d6184659f33a51be96e967d883f51f363b98830500a73fa885fa452d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41c84aacad5bc82a45cf5db39cc52dd1890aeba241547a49a0b7d08b063787a6
4454849eab522f11da22642a43bf7be2333b9e30a5bf912c09290f31a8bb82ef
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94
48b72a5ef60438bc8b102682ad4f50842f7dd9b59774f3b12a5ae6eeb73a174a
48e1e8cf5aedc8bc7103dc90515d429ca23696bb9f8fca5a21a60c2ddab3d717
49801e29bc6290235cff78b47b194fed430580c341b49c4ded664ce9d574125d
4a95d68533578ff5db751d35076230f3abf3effc48e42167bda0ef70dbf19931
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
52b8fe444191b28ad75c6f23473d49a2965c9fd6a5a520d7d22a98e3111ccc7d
54d17b26595019c50c27508837a3b05f8fb85636307949fe11177865cd099231
611c99f79cf64696d424ff49204b608ddfc24e239529759f6b2fd1f0f46ec13a
635ad19704f34f92b98610817c01560010f8714d77406b9137a3f96a97d6cd5b
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67db9831abcc4684c5324a190e7bc2904da29f8d2632c3da10a06875179c6581
690102febca4e038c2744a21486d7f82d6c916e6d026188acf29c248c1a174d5
6b4afacb34cb482f73352555afbf6b759784b2da0ea9837a1d659ac6d18a6138
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a
805f4308362361fc6925c4426e069643be3c6a992dc26bf163a19a8991a4b8c3
83ca7ff82e7535ce52c0aa459efff3ebc46409d530b8e4bdfe7a377f62d83790
88c709c99a9ccb4391b33517947a5773b37b599f1910e33acd2e944dd4e3d526
89997a113ef07f2057da060c8c178c3008d26134eda5852d04ff4cb2835a2870
8b573273f7574cdb82b401f679f67982a85323349f984d6f0fab55330e3274d2
8c563fb6d8c1c7c7d15ee932313330a559690e7f4d6245b67ddc4dc4dd47c125
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
9167f30f937b4fc11de25964e404eb08b09659be0f3434fbd92af624ab9ee33b
9afd5a288214a4371e84adc8d5dabc77acbcfdea549d205144466207370f8a50
9b924c7321f13c17d0e4375d710b175ce3aebeb95416a6562be42926a4289de1
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a926511a1fe5770671ed030998e2f38a2ad0744b4c016610930339cb534897cd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf4ddc415e653377680ec839b0e5fc6168952beb1d63b3b3bab3c2166159c780
c04211a16666e82334194c7c6ff64c170e6dc1ffe682d3a3bed745d9425da30d
c4ecedb6a69050b6d3c2bd4934738a2f26831dd1adf609fd57cd6b428a9031ac
c7a521be007b8d197d197c165d1e2be63bb250be8ce51c5c48b3ac4c263a85d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf44a1b5780e391e9ac67a5f09f568fc533ae65fe41792962ffb81a7ac3c0af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc4404415e9ee27e69cf3babd8d190d74f7873db803f29599c49e2f9d9cf560
ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39f6e8f10b13e9066fe59b2f37306d88cbd7f3ab07877513fffb416f1f6049
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

www.dfcufinancial.com Open in urlscan Pro 192.124.249.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

80 %HTTPS

39 %IPv6

47 Domains

59 Subdomains

50 IPs

6 Countries

1595 kBTransfer

3904 kBSize

41 Cookies

7 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dfcufinancial.com Open in urlscan Pro
192.124.249.110 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

80 %
HTTPS

39 %
IPv6

47
Domains

59
Subdomains

50
IPs

6
Countries

1595 kB
Transfer

3904 kB
Size

41
Cookies

113 HTTP transactions
2 data transactions