Report - afcuauthtemp.firebaseapp.com/

Report Overview

Submitted URL
afcuauthtemp.firebaseapp.com/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2022-09-28 22:28:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	16 kB	151.101.84.157
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	593 B	104.244.42.133
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	2.2 kB	142.250.74.3
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
americafirstcreditun.tt.omtrdc.net	341132	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	546 B	2.9 kB	13.36.218.177
afcuauthtemp.firebaseapp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	446 B	843 B	199.36.158.100
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	28 kB	31.13.72.12
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
cm.everesttech.net	996	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	475 B	52.17.180.229
api.glia.com	30061	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	911 B	20 kB	54.230.111.39
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	4.1 kB	142.250.74.2
assets.adobedtm.com	512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	110 kB	23.38.200.237
www.americafirst.com	341739	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	780 kB	206.81.136.154
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.4 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
public.cobrowse.oraclecloud.com	12865	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	153 kB	104.110.2.75
sstats.americafirst.com	366317	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	1.7 kB	13.36.218.177
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	373 B	31.13.72.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	9.8 kB	142.250.74.3
assets.americafirst.com	442352	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	13 kB	206.81.136.155
americafirstcreditunion.demdex.net	387571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	3.4 kB	99.81.102.255
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	16 kB	142.250.74.164
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	752 B	613 B	104.244.42.195
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	524 B	3.33.220.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.242.3.166
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	1.9 kB	104.17.24.14
integration.silvercloudinc.com	44066	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	19 kB	54.86.0.52
listen.audiohook.com	37502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	215 B	3.213.221.43
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	48 kB	142.250.74.72
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.9 kB	212.82.100.181
pubsub.salemove.com	15427	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	231 B	44.193.189.104
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
sc87389896us1.cobrowse.oraclecloud.com	481955	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	9.8 kB	104.110.2.75
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.8 kB	143.204.42.158
libs.salemove.com	22528	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	174 kB	143.204.55.70
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	330 B	2.8 kB	104.18.32.68
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	2.9 kB	172.64.155.188
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	56 kB	142.250.74.170
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	4.8 kB	54.76.210.146
calcs.americafirst.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	26 kB	148.66.212.61
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	715 B	64.233.165.155
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cash129.herokuapp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	280 B	54.224.34.30
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	9.1 kB	188.125.94.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	afcuauthtemp.firebaseapp.com/	America First Credit Union

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	afcuauthtemp.firebaseapp.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (57)

	URL	Size	First Seen	Last Seen
	public.cobrowse.oraclecloud.com/rely/global_launcher.js	196 kB	2023-03-07	2023-12-15
Pretty URL public.cobrowse.oraclecloud.com/rely/global_launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-12-15 17:20:49 Times Seen115 Hash c3f1598b042efa5820d3436290fe48e1 b16bd721ac840a0fdc771fdf8c0ed8117b978b93 8ca4e52383c80722fe7a35ec20d4c6705aec49ef14e7c607ae161633f4de7219 Loading...

	www.americafirst.com/about/help/support.html	524 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:06 Times Seen1 Hash 1caa90d95a192b1a76ec8af54b77bf97 c32d0309d5e0a90aa5dd4f1372f953b7d1ddf519 194c5b05ddc49030aa24970bc5a4a985a4ae515a3c22e53f9720d5dc7f14c609 Loading...

	www.americafirst.com/about/help/support.html	464 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash b780adb6713bb7851ff7642fdc2790d6 4fe3157f9dd65f5b228bca06c75e4c69fa6d6547 1ffdf931eb2e5a31e87f5439e0f429254570b63731ebde4ceea9aa71321be54e Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	api.glia.com/salemove_integration.js	8.8 kB	2023-03-07	2023-03-10
Pretty URL api.glia.com/salemove_integration.js IP 54.230.111.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-03-10 20:11:24 Times Seen1 Hash bd2a3e32d62aa377023421e37b842197 d0661ac9d18748461f4c7ecc1fbf001eb235bc82 2dea948cdde16b3971b7ce42e38896f662e9d657e2fca13cdf8c07e85cc7f97c Loading...

	libs.salemove.com/visitor/webcomponents_es5-184250401.js	936 B	2023-03-07	2024-04-24
Pretty URL libs.salemove.com/visitor/webcomponents_es5-184250401.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-04-24 00:18:14 Times Seen162 Hash f86098c5208655efb405300993461936 a0a5b6aea7bbb6a51940f8c874aee109477c7b56 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Loading...

	public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ntqldw8h7cl8m77tg0&version=20220828	44 kB	2023-03-07	2023-04-05
Pretty URL public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ntqldw8h7cl8m77tg0&version=20220828 IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:35 Last Seen2023-04-05 02:07:38 Times Seen62 Hash 1ce358cf7eeb8f4e31d78e424392d30d e45e9ea9e750bec59e6590e03f57aec8a65d9772 2e57e1de709bfc021b4b52581a9dc961d7299158f0fbb5abd21cc653f526fb59 Loading...

	www.americafirst.com/about/help/support.html	230 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen124 Hash d1f09dfa4029220379cf7ae95360a894 5b78b4aff01bd6dba62b93b422cef35ef262f291 69b9ca9c54e6757b208aa3cf9dc252d28fd19cb3537bc78688dca8099a325038 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js	38 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 356af67cd733d2e73d2a0c45af828543 68abce8bd6ce505b56b20f8487836651c00920db d1064fbe58765fe980b21cff44f55b4875eb7d25f2ac608768cc18f586743c50 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js	1.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:19 Last Seen2024-02-17 04:51:03 Times Seen272 Hash a67d659f582bf93e1d8156fc182326f5 ddd3e9a62627e7235a41b3593b9be08eeb5a1c07 d76d1ac714b8979dc902ef8f6b3de25fc320b974816b7d592caa7496cc98e5d5 Loading...

	www.americafirst.com/about/help/support.html	312 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash f386e32f899ed57f698e976a88e5f15e cfc424d5a55b1c45eefe7d10e1dad52f8cd1a412 c55c15472fe67e3c9701242fda8132b5fc747d555931adbaa9fe31749c626914 Loading...

	assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js	34 kB	2023-03-07	2024-04-24
Pretty URL assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-24 15:35:01 Times Seen2928 Hash d860c16ac938f7d839f0ec158d02d0f0 8710f81ed151233677f7e32b229cb35293dd6840 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Loading...

	static.ads-twitter.com/uwt.js	57 kB	2023-03-07	2024-01-14
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:10 Last Seen2024-01-14 12:48:17 Times Seen57 Hash d4de8398858246712016031c834bb061 49709126e0fcb914a62f3255ae3ffe45a3fbe0ae 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d Loading...

	integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js	58 kB	2023-03-07	2023-03-12
Pretty URL integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js IP 54.86.0.52 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-12 17:44:22 Times Seen1 Hash c3a37ebe32849ffcc261a652e64ee1fb 724609d0c56f82943e9c772c02cd53062056b751 9813d07ca26efffa32676be26d3f4ed2374fbe936e8e920d66d19de1aeeef108 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js	92 kB	2023-03-07	2024-04-24
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 00:04:02 Times Seen296 Hash 8378dd18d27d369a41cd582ec02fc311 3f3a56f0d72c447de8abb2bd9bcb084c1d54a52a 1ab5cd011a40c13c883577c5aa0095513fa2f7279809b0fefe9eeacbf85577b3 Loading...

	assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js	3.3 kB	2023-03-07	2024-04-24
Pretty URL assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:10 Last Seen2024-04-24 15:35:01 Times Seen2369 Hash 2d1382c349d480b6b41574ac0c1af066 53ddf017aa6b66b4d54ea0818dc5c04789b9e5ae 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Loading...

	www.googletagmanager.com/gtag/js?id=AW-791415936	118 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-791415936 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash e5db5f46bbdbfbac83c32fc5a5f5bc40 96c83ca2f2d050b716f91872b61ea796b712c89d c2e3c2965265b397423c3ee794348f886dd5ead4d9362bf38fd90459dc645048 Loading...

	www.americafirst.com/about/help/support.html	154 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash 266e54c6ef8a10f39f44105f493d9e56 0b48ff89a6d2f3f6f2e70a329669809f1d9f6ded a4c45b971b1f7772883579d2722ef245f3fc1e3ba6bd0f30d61c203d8e6852c9 Loading...

	www.americafirst.com/about/help/support.html	777 B	2023-03-07	2023-10-04
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-10-04 13:44:12 Times Seen10 Hash 4c34b0b0ec787d5123ceceee2abb5940 ce5bb90d568694ad4035b43f49fa52890a3e8b02 d14fa37365ddb99b7e941829ea705bea3c58167d76948a39abb52390acac9c93 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.americafirst.com/about/help/support.html	500 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 53c5df81540c1d81f0484e48633dd3a7 2158e2660f23ce040e5973bc2329f2c2fd22ad77 c387118b560c919f9149d2d6f1483f53ed7f37f335d627fdff99ff50b3785386 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js	4.3 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash a09b7a4d5b05eb9bbac906f89de65560 8212d0453aa96851e2f132b3f9a6bb068ac608a5 bc31618f95dc7cc9749e0cb29a4b09630b24844e922385a13ac4a0daed3db70f Loading...

	www.americafirst.com/about/help/support.html	756 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash ab13414dbdb8208549660740fdee91f7 9ac20e75cdae43c42e643d6cbf2a56f070949611 5f141aba103efa133f29e2a2d2b3f750f79d7396884d9f542bd27cac5903147a Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js	8.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen243 Hash ea4b068b960d37c312c379f07a3e8d45 19278c6d1bb29f33e4f81956b4d56404420bbb4b b8e2fb4c19eb3b6d407f0956f60230db764d5870cfc2e82d58ff179e510aa467 Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	www.americafirst.com/about/help/support.html	403 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash f24ae9d28cd54512b097751630e6d4d0 150431adde49c74d6a5809971d31ca536d3f3a12 35427de58583d32b781be631b76155c738f3a6b2af38f20f68bea73094bfb020 Loading...

	afcuauthtemp.firebaseapp.com/static/js/main.a2453cb4.js	386 kB	2023-03-08	2023-05-04
Pretty URL afcuauthtemp.firebaseapp.com/static/js/main.a2453cb4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:58:34 Last Seen2023-05-04 04:08:48 Times Seen3 Hash 7a8553ce753ac89bb948521cb08eb451 e66b30a12887f81ea7904e0e37b4520b0aadcc82 8fc550c6dcb126351d39e1e77384794d801a9da136ecf2ffc8a8790e90131082 Loading...

	sc87389896us1.cobrowse.oraclecloud.com/launcher.js	37 kB	2023-03-07	2024-04-04
Pretty URL sc87389896us1.cobrowse.oraclecloud.com/launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen249 Hash 2321e235cd1219f0ea1f75a72519efc0 2f434898447e018a8c327efea19f9a638c4dd9ab e9cb6c823d852d50f504f8568c9e9e7d2234819796449106f8ca4f04f4d3f07b Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js	32 kB	2023-03-07	2024-02-17
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash d87853c9b79ab88bff32909fa686e76c a4aa86c22437299c4ec383592e9e0ef1e9ad39c2 94bb2e97357d49ad14a1fe983fc1f10adf22e3aaf6e212bcc355f6a15c79c7ad Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js?t=10302020	50 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js?t=10302020 IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 7c5945d9fdb20ee5b15b71b4a97a2ea3 19925f89eb9b10673b48be170c98019c95c5bfb7 53ee1afd714638531a5b6212352f3c89366c802ad5e220cecf676387c242ab86 Loading...

	www.americafirst.com/about/help/support.html	197 B	2023-03-08	2023-03-08
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash 9557901850018b9043d0f2cb1e1b9bbe 8b7785e76f3a47f853bf486541316319fe2d50e1 6eb4f6341f2f323c6261dc0d3aa11abb992cf9ac29bb94b16efd6307b08556a7 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js	43 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 34af3e60c8fb84b4bd057f3ed1619ec4 3e328d9a6ef4294dad31558a13fea9584f4add91 1d5d1d46da78cb41d999ccaeb7a82433059fea44f9f207db32db2b995eff0171 Loading...

	assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js	335 kB	2023-03-07	2023-03-08
Pretty URL assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-08 03:15:04 Times Seen1 Hash 352b0896ee976cf07d06c94d5f6ab075 dfe23671da6d9948393e9408e6e2789191bcf50b 23ce084816d02acf9f9c783e57b2bf820c514dfd2c5127e8caf84ccd518e3d44 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1664404083885&cv=9&fst=1664404083885&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4	2.5 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1664404083885&cv=9&fst=1664404083885&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash 02d705b17156c5a4efcd14738f1eda2e 3deea7923b42f47121b1cc6a3a793c0085e3c489 d920a1867e56418a2aaa784fb91716f1cf949994552fd6db01c5b9456612155d Loading...

	libs.salemove.com/visitor/bootstrapper-184250401.js	671 kB	2023-03-08	2023-03-08
Pretty URL libs.salemove.com/visitor/bootstrapper-184250401.js IP 143.204.55.70 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:42:55 Last Seen2023-03-08 03:48:18 Times Seen1 Hash 96978bd41cf33d02d92388fcf9f7f236 b761a51bc43c4421a0fdb1c8a4d3cc9ecbf87509 f8f72e2880b907edfae14ec02572ee8e1771440352e46de340f1f03e8256b635 Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js	32 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 3f8c54286dc2c062186d92333bb0533f fa1cf489a85944fcb9793108ba596db9f189d680 8a3dd24fe00542dbc89ec319209a1b3aa3859832c571b3b6fe3d76fbbf45482b Loading...

	www.americafirst.com/about/help/support.html	153 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 99ea501b030c880bb0a2a2a8145641ff 5086036e90e2547f8a5f4b9d486e17b0c52d2003 37fc7ef119ac5c84544de199720cbd976c06ca595a2b64ad25b5066b489bdc10 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1664404083901&cv=9&fst=1664404083901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4	2.5 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1664404083901&cv=9&fst=1664404083901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash facf82dfe741f8e1337fe74f812c14b3 33b74c46ef8f15cf76b7f06c3158aaca73515b2d 1d49af6ca59a2b738611206461360db1d2665fe503ea7891c858f0eb804dfdcc Loading...

	connect.facebook.net/signals/config/335590106865602?v=2.9.84&r=stable	299 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/335590106865602?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:56:40 Last Seen2023-03-08 03:15:04 Times Seen1 Hash 6d04846f5df29497a65a865fd07c90fa e000084c4c4db63339b714e22d6802f7b3cb5063 1f8589bcbc1d99f2282fbd975a4e8dca232b758bb5e33aa74aaa262fcd3d34c8 Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js	119 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 54daab1bb64dbe576b51e12ad9a63658 7fa94279986d013dd79de73355d8f9f020d74173 eae49ef693cbfe17002c01faeca9ff44fd3ac6a74d4519ac201d9d52a99c0f3a Loading...

	www.americafirst.com/about/help/support.html	2.0 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash 64e0b709ac006d789dbdddd54235ab55 729564b2c3289b7cd3762aaa67e1cb152ab9bf4c 4d43db195eaa36ca0adfa2b4f3d140389965ed8e9b973f3094481758977029ad Loading...

	americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-08	2023-03-10
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:58 Last Seen2023-03-10 12:05:33 Times Seen1 Hash 7ebf0fce2f7b7c5a547d76da320bd16f cf5575cac6328d1538893b09ddcc0e1d9ece0bd2 a355dc6fd53a94ca23cff781b3cf5f19d3851d899687b32bdfb4ecf6adb0ecb3 Loading...

	www.americafirst.com/about/help/support.html	272 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:49 Times Seen124 Hash a398cc78f8189c4fa0b6165ccfa858f3 d85faf49dba957f826a931a4f2bb45a4a365962d 88aa75296cb01a28dec6b18aebf1a22b49f7f3bc1fcb84bf096faf7ae84ce462 Loading...

	www.americafirst.com/etc/clientlibs/afcu/base.min.js?t=10302020	204 kB	2023-03-07	2023-03-11
Pretty URL www.americafirst.com/etc/clientlibs/afcu/base.min.js?t=10302020 IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-11 21:29:01 Times Seen1 Hash c71590d0636db9d3de6de77ef46bef6a 75460b20d0674fe6add35dadb2ce69cb11fc7805 cf50eeba4a4217629468ee7efb9685ce5844c97c8fb2be8de24230f8592767a0 Loading...

	public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js	115 kB	2023-03-07	2024-04-04
Pretty URL public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:51 Times Seen255 Hash 619ea4c083a27523d708e062b444ad6b a9fd520ef53b582e29975beb584fc8ea69f7053c 1a289a3e9d916859094be1ef02b28bcd6dd1fd6c578893b8782fc246e733ec94 Loading...

	calcs.americafirst.com/scripts/tipped/comboTipped.js	67 kB	2023-03-07	2023-03-13
Pretty URL calcs.americafirst.com/scripts/tipped/comboTipped.js IP 148.66.212.61 ASN #13649 ASN-VINS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 0aa397bc66e377771c7e7a0c8edd1580 18654f592b40ce0334e8b1b13a598592df375da4 b869b8e90d37abddcd401fd0fe818eb65568f2b82466b038db4d16f1ff93eb81 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js	36 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash e156e52a2eb2e425a9fb070cffe02bf7 613f90cd98d1e76ba42edb79768ce08bd7d1841c ddceffe418e5eb4cca816dd76986a02c5448a89ac864d81b2050351e065895bb Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.206 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js	1.8 kB	2023-03-07	2024-03-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-03-12 05:02:29 Times Seen239 Hash 97ac3fbd1b2375e4d0cf80e9115559a5 099a651392c3842ea70c4db55b4cc3049ffc65fd 3a62bf91740b52c78f26413dfd2eb1ffd4c16bfaf8c33b69a0f76c0ed3eeb635 Loading...

	www.googletagmanager.com/gtag/js?id=AW-614375826	119 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-614375826 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash d08a5a329915d6198d6df73cdaab9791 b45ed5d45ea7e1a9dbcd9bea064e3fddc62ff9ee 56e89e1d6b465af31e5eaad46de15ca886ead431b096c4d470a7263050e27cc2 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:02:43 Times Seen37064522 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js	4.8 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash 9e00b415275521f913bf61966d8f1b6a 3e029197e3febab7e6a91c2f5a934639a7637e1e cc6c959b43539c6e9514ad8b63677dee28ce1d36f8287e141a564cf404e9d1ff Loading...

	assets.americafirst.com/js/pm_fp.js	13 kB	2023-03-07	2024-02-17
Pretty URL assets.americafirst.com/js/pm_fp.js IP 206.81.136.155 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 805e6f717afb1f6a4af203a52f7c569d 939d695b61b5ada21794c1e98de324479de158bf 190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896 Loading...

	www.americafirst.com/about/help/support.html	241 B	2023-03-08	2023-03-08
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:15:04 Last Seen2023-03-08 03:15:04 Times Seen1 Hash 35913d007b594e81040e5658d5ae3550 6c52e1464154a47fd6cef1f324441b2f76683864 100ef0d6120f2a88ed0805b6a4b83bd5c297f07d543426fb32a96189beab3739 Loading...

	www.americafirst.com/about/help/support.html	589 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/about/help/support.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen115 Hash dd575ac9a81abd05479ea79423ee8bd9 6b524982cf6108634834dc5a2d884815a076731b 04ae98ee65febe0f8ae2fff952df307712dd88e6c609bc0b0c9713206d595944 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 358288417d5e191885dd8baa72a7479e	65 kB	2023-03-07	2024-02-17
Pretty Observations First Seen2023-03-07 01:12:13 Last Seen2024-02-17 04:51:03 Times Seen122 Hash 358288417d5e191885dd8baa72a7479e 918f8f75203b9b71e69db5860536b5d289f80464 072d86f4e1c0c69cc10c78417d048264421313ff69409de20ba31f10777bb2f5 Loading...

HTTP Transactions (145)

URL IP Response Size

afcuauthtemp.firebaseapp.com/

199.36.158.100

200 OK

224 B

URL HTTP/2
afcuauthtemp.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (593), with no line terminators
Size
224 B (224 bytes)
Hash
a56f86846618a37b61a77b14b1a86c0b
e1ece006b097a870c4f7c5d781b35a5f55264267
a908273334d3135b7c07ccbc000ece2b2cf25af3c944fee9b9899603a08cb18b

Detections

Analyzer	Verdict	Alert
openphish	America First Credit Union
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: afcuauthtemp.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "0aa412e0a776e40e33adb6cebfb9c4c7a1c15efb179b1126d43f191f44dd5608-br"
last-modified: Tue, 27 Sep 2022 10:14:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 28 Sep 2022 22:28:01 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664404081.336912,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 224
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 22:15:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a6ZOE1ZzsVObNWhzx7UzE0SxgVeo06QkOpYFaRJIkd6a_lsjVEHWrQ==
Age: 737

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2941
Expires: Wed, 28 Sep 2022 23:17:02 GMT
Date: Wed, 28 Sep 2022 22:28:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lCqevEGynZfwRAUG9IbKDdJ01ptKYI21Gsrlx1Wv_S__yU-Z9lAFPA==
age: 61175
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/vfTajG9ARFE

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/vfTajG9ARFE
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd4a9e801a9da17ccd799fe503384d80
3adfe8471b6600154bcfd915242c29cc52dd5a73
f381401749b1641cce4dd9e90b65d0cd89e1a4c5823a5877dccca3e5d2d1bcfd

HTTP Headers

POST /s/gts1d4int/vfTajG9ARFE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 22:28:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 21:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 22:26:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YmGsOtLfDLOhUtiUhv4WaKRC0GY3B2H23fAiQ0kKqhenRqv0f8O7Gg==
Age: 3509

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
324a1b764edb6a48b0ab0e11e1f9952a
4ebeea8e1dda5348f21db99a1a06698575caf5fb
01d86d90091514fa43e34c1d871e3d9aaafd23c25701eaad62b72d1bb1874573

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 22:28:02 GMT
Last-Modified: Wed, 28 Sep 2022 21:27:22 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FFARrLM7fAAh30ZN49NeztLhTSFvYZFFM8o2fh7kCNND2uCJ9YolNA==
Age: 3640

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3429
Cache-Control: max-age=124556
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:02 GMT
Etag: "63340099-1d7"
Expires: Fri, 30 Sep 2022 09:03:58 GMT
Last-Modified: Wed, 28 Sep 2022 08:06:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

cash129.herokuapp.com/

54.224.34.30

200 OK

35 B

URL HTTP/1.1
cash129.herokuapp.com/
IP
54.224.34.30:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
35 B (35 bytes)
Hash
e78c584e8b447c2d0e98fce21a05cc75
03d2ec1b4821f7c01eb81cffe4737780e63ec0a0
cb2364939424269cc84b66b137668c59bdc5a9f305badbb60ae83cd7fecbbc92

HTTP Headers

POST / HTTP/1.1
Host: cash129.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcuauthtemp.firebaseapp.com/
Origin: https://afcuauthtemp.firebaseapp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 28 Sep 2022 22:28:02 GMT
Content-Type: application/json
Content-Length: 35
Access-Control-Allow-Origin: https://afcuauthtemp.firebaseapp.com
Vary: Origin
Via: 1.1 vegur

push.services.mozilla.com/

44.242.3.166

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.3.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tCTmmBcFyUEcQ8CHj1zUBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SVSZ0RYBvTBQ6ZEUq45Eqxze8Xg=

ocsp.usertrust.com/

104.18.32.68

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
f9f2f44ac1527ff7d8a87f131a6691ae
cf82d4d918f571b2cbf50c775e60985e1d69f99e
bc72ce9a7e111f29d1fba9983bde4cddee32b78bf1c90ce204c84c2f28acb19d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:03 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 10:12:16 GMT
Expires: Wed, 05 Oct 2022 10:12:15 GMT
Etag: "cf82d4d918f571b2cbf50c775e60985e1d69f99e"
Cache-Control: max-age=602981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751fe8ef79c8b4fd-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
26fc5a157718ebfd698b8c28bc99896d
08d309c4781d93ce94bef6f6bc5fb2443369e57d
c3e0c3bd18019b226d9dd74a0c1a32268e8db9508cc5f6c850fcd3d97bdb0810

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 06:57:56 GMT
Expires: Wed, 05 Oct 2022 06:57:55 GMT
Etag: "08d309c4781d93ce94bef6f6bc5fb2443369e57d"
Cache-Control: max-age=548391,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751fe8ef8cadb4ed-OSL

sc87389896us1.cobrowse.oraclecloud.com/launcher.js

104.110.2.75

200 OK

9.5 kB

URL HTTP/2
sc87389896us1.cobrowse.oraclecloud.com/launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
C++ source, ASCII text, with very long lines (21806), with CRLF, LF line terminators
Size
9.5 kB (9477 bytes)
Hash
f2675c03e6a7139681958ede8c291f34
dee8ba07ce2007a6fd1fd9518d9e316f7611d3e6
e141aba7a3c84fda9f541f0a8336a7a73305a36a290c6a0eb8eb4c51498633cb

HTTP Headers

GET /launcher.js HTTP/1.1
Host: sc87389896us1.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
etag: "2321e235cd1219f0ea1f75a72519efc0:1557866875"
last-modified: Tue, 14 May 2019 20:47:55 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 28 Sep 2022 22:28:03 GMT
content-length: 9477
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js

23.38.200.237

200 OK

94 kB

URL HTTP/2
assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32754)
Size
94 kB (94537 bytes)
Hash
84e66bf0344eb603dc4e5f044526db10
b8af4c45b7b67f0a8162a7868799086bb67bd4c3
9e66e349cdb9ab48b0cec8458110d7d37d6e28e0dfdb5685e57660da0220ac49

HTTP Headers

GET /launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "352b0896ee976cf07d06c94d5f6ab075:1651680282.905175"
last-modified: Wed, 04 May 2022 16:04:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 94537
cache-control: max-age=3600
expires: Wed, 28 Sep 2022 23:28:03 GMT
date: Wed, 28 Sep 2022 22:28:03 GMT
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

www.americafirst.com/about/help/support.html

206.81.136.154

200 OK

26 kB

URL HTTP/1.1
www.americafirst.com/about/help/support.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (824)
Size
26 kB (26333 bytes)
Hash
c672a22b30136cbc41ba3a99d36e97e7
53d20e56277052437da17446807103ebc5deb607
dd675f9ded47b79c3c22fcaefe2518ada2c3b7febef6480a12bad6880da77eb1

HTTP Headers

GET /about/help/support.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcuauthtemp.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:03 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2
Expires: Wed, 28 Sep 2022 22:28:05 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 26333
Keep-Alive: timeout=5, max=14
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2b52ad405720d7d4665f40f842db9e99
c7e9646a8f2d2d8e932b26d231a518647230e308
c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Last-Modified: Wed, 28 Sep 2022 20:50:37 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js

104.17.24.14

200 OK

792 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1605)
Size
792 B (792 bytes)
Hash
13edf8140d2675abddd5abd0375c61a6
3f4c7b5b315e74accb4c96b3fac756c69600a1c5
fdd2b6d118db42dec69f1eb5775ad1fa4eee0ce1de0817af3d33f490e2668795

HTTP Headers

GET /ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 792
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-727"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7446794
expires: Mon, 18 Sep 2023 22:28:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ExCOZbt4tfPaX8jVPnUE6mzT9UZbY7CQxOyWcVJtv8ix%2B9ZFiBsdAHLalYyfBEfylnLrXYHg%2F1%2F9pPp3KFPes0wgC24jHg0PpdQqt%2BTyRsE2IQVTr6vRz8kmT2rTy4y9KZmfU5J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751fe8f2ff84b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js

142.250.74.170

200 OK

37 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11284)
Size
37 kB (37009 bytes)
Hash
d3a2418128f6434c0b8b2bd37ec9832d
58b94b60fedb0db4ffe094146d76596037f221c8
2554d2265affb518693b7d60c49fe22d7fff5ca0116b588e665702fcd1521202

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/utilities/utilities.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 37009
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 14:50:56 GMT
expires: Sat, 23 Sep 2023 14:50:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 459427
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2b52ad405720d7d4665f40f842db9e99
c7e9646a8f2d2d8e932b26d231a518647230e308
c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Last-Modified: Wed, 28 Sep 2022 20:50:37 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js

142.250.74.170

200 OK

8.0 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6109)
Size
8.0 kB (7976 bytes)
Hash
b5597319a33d8a6dc405d6c9ea80b518
e1e0abe7671d8ea2174e3eefc5b92824719617ca
65827ab1400d29599f39266266cef6bb866ddd6df703627383fc0544c0e53c03

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 20:37:53 GMT
expires: Mon, 25 Sep 2023 20:37:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 265810
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js

142.250.74.170

200 OK

7.2 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6069)
Size
7.2 kB (7240 bytes)
Hash
11e8a58070c375f6b89929805853f58e
0a6c4e2684d0e9b9889a5bdb0374fe241732845f
f8c5cc4360a468004402e0d214b44ade691375bd085d40ce4fc8bd182649e1fd

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:48:32 GMT
expires: Fri, 22 Sep 2023 19:48:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 527971
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.americafirst.com/etc/designs/afcu.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/designs/afcu.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:03 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:03 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=3
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6475
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 22:28:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6475
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 22:28:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6475
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 22:28:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6475
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 22:28:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6795 bytes)
Hash
9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 06:18:03 GMT
age: 58200
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c06f419817d1fb6550cac9bcbe0ef62e
e67ac96988db78c5930dbf964ce82d30199c1edf
09f710bb6ed46869b53ff1a24a590763d05e75257680e4478394b1225c765e80

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:03 GMT
Last-Modified: Wed, 28 Sep 2022 20:41:37 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10023 bytes)
Hash
f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 1385
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8754 bytes)
Hash
556ea631652cbb77ff38dbe3bbc8c4d1
ba797da9b2d6942161fa02a0e431de4868b84327
130dab67cb6d80c741a7f2dadfd536bd6900204880dc3b68b2afbfa53dd3d781

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8754
x-amzn-requestid: 175fc592-ed89-44fb-8cf7-8a4404f59d4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZC5OcHKkIAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633108c2-2c0c36007bc8bcb56a54e8a1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 02:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -AhTOJwgY3-DnA_pYXdBL18wPP_fNeyDmZjkdkQ2J-xrBZSyRcdK3Q==
via: 1.1 71e7943ea0729c284a06faa05a567236.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:10:22 GMT
age: 11861
etag: "ba797da9b2d6942161fa02a0e431de4868b84327"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9034 bytes)
Hash
2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 04:18:58 GMT
age: 65345
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd156c6a4-51d8-498f-ac66-df71d14dc199.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7229 bytes)
Hash
f5d602deb76fb578e19f56ab7ded2070
8c73e318a79c74a980108bb3d79c89d00c35af57
d212b5cfea23e349471702c7a79f464ef012bc644ab7ab60caed6a7f7395a049

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd156c6a4-51d8-498f-ac66-df71d14dc199.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7229
x-amzn-requestid: 5746281b-76dd-4f5d-aae0-6e81d115afba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5eyoGymIAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d44dd-113b11d4740415f2712d85aa;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 05:32:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Xet9obEGz9ToJADlhIi7dokSdNVfqCU04_6_pKBQv0ggB-zlPxC8Sg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 04:35:22 GMT
age: 64361
etag: "8c73e318a79c74a980108bb3d79c89d00c35af57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 03:53:01 GMT
age: 66902
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020

206.81.136.154

200 OK

24 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (759)
Size
24 kB (24078 bytes)
Hash
b00b4eedd5bf17f29d3654d22c45b8ed
473e2e308348e21d7d7df502a620ff21d22ea0ab
c228f1003616dcdb6f50f389cd7cbee90e76afdfe635a2867a0e4b29a571a974

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:03 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:03 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1f5e97523538317dd0e8cfb3359e5493
120e51845f41cb9eff72270a0832af2544574cf9
2eae0261b488144f1d3224e26829dbe0f1b1b5835c5d646cf39968d532391ba7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 07:05:39 GMT
Expires: Mon, 03 Oct 2022 07:05:38 GMT
Etag: "120e51845f41cb9eff72270a0832af2544574cf9"
Cache-Control: max-age=376053,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751fe8f56a12b4ed-OSL

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js?t=10302020

206.81.136.154

200 OK

13 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (586)
Size
13 kB (12667 bytes)
Hash
4012fc93d59cf49ecfea404344576242
ea947319f2ac8552a111cb35d81fc37c0e3ed353
46bcf9d51f1fe339546a4441554e4e9e5fb1d00f38aeaf2f4300c68b6f5ff686

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.js?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8

integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js

54.86.0.52

200 OK

19 kB

URL HTTP/1.1
integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
IP
54.86.0.52:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (57760), with no line terminators
Size
19 kB (18598 bytes)
Hash
81e1b71ce3eae9a552cc092a0373fae3
0bdded53f8959d504e2f8c4d63439bd2bbf8fc5f
af6858ba20b4d820f46fefb9516c7e0d5404e2c0b2b4427e51c76b91d6d70493

HTTP Headers

GET /js/silvercloudjs/silvercloud.js HTTP/1.1
Host: integration.silvercloudinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: must-revalidate, proxy-revalidate, max-age=0 s-maxage=3600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 22:28:03 GMT
ETag: W/"6317b662-e1a1"
Last-Modified: Tue, 06 Sep 2022 21:06:42 GMT
Server: nginx/1.14.0 (Ubuntu)
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
Content-Length: 18598
Connection: keep-alive

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css

206.81.136.154

200 OK

3.7 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (1188)
Size
3.7 kB (3717 bytes)
Hash
a6fa5ea919fd5af0172540091dd7f2e3
e38c151a85dfe4dcf531078dc417b99ab21cbd38
213df987f8b0ce29ae4df227bec70a1dd54535c6f2f1f09daeb1e1f871618884

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3717
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/vendor/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js

206.81.136.154

200 OK

11 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (587)
Size
11 kB (11168 bytes)
Hash
2877fededda3f465ad9ea93b980b7253
22a68f52fc9c5123cde8a9e5376507f0fadf9cf2
c7c4a22646b98ee2eb953d58524004c6d72bae9b119d5f0b86a7060436f8d642

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 11168
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/components/general/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css

206.81.136.154

200 OK

1.3 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (755)
Size
1.3 kB (1283 bytes)
Hash
bf89f0f71413d9ab3f1f2900b6b292c8
1471be4e9652fe4d8c865a58e29363d94497a6f3
8f47d7932519e20660e758448ccdd4d978bf2cab42157f7fd26c1376271b4971

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1283
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js

206.81.136.154

200 OK

32 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (657)
Size
32 kB (32312 bytes)
Hash
4ff70b3af60012dc39eb3975d2483cbd
5b2ecc408bf76a628d4c92a6aff21bae63620f63
b85935f2651ce59a567339ad09aa6e9eaec44be595e31d9997235a279c31b4c5

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 32312
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js

206.81.136.154

200 OK

3.0 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (525)
Size
3.0 kB (2993 bytes)
Hash
b933e81a6ffae2a9d9823cb78f111c9a
ccdf99561fbc365320814394ddf304d701cde551
14a5e6a44dd63a2657a870c3b883d7bc90f34c24ffbb3570d5b7a7d50e7a6142

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2993
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css

206.81.136.154

200 OK

1.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text, with very long lines (311)
Size
1.1 kB (1127 bytes)
Hash
ceee945acaceeaa45d77eb9ab0edf73c
15d73dde292077e50ad6f75bdbdd435ce24ce6d6
3238846fffcf4dddfd85156359176d382fbad7d1f37b27b38e8f02b0971af635

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1127
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js

206.81.136.154

200 OK

793 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (506)
Size
793 B (793 bytes)
Hash
9f89be8c9e55c4458eeab10d5668571e
4a9dbe1699f2255a484c6a3bea7ca65c143cd955
c6fd4e7f42656b4a0f7c2d5c43d58f04c54c023e6059886680ed7472566e6dcb

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery_cookie.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 793
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
becab0cfb686e7315afc457431eb7846
3472c73a07f4725b6f40b455c1bc7105a1e0fa61
574674bcd62b68821bb90b4505f1507b0b7e0f7b1ebd688d5a0264e2660ebdcb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 14:00:50 GMT
Expires: Wed, 05 Oct 2022 14:00:49 GMT
Etag: "3472c73a07f4725b6f40b455c1bc7105a1e0fa61"
Cache-Control: max-age=573764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751fe8f64aefb4ed-OSL

www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020

206.81.136.154

200 OK

41 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (686)
Size
41 kB (41146 bytes)
Hash
bf340b870c845535a49550cb30048218
5beca18c3dfb1da9f0450035f95241eadf6ffa0e
35ac27cc04b3b36542b94216c3282a3e4867364e5a1890b2d417b07ebbd76eed

HTTP Headers

GET /etc/clientlibs/afcu/base.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js

206.81.136.154

200 OK

9.9 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (573)
Size
9.9 kB (9936 bytes)
Hash
1fbfef4765bbbbbb5e71d11866d5ebc9
ec9102bf15c63b471d80689b8e9b6afb599e5bb2
bba09183f6c1c6219819f6d5d5170f883d08817d81e85e4d9cc6ac92f0028151

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9936
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js

206.81.136.154

200 OK

1.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (529)
Size
1.8 kB (1833 bytes)
Hash
0e3967977de38ac9df932eb4f0d041d7
9f4844d8b9e468482a750153f8be6cdd4e63b8da
af2a1133bd2dd371509660def707ad117da17381216b8679f1116f198c85eb5e

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1833
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js

206.81.136.154

200 OK

12 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (564)
Size
12 kB (12329 bytes)
Hash
1598e8ae94bd862ac60ce2ca3ee667a0
95b9e1242259033519025572e443577b9c18066a
cf88575b8e2f460dc9c04e6cd929f68901edbc978c148862b091d122c72570f9

HTTP Headers

GET /etc/clientlibs/afcu/vendor/html2canvas.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 12329
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js

206.81.136.154

200 OK

2.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (574)
Size
2.1 kB (2105 bytes)
Hash
b24b3d75f693b844eb6eca9ab8e1623a
bb04eecc43833e4d7606dc075c233a68a2acbb66
7dbba0141c31e2e593ed72f78eea04214cbb07262d3e65278d387e55d8ebc1f0

HTTP Headers

GET /etc/clientlibs/afcu/vendor/mask.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2105
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript;charset=utf-8

assets.americafirst.com/js/pm_fp.js

206.81.136.155

200 OK

13 kB

URL HTTP/1.1
assets.americafirst.com/js/pm_fp.js
IP
206.81.136.155:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (12876), with no line terminators
Size
13 kB (12876 bytes)
Hash
805e6f717afb1f6a4af203a52f7c569d
939d695b61b5ada21794c1e98de324479de158bf
190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896

HTTP Headers

GET /js/pm_fp.js HTTP/1.1
Host: assets.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Xet-Cookie: 
Age: 1
Date: Wed, 28 Sep 2022 22:28:04 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 155
ETag: "324c-568a7c9249bc0"
Server: Apache
Last-Modified: Fri, 30 Mar 2018 21:18:47 GMT
Accept-Ranges: bytes
Content-Length: 12876
Keep-Alive: timeout=15, max=100
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/base.min.js?t=10302020

206.81.136.154

200 OK

45 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.js?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text
Size
45 kB (44924 bytes)
Hash
b0dd315685dc3a11df439c48cc28d262
6319526b5bebca072556ec71b14a8901535a72ca
c9c8f8ee5d5960c97223cdad2ea998ac242f8eb7943d2250c8f3b386a36a746b

HTTP Headers

GET /etc/clientlibs/afcu/base.min.js?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:04 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Wed, 05 Oct 2022 22:28:04 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8

www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg

206.81.136.154

200 OK

21 kB

URL HTTP/1.1
www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size
21 kB (20583 bytes)
Hash
56a4d6e72dbcb720820272077b6db785
796c589c3b12f4b27d4508149000edf51a02a3af
4cc97dc3a3d6faa8e866600202b98af8fd7008e93d3463d6a04b380f26f0d573

HTTP Headers

GET /content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 20583
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-about-02.jpg

206.81.136.154

200 OK

34 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-about-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
34 kB (34420 bytes)
Hash
6f3cd2c29035f40678a77eb275e92a24
c2ae338b5b20e2784eb52b5940dd994d6c3903d0
9b026865527a86a69ccecccbc65f7d93361a6ca8c58ab92470cdf8cd2de5724e

HTTP Headers

GET /content/dam/nav/nav-about-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 34420
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-accounts-02.jpg

206.81.136.154

200 OK

23 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-accounts-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
23 kB (22732 bytes)
Hash
a99514fea1815a6b5ebe648041a2fe71
49b017bd5f63cb5bf37ecfba0b539e91519477f3
f0c59daceffddeadba354ccec9deb0ed3c425b7a0015ead6877fae4b7f5cc907

HTTP Headers

GET /content/dam/nav/nav-accounts-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 22732
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-loans-02.jpg

206.81.136.154

200 OK

30 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-loans-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
30 kB (29739 bytes)
Hash
075c8ddbe10da377b9e0fa000cbd6923
9545743e2c7add002c66d2b7a474dd3fa4be0f2c
fadbf02e0f7b34d1da7e0791c2398e5abaf27b914d5825088adcd6af5071a6b7

HTTP Headers

GET /content/dam/nav/nav-loans-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 29739
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/jpeg

assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

23.38.200.237

200 OK

12 kB

URL HTTP/2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32768)
Size
12 kB (12163 bytes)
Hash
e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e

HTTP Headers

GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 28 Sep 2022 23:28:05 GMT
date: Wed, 28 Sep 2022 22:28:05 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js

23.38.200.237

200 OK

1.6 kB

URL HTTP/2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3155)
Size
1.6 kB (1597 bytes)
Hash
e672de61b277fc72de4299829bfbb31c
157a7409922d58a02dad3ba879d04eb2a3ef8f3d
e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215

HTTP Headers

GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 28 Sep 2022 23:28:05 GMT
date: Wed, 28 Sep 2022 22:28:05 GMT
content-length: 1597
cache-control: no-cache
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ntqldw8h7cl8m77tg0&version=20220828

104.110.2.75

200 OK

12 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ntqldw8h7cl8m77tg0&version=20220828
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Size
12 kB (11698 bytes)
Hash
9466edea5b690a8dcc94a8aee5255448
8200790330fb146fdc254fb694871e0e9d73e974
f59a6c07012c632c6d0014640439abdd1e0de1f6b4cb557c43531c43af88d24c

HTTP Headers

GET /rely/storage/ll_storage_html5.html?context=ntqldw8h7cl8m77tg0&version=20220828 HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "b7b7e70ac037b592aef8c274d8e66a71:1634875896.03281"
last-modified: Thu, 21 Oct 2021 23:11:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 28 Sep 2022 22:28:05 GMT
content-length: 11698
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/nav/nav-learn.jpg

206.81.136.154

200 OK

48 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-learn.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:09:20 15:02:31], progressive, precision 8, 300x250, components 3\012- data
Size
48 kB (47901 bytes)
Hash
a8e23fd69a941262a473447da048ab48
7eeb55c530ab4eb492deffbec84d114434eecde4
991e3d5fa232e5259df67968507cff332947551feedcb1c9e3e70fe3b9900498

HTTP Headers

GET /content/dam/nav/nav-learn.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 47901
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg

public.cobrowse.oraclecloud.com/rely/global_launcher.js

104.110.2.75

200 OK

63 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/global_launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
data
Size
63 kB (63228 bytes)
Hash
3b74619de42921b87ea754ca9ba385cc
25ea32aa20801e6c3aafe12484ac84ca1865606e
5a32b5ac962aaa8a09309269289eecc83b834378318439e3d7f31616f5c4b3d3

HTTP Headers

GET /rely/global_launcher.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "c3f1598b042efa5820d3436290fe48e1:1642746872.088599"
last-modified: Fri, 21 Jan 2022 01:34:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 28 Sep 2022 22:28:05 GMT
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg

206.81.136.154

200 OK

73 kB

URL HTTP/1.1
www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2019:12:05 09:57:21], baseline, precision 8, 300x250, components 3\012- data
Size
73 kB (72575 bytes)
Hash
654623c1eca99226260d4088c59f5769
daf39810839c151ad081ffb21cb48dcec37684ef
b576be4e253bd51d928168804d9584916507a203d920c9208dfe132621018f12

HTTP Headers

GET /content/dam/visa/visa-card-signature-mega.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 72575
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

206.81.136.154

200 OK

14 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Web Open Font Format (Version 2), TrueType, length 14076, version 1.0\012- data
Size
14 kB (14076 bytes)
Hash
bf912df22c6dc861e7a01c32fc165187
6918b9cb1fba7d78ce615063203fb5b1eb63ec50
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

HTTP Headers

GET /etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 14076
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/octet-stream

www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html

206.81.136.154

200 OK

864 B

URL HTTP/1.1
www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document, Unicode text, UTF-8 text, with very long lines (447)
Size
864 B (864 bytes)
Hash
ed153382b3334b004deb5534ada4d7b2
e4367a6303c778bb42f674384a96227e5190e0da
6edf494c091215e67f53e1d1e3f0cd264c8c808fe23553270264c9d3cad8ec67

HTTP Headers

GET /content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: max-age=300, max-age=2
Expires: Wed, 28 Sep 2022 22:28:07 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 864
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
90526cc7b6602cb1e55aa857f5b4e862
b5911a9bac95aac73decfe8cf51559d61f3f66f4
71f904c7cd9b9f2c0f4e4fbf89754f62bca5af44a30b6009e78447765fb59b1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:05 GMT
Last-Modified: Wed, 28 Sep 2022 20:43:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598

54.76.210.146

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598
IP
54.76.210.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v043-0cd98f563.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=56381500211132026870207437432652804030; Max-Age=15552000; Expires=Mon, 27 Mar 2023 22:28:05 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: X+tmiyy2SoM=
Content-Length: 0
Connection: keep-alive

dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598

54.76.210.146

200 OK

124 B

URL HTTP/1.1
dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598
IP
54.76.210.146:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
124 B (124 bytes)
Hash
1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca

HTTP Headers

GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1664404082598 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-08585183a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: MOW+oY7KRP4=
Content-Length: 124
Connection: keep-alive

www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list

206.81.136.154

200 OK

893 B

URL HTTP/1.1
www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document, Unicode text, UTF-8 text, with very long lines (322)
Size
893 B (893 bytes)
Hash
9adc66c30644d24d9e672153d64191ca
596fde42066abd66f1293926db0c675a41fd7f21
ad06d85f6e3fc4418c56395ff5729c6688bd18c8185054b5b58395fbbd68eea6

HTTP Headers

GET /content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: max-age=2
Expires: Wed, 28 Sep 2022 22:28:07 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 893
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js

104.110.2.75

200 OK

21 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20968 bytes)
Hash
c71817d4d41ad2a3069aa18ed35afdee
177989b846b7f092036daa1f1e5b26f245e8c576
0cdedffe5d8f066d5401afa0f96159649d2296d49a48339cf093c9d9677e3bc6

HTTP Headers

GET /rely/client/ui/livelook_ui_manager.bundle.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "619ea4c083a27523d708e062b444ad6b:1648187515.534791"
last-modified: Fri, 25 Mar 2022 00:51:52 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 28 Sep 2022 22:28:05 GMT
content-length: 20968
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/nav/nav-services-03.jpg

206.81.136.154

200 OK

26 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-services-03.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
26 kB (26264 bytes)
Hash
a5f8703ff8569c481686dee7efdfbe71
359441bc385f5d9fbb236fc97616df5a3ebcd701
ab8da6f834b214aa136841d1652d27f3bfbc5cee47bff31ccdf0e5a08f026906

HTTP Headers

GET /content/dam/nav/nav-services-03.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 26264
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons-new.ttf?21tguw

206.81.136.154

200 OK

1.5 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons-new.ttf?21tguw
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, afcu-icons-new\012- data
Size
1.5 kB (1522 bytes)
Hash
c0a3c884df92a9aaacbb4e36aa21c864
cb379e40688b01fcb06875592c0ba4cfb88831ff
0d34fdab19d9ce873fc20847e0cf3d2a92ad4cdc4c964592f128e3c543005d68

HTTP Headers

GET /etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons-new.ttf?21tguw HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: inline
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1522
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/x-font-ttf

www.americafirst.com/content/dam/about/blue-careers.png

206.81.136.154

200 OK

5.4 kB

URL HTTP/1.1
www.americafirst.com/content/dam/about/blue-careers.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5427 bytes)
Hash
114c8f9c42bc7508132e0adf1c6b44b4
2e59ea39c3abaae275c5adc00314cb1221a8183d
46012c44cc9ef673beb9469fcaca9379563f309f683b0c7f9d739e017c423328

HTTP Headers

GET /content/dam/about/blue-careers.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 5427
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt

206.81.136.154

200 OK

9.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, afcu-icons \012- data
Size
9.8 kB (9761 bytes)
Hash
48e99398ff3cb928d8a206047c748f83
fa541d94e75fca57c118adf7fc30361012d31132
17ba00b0551f829848d9cc73126aae46f3d0d1668432e30bdecffb2bc70f4ae1

HTTP Headers

GET /etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: inline
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9761
Keep-Alive: timeout=5, max=28
Connection: Keep-Alive
Content-Type: application/x-font-ttf

public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif

104.110.2.75

200 OK

56 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 220 x 24\012- data
Size
56 kB (55779 bytes)
Hash
9c93dd978bd0230c76e230af8fd04c02
e1c9a00f267d3ed3435de98ce008788e2349fd91
527a1ec8fe47ac6533dad4bccbfc1e2ea49f6cf0fac6bcabf1dc896cfa7b5e0f

HTTP Headers

GET /rely/resources/images/v4llpanel/wait.gif HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
etag: "9c93dd978bd0230c76e230af8fd04c02:1663904811.520261"
last-modified: Fri, 23 Sep 2022 03:46:51 GMT
server: AkamaiNetStorage
content-length: 55779
date: Wed, 28 Sep 2022 22:28:05 GMT
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f2ccc7d81248988aa0b81d312e84eb1a
de9acd084a481230c3be852f3c3ba6c6c311ce84
1d011f17cdb130206d75190cb5fa3d9ca09ae7a89a6e137f81881a2a2aaac7a5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 22:28:05 GMT
Last-Modified: Wed, 28 Sep 2022 22:21:02 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L9soGLwiI_cR1MXqvMG99377s9KfE0ROLmoqXeMH3iA_NGx8gMuizg==
Age: 423

listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png

3.213.221.43

200 OK

42 B

URL HTTP/2
listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png
IP
3.213.221.43:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png HTTP/1.1
Host: listen.audiohook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:05 GMT
content-type: image/gif
content-length: 42
server: meinheld/1.0.2
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/fraud-alert.png

206.81.136.154

200 OK

9.3 kB

URL HTTP/1.1
www.americafirst.com/content/dam/fraud-alert.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9298 bytes)
Hash
dd7bdf0aaaf27f83c082611b017b95ea
bd8154d11973b6135b7f03c9084311628241e8cf
04b1df5dce9cfce88abc012067950b7c579a7f7922cd10ce5994261794ff4a79

HTTP Headers

GET /content/dam/fraud-alert.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9298
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/general/eagle-inverse.png

206.81.136.154

200 OK

55 kB

URL HTTP/1.1
www.americafirst.com/content/dam/general/eagle-inverse.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 199 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
55 kB (55354 bytes)
Hash
bd4d3f3cf3d230f7dbf6d3e6cc52bd12
9d2331f23676f057a53b766902ea07046a096e50
4c2f9e3884701acbb2bcb1d909abb00fb7f336644ca3b295ad3bb9fd192bf6b8

HTTP Headers

GET /content/dam/general/eagle-inverse.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 55354
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png

calcs.americafirst.com/scripts/tipped/comboTipped.js

148.66.212.61

200 OK

26 kB

URL HTTP/2
calcs.americafirst.com/scripts/tipped/comboTipped.js
IP
148.66.212.61:0
ASN
#13649 ASN-VINS

File type
data
Size
26 kB (25986 bytes)
Hash
02ea94f4671fd6a28e068f1a0ab22da6
794055d458e1cb0d92239c586934eee493627fe6
e1e91341e4bb2abd80b6aa495e01c753c6f97ce8c1ae7d26bfa2217e996848e6

HTTP Headers

GET /scripts/tipped/comboTipped.js HTTP/1.1
Host: calcs.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
vary: accept-encoding
content-type: application/javascript
content-encoding: gzip
strict-transport-security: max-age=31622400; includeSubDomains
date: Wed, 28 Sep 2022 22:28:01 GMT
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
etag: W/"66987-1555013214000"
last-modified: Thu, 11 Apr 2019 20:06:54 GMT
access-control-allow-headers: Charset, Content-Type, Accept
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/ncua-01.png

206.81.136.154

200 OK

1.4 kB

URL HTTP/1.1
www.americafirst.com/content/dam/ncua-01.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 85 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1393 bytes)
Hash
5170f67c2ae438d42578b3a754fb8dad
9f5f867b1cae2d5d12b5456d63fef0b603948c65
62fa406dc92229e013d35da71ae808c30f3fee30cf2427b4b3ac0ffba09d0b70

HTTP Headers

GET /content/dam/ncua-01.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1393
Keep-Alive: timeout=5, max=27
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/business/hbg-business-visa-cards-05.jpg

206.81.136.154

200 OK

142 kB

URL HTTP/1.1
www.americafirst.com/content/dam/business/hbg-business-visa-cards-05.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x350, components 3\012- data
Size
142 kB (142398 bytes)
Hash
c5fdf1ced360892379dcb11389e00bad
d988d3319a9183112c442b64257b84e7c8e090eb
d1206f882f88ebbfd5be3adae4a2807bb698a410189dbb1da17ab3fe4ca7c0cc

HTTP Headers

GET /content/dam/business/hbg-business-visa-cards-05.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 142398
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
30bbfbc4cfd3f48fa349587846e5e8d4
ffac0f69d68c81fc0cea0399b297c74e9605914c
4ea0cd59f5c6e180b0ea1948877f943cbacbf95f26f34a3376641979f42c7041

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:05 GMT
Server: ECS (amb/6BA1)
Content-Length: 471

sstats.americafirst.com/id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1664404082978

13.36.218.177

200 OK

48 B

URL HTTP/2
sstats.americafirst.com/id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1664404082978
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
43effeea651da75498ce5dcaa4a3222c
a33a452b0efc6aa8e3801e26b92a550260c76228
34a77031115237ce52c0c9b2299a47b17466d9558e9aca9614b93e7956c581e8

HTTP Headers

GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1664404082978 HTTP/1.1
Host: sstats.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://www.americafirst.com
access-control-allow-credentials: true
date: Wed, 28 Sep 2022 22:28:05 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0%7CMCMID%7C62207030694885640434509090309519282987; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 22:28:28 GMT;
s_ecid=MCMID%7C62207030694885640434509090309519282987; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 22:28:28 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=62207030694885640434509090309519282987&ts=1664404083405

54.76.210.146

200 OK

900 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=62207030694885640434509090309519282987&ts=1664404083405
IP
54.76.210.146:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (2321), with no line terminators
Size
900 B (900 bytes)
Hash
16af2daa916d59b233292b02e55c97cd
e5b038bcc4d3c3b3c96b51e494521c36191755df
1e09c170ab393a73733f1eca34527a578be537854446b302c5bdacd56960b465

HTTP Headers

GET /id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=62207030694885640434509090309519282987&ts=1664404083405 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-09f1d4558.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=66903179097090656713755766198946847143; Max-Age=15552000; Expires=Mon, 27 Mar 2023 22:28:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: cvGGDjPWTI8=
Content-Length: 900
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3cf371aecb5dbe8a16907a149ddd1282
b7fc518e1f3429ab5fa68af6a7c35ccd7173d6e7
99842c29daa82a3a0b9429452016c97ed0a7a41d9d71453079b26c9ad094f3c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 22:12:21 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471

www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png

206.81.136.154

200 OK

10 kB

URL HTTP/1.1
www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 390 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9957 bytes)
Hash
55a1e45732b0d0cb9435fcf2c85914a8
8f9ebea0799281fa44904feee3dab6041b467d2a
96b761c941e24fe52b008c62e966aef6e6c8e8a60578cf473914cf94b16adde6

HTTP Headers

GET /content/dam/afcu/logo/logo-desktop-inverse.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405943; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:06 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9957
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png

americafirstcreditun.tt.omtrdc.net/rest/v1/delivery?client=americafirstcreditun&sessionId=e968725dae3242d7909e7c72cc998175&version=2.8.1

13.36.218.177

200 OK

2.2 kB

URL HTTP/2
americafirstcreditun.tt.omtrdc.net/rest/v1/delivery?client=americafirstcreditun&sessionId=e968725dae3242d7909e7c72cc998175&version=2.8.1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (4956), with no line terminators
Size
2.2 kB (2193 bytes)
Hash
02862286a8badc3f65262b297a28f339
01f832a09123a2f90780c3fa4b6c6e3fd237cc9e
5195431215f007f07e14092020f2d880b6a825d30c857e73fd3ca1e7a43d9e4e

HTTP Headers

POST /rest/v1/delivery?client=americafirstcreditun&sessionId=e968725dae3242d7909e7c72cc998175&version=2.8.1 HTTP/1.1
Host: americafirstcreditun.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 944
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:06 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.americafirst.com
access-control-allow-credentials: true
x-request-id: 5f11c50f-5d8b-4b20-822b-9308953f51a6
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 21:25:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gyv48p73mtAggYDQR1UNM1iJR04ZDBCAJcpoa90H8g7DWJQ6TbZzwVSnJ59LGlxD+lSTxvaUd8FQ1PxiDwJuHA==
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 28 Sep 2022 22:28:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 20:41:09 GMT
expires: Wed, 28 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 6417
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

americafirstcreditunion.demdex.net/dest5.html?d_nsid=0

99.81.102.255

200 OK

2.8 kB

URL HTTP/1.1
americafirstcreditunion.demdex.net/dest5.html?d_nsid=0
IP
99.81.102.255:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: americafirstcreditunion.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 28 Sep 2022 22:28:06 GMT
DCS: dcs-prod-irl1-1-v043-08585183a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 26 Sep 2022 13:36:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 2MJ5PVGkQqI=
Content-Length: 2791
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 21:25:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=AW-791415936

142.250.74.72

200 OK

47 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-791415936
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
47 kB (46728 bytes)
Hash
2cf57cc6bada9c5d030f89bdbca76c26
9b451b20afc88c4ac0e477d652599a4cf75bd32c
969b8304e88400b6cbc9b5abde920da5cfb6dd28b40784c961b1cae0a34a244b

HTTP Headers

GET /gtag/js?id=AW-791415936 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 22:28:06 GMT
expires: Wed, 28 Sep 2022 22:28:06 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 21:25:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j97&a=120916577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&dr=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&ul=en-us&de=UTF-8&dt=Co-browsing%20Support-%20America%20First%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACAABBAAAAC~&jid=70110170&gjid=761079136&cid=1680234111.1664404084&tid=UA-18557726-1&_gid=252790172.1664404084&_r=1&_slc=1&z=345642421

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=120916577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&dr=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&ul=en-us&de=UTF-8&dt=Co-browsing%20Support-%20America%20First%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACAABBAAAAC~&jid=70110170&gjid=761079136&cid=1680234111.1664404084&tid=UA-18557726-1&_gid=252790172.1664404084&_r=1&_slc=1&z=345642421
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j97&a=120916577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&dr=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&ul=en-us&de=UTF-8&dt=Co-browsing%20Support-%20America%20First%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACAABBAAAAC~&jid=70110170&gjid=761079136&cid=1680234111.1664404084&tid=UA-18557726-1&_gid=252790172.1664404084&_r=1&_slc=1&z=345642421 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.americafirst.com
date: Wed, 28 Sep 2022 22:28:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.americafirst.com/etc/designs/afcu/favicon.ico

206.81.136.154

200 OK

539 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/favicon.ico
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
539 B (539 bytes)
Hash
cf6a37e110a617a3e7413b77d97289b8
801be9f2564697765c78184bddd08c62742dc718
d6ef48fc93e655c8b777ffee311f873fd3fb0ebc156b18ac0f34b73c93119045

HTTP Headers

GET /etc/designs/afcu/favicon.ico HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CMCMID%7C62207030694885640434509090309519282987%7CMCAID%7CNONE%7CMCOPTOUT-1664411283s%7CNONE%7CMCAAMLH-1665008883%7C6%7CMCAAMB-1665008883%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405944; at_check=true; s_ecid=MCMID%7C62207030694885640434509090309519282987; AMCVS_A7873BC75245AD770A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:06 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 539
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

www.americafirst.com/etc/designs/afcu/app-icon.png

206.81.136.154

200 OK

22 kB

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/app-icon.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
22 kB (21908 bytes)
Hash
932d24e68290973a7aca51f7d75aa1ec
79f9906573424ec3c8c14e14c98afcf82e82fa21
a4c742b8570790ea5039e38793f3dd9a46b3d2be81eb9fc9797b31515dd861b6

HTTP Headers

GET /etc/designs/afcu/app-icon.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/about/help/support.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CMCMID%7C62207030694885640434509090309519282987%7CMCAID%7CNONE%7CMCOPTOUT-1664411283s%7CNONE%7CMCAAMLH-1665008883%7C6%7CMCAAMB-1665008883%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405944; at_check=true; s_ecid=MCMID%7C62207030694885640434509090309519282987; AMCVS_A7873BC75245AD770A490D4D%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 22:28:06 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Content-Disposition: inline
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 22:28:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 21908
Keep-Alive: timeout=5, max=30
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sstats.americafirst.com/b/ss/afcu.global/1/JS-2.22.4-LCS4/s1434380980933?AQB=1&ndh=1&pf=1&t=28%2F8%2F2022%2022%3A28%3A3%203%200&sdid=32629DBE8C34055B-6A41751FB5552356&mid=62207030694885640434509090309519282987&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Aabout%3Ahelp%3Asupport&g=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&r=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&cc=USD&ch=about&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=help&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1

13.36.218.177

200 OK

43 B

URL HTTP/2
sstats.americafirst.com/b/ss/afcu.global/1/JS-2.22.4-LCS4/s1434380980933?AQB=1&ndh=1&pf=1&t=28%2F8%2F2022%2022%3A28%3A3%203%200&sdid=32629DBE8C34055B-6A41751FB5552356&mid=62207030694885640434509090309519282987&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Aabout%3Ahelp%3Asupport&g=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&r=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&cc=USD&ch=about&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=help&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/afcu.global/1/JS-2.22.4-LCS4/s1434380980933?AQB=1&ndh=1&pf=1&t=28%2F8%2F2022%2022%3A28%3A3%203%200&sdid=32629DBE8C34055B-6A41751FB5552356&mid=62207030694885640434509090309519282987&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Aabout%3Ahelp%3Asupport&g=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&r=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&cc=USD&ch=about&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=help&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1 HTTP/1.1
Host: sstats.americafirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19264%7CMCMID%7C62207030694885640434509090309519282987%7CMCAID%7CNONE%7CMCOPTOUT-1664411283s%7CNONE%7CMCAAMLH-1665008883%7C6%7CMCAAMB-1665008883%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; mbox=session#e968725dae3242d7909e7c72cc998175#1664405944|PC#e968725dae3242d7909e7c72cc998175.37_0#1727648884; at_check=true; s_ecid=MCMID%7C62207030694885640434509090309519282987; AMCVS_A7873BC75245AD770A490D4D%40AdobeOrg=1; _ga=GA1.2.1680234111.1664404084; _gid=GA1.2.252790172.1664404084; _gat=1; _gcl_au=1.1.36164243.1664404084; s_ppv=www%253Aabout%253Ahelp%253Asupport%2C46%2C46%2C939%2C1%2C2; s_ips=939; s_tp=2033; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 28 Sep 2022 22:28:06 GMT
expires: Tue, 27 Sep 2022 22:28:06 GMT
last-modified: Thu, 29 Sep 2022 22:28:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C62207030694885640434509090309519282987; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 22:28:28 GMT;
etag: 3574280559111798784-4619771133123253292
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
16 kB (15694 bytes)
Hash
30bea2cc3577d44ab2e9895de24d6557
326f0c1c5a2d2b495360862208fc8f9d1a7406f7
6bd819ff0f60b998ebd8ba15e62bb340eb95ea3f8037ef70c2edc7b1829a8998

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Sep 2022 22:28:06 GMT
expires: Wed, 28 Sep 2022 22:28:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57443), with no line terminators
Size
15 kB (15317 bytes)
Hash
1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Wed, 28 Sep 2022 22:28:06 GMT
x-served-by: cache-iad-kjyo7100123-IAD, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d124b2042ad39b267e5f4323bf38460d
7791f64871792e7d5738324151591a7375591de9
20f56f07486fd4bac01160e254a0d9ef32458ead835035c8635b6c5fae87418d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 20:44:16 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6oyHkY26INXsrQWhFWrV-7KmvcnkAZooHarhz-KtZR2LaHr0OSkACw==
Age: 6230

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.everesttech.net/cm/dd?d_uuid=66903179097090656713755766198946847143

52.17.180.229

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=66903179097090656713755766198946847143
IP
52.17.180.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=66903179097090656713755766198946847143 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Wed, 28 Sep 2022 22:28:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzTKdgAAAGtNDAMx; Domain=.everesttech.net; Expires=Thu, 28-Sep-2023 22:28:06 GMT; Path=/
everest_session_v2=YzTKdgAAAGtNDQMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzTKdgAAAGtNDAMx
Server: AMO-cookiemap/1.1

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&gjid=761079136&_gid=252790172.1664404084&_u=YGBACAAABAAAAC~&z=1031330318

64.233.165.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&gjid=761079136&_gid=252790172.1664404084&_u=YGBACAAABAAAAC~&z=1031330318
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&gjid=761079136&_gid=252790172.1664404084&_u=YGBACAAABAAAAC~&z=1031330318 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.americafirst.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 22:28:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
d4a4a6ab38eb3d5f5e1cbf4f61a25ccb
0928dc336abc8de772f5de8c78e67eb6007fc5eb
3a166a785278f9822b703c527fc631c99e6ff31e3b2961c79a6544d22394fb06

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 21:15:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ca8b08e428313ebedb344f97bd91ee5b
5b0cb99b1b8d8df3790602a4c43a6c71d4ec29ec
4d9c556213c03e3c72486f87b400fcb8d9ca0c9e164a33fe6a547215d4536002

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 21:04:09 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: or90MIuie1RzhVqev6Gaofos4rmxJy1HKYEN15fU6rOV_VU3eNeUeQ==
Age: 5037

api.glia.com/salemove_integration.js

54.230.111.39

200 OK

8.8 kB

URL HTTP/2
api.glia.com/salemove_integration.js
IP
54.230.111.39:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8805), with no line terminators
Size
8.8 kB (8805 bytes)
Hash
bd2a3e32d62aa377023421e37b842197
d0661ac9d18748461f4c7ecc1fbf001eb235bc82
2dea948cdde16b3971b7ce42e38896f662e9d657e2fca13cdf8c07e85cc7f97c

HTTP Headers

GET /salemove_integration.js HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 8805
last-modified: Fri, 23 Sep 2022 20:21:40 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Wed, 28 Sep 2022 22:00:35 GMT
etag: "bd2a3e32d62aa377023421e37b842197"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ciiS6_WQLCMjhykVHFbo_4d-bwgdhbHtGwMTUN2BTbVp94-cOKEAqw==
age: 1733
X-Firefox-Spdy: h2

t.co/i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27

104.244.42.133

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27
IP
104.244.42.133:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:05 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=af8dec1f-770a-436a-95b7-e6953a3482b3; Max-Age=63072000; Expires=Fri, 27 Sep 2024 22:28:06 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 6a2722c55119b3a7
strict-transport-security: max-age=0
x-response-time: 161
x-connection-hash: 7ff39858729dfd6677d9b0097da32890b4f4c514533c7641dc89a78238f452c6
X-Firefox-Spdy: h2

dpm.demdex.net/ibs:dpid=411&dpuuid=YzTKdgAAAGtNDAMx

54.76.210.146

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=YzTKdgAAAGtNDAMx
IP
54.76.210.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=YzTKdgAAAGtNDAMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcscanary-prod-irl1-1-v050-03a5bed02.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzTKdgAAAGtNDAMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=07964152560869907731643514830662589203; Max-Age=15552000; Expires=Mon, 27 Mar 2023 22:28:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dv718Y8AQS8=
Content-Length: 0
Connection: keep-alive

www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&rl=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&if=false&ts=1664404083950&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664404083948.1791430826&it=1664404083720&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&rl=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&if=false&ts=1664404083950&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664404083948.1791430826&it=1664404083720&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&rl=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&if=false&ts=1664404083950&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664404083948.1791430826&it=1664404083720&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 22:28:06 GMT
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10167917.json

188.125.94.206

200 OK

46 B

URL HTTP/2
s.yimg.com/wi/config/10167917.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
8b08aa3cd19296abc9c1cfeae2333513
9e7d06f8e9346c2263604128c15b9ec6260c332d
6da0ae189c7faa7916c49c526ad974e168c11453983976d043c524e95259a764

HTTP Headers

GET /wi/config/10167917.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XQHE8d2vCT+i8AJ5c0in5q+fM+w/2OHHIvPOCTeN6KoFISfKXnBANupkvj+QmPRwtj1eqoYoEuI=
x-amz-request-id: 4QCZHS1DB974ZQ35
date: Wed, 28 Sep 2022 21:56:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 22 Oct 2021 00:51:32 GMT
x-amz-expiration: expiry-date="Sun, 27 Nov 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: EacoFLOgymLZJiimN_oWU1VA4GyAC4B8
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "8b08aa3cd19296abc9c1cfeae2333513"
age: 1881
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10143434.json

188.125.94.206

200 OK

2 B

URL HTTP/2
s.yimg.com/wi/config/10143434.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10143434.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: F95VFD51NC0CXHTF
x-amz-id-2: vVSsffJhF+We6fSpf83GxueereSfPnhuVDWb4m+tsmI9gUJ0eMKJXYuMlYOpLW7HjywFQVcmcmw=
content-type: application/json
date: Wed, 28 Sep 2022 21:55:56 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1930
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1664404083885&cv=9&fst=1664404083885&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.2

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1664404083885&cv=9&fst=1664404083885&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2486), with no line terminators
Size
1.1 kB (1098 bytes)
Hash
3711622d1fa6912edf7528043b5f6e2e
b9dac373ec7574916e39151379bb6946e87875c8
d022b255318fdb507b8d05d4ac5c4e3be04e48656f2f98678acfd8bcc857f5fb

HTTP Headers

GET /pagead/viewthroughconversion/791415936/?random=1664404083885&cv=9&fst=1664404083885&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 22:28:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1098
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 22:43:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1664404083901&cv=9&fst=1664404083901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.2

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1664404083901&cv=9&fst=1664404083901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2484), with no line terminators
Size
1.1 kB (1097 bytes)
Hash
4ea6e7ef9b8793e9d25f5e4078b25081
56c6a5df4123ebd61cd248610c0d45aa3d8c0c8f
17b47cfcfdd7d927d555e54e2bdc11a092bfb1d865c3293e134213fbd559a967

HTTP Headers

GET /pagead/viewthroughconversion/614375826/?random=1664404083901&cv=9&fst=1664404083901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&auid=36164243.1664404084&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 22:28:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1097
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 22:43:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzTKdgAAAGtNDAMx

54.76.210.146

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzTKdgAAAGtNDAMx
IP
54.76.210.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzTKdgAAAGtNDAMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v043-0e015fa3e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: XfBrXJjbSK4=
Content-Length: 59
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
02777a350eca6b7a5d3252a0e5987b70
c1e53a6616b5e7d690259bea95e4b4e5cc5ac280
e7bb5da3ea4a206a6bfa4aa6d9b0d78eb80f9daac5441c999273d20174a12e07

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:06 GMT
Last-Modified: Wed, 28 Sep 2022 21:11:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&_u=YGBACAAABAAAAC~&z=1605557272

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&_u=YGBACAAABAAAAC~&z=1605557272
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-18557726-1&cid=1680234111.1664404084&jid=70110170&_u=YGBACAAABAAAAC~&z=1605557272 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 22:28:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&

54.230.111.39

200 OK

9.5 kB

URL HTTP/2
api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&
IP
54.230.111.39:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (9454), with no line terminators
Size
9.5 kB (9454 bytes)
Hash
4bbacd161dbf818b3dd592af2755485a
d3dd841abb4192e34f164c6b9ee25d9b6e925c12
f97a4757f60f5e61e84e08178c19e865d977a1b51b04535d130eeab553bf2621

HTTP Headers

POST /visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html& HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 9454
date: Wed, 28 Sep 2022 22:28:06 GMT
access-control-allow-origin: https://www.americafirst.com
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
access-control-expose-headers: 
access-control-max-age: 7200
access-control-allow-headers: Content-Type, Accept, Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-site-visitor-config: true
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, max-age=0
set-cookie: session_id=973d9d21-3844-4a6d-86d3-e2b044a27e86; path=/; expires=Thu, 28 Sep 2023 22:28:06 -0000; secure; HttpOnly; SameSite=None
incompat_session_id=973d9d21-3844-4a6d-86d3-e2b044a27e86; path=/; expires=Thu, 28 Sep 2023 22:28:06 -0000; secure; HttpOnly
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZCBXb2kWiGC4hGMQMvcYbNnFF4IDfZW3-PnR1QulWp2gdhgBmqVPMw==
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/791415936/?random=1664404083885&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=3380359771&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/791415936/?random=1664404083885&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=3380359771&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/791415936/?random=1664404083885&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=3380359771&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 22:28:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/614375826/?random=1664404083901&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=483958337&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/614375826/?random=1664404083901&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=483958337&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/614375826/?random=1664404083901&cv=9&fst=1664402400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&ref=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&tiba=Co-browsing%20Support-%20America%20First%20Credit%20Union&async=1&fmt=3&is_vtc=1&random=483958337&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 22:28:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 22:28:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27

104.244.42.195

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27
IP
104.244.42.195:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=9dfaa430-a15a-4d32-b688-860ba42bd107&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b881ac4-9267-40be-8c4b-510528621b20&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:06 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_kBtj2tM0DW7bhRvTLAwbvw=="; Max-Age=63072000; Expires=Fri, 27 Sep 2024 22:28:07 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b08c5db3065f3c04
strict-transport-security: max-age=631138519
x-response-time: 176
x-connection-hash: 8303d37d502b1441bb53b67573b6bfe9e377be3689b131f8929610a8e92c5e62
X-Firefox-Spdy: h2

libs.salemove.com/visitor/bootstrapper-184250401.js

143.204.55.70

200 OK

172 kB

URL HTTP/2
libs.salemove.com/visitor/bootstrapper-184250401.js
IP
143.204.55.70:0
ASN
#16509 AMAZON-02

File type
data
Size
172 kB (172411 bytes)
Hash
7738ceef6703162d36115315afac9751
1ed280c9c749b86a3930b0b92d3385ada6464678
b22a2f933550e56c493d4bd3619a304d681e4438cf32aca59b59ce3b15401c59

HTTP Headers

GET /visitor/bootstrapper-184250401.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 08:34:52 GMT
last-modified: Wed, 21 Sep 2022 06:55:48 GMT
etag: W/"96978bd41cf33d02d92388fcf9f7f236"
x-amz-meta-s3cmd-attrs: md5:96978bd41cf33d02d92388fcf9f7f236
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uPgws6n5hhkQR9QwzIWz9xjLmYhADUmVVWcuoSHmj4JFoD0lR0VK2w==
age: 654796
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2028%20Sep%202022%2022%3A28%3A04%20GMT&n=0&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2028%20Sep%202022%2022%3A28%3A04%20GMT&n=0&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Wed%2C%2028%20Sep%202022%2022%3A28%3A04%20GMT&n=0&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:07 GMT
expires: Wed, 28 Sep 2022 22:28:07 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHfKNGMCEB5xJoSK0F2BGr6ZcycrhEoFEgEBAQEbNmM-YwAAAAAA_eMAAA&S=AQAAAg4dtsGvaRNHNlUjBso7suI; Expires=Fri, 29 Sep 2023 04:28:07 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=Co-browsing%20Support-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&e=https%3A%2F%2Fafcuauthtemp.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:07 GMT
expires: Wed, 28 Sep 2022 22:28:07 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHfKNGMCEIqKbpoozb9G4C7Et9q48oAFEgEBAQEbNmM-YwAAAAAA_eMAAA&S=AQAAAhQXoaUN9nYe6nKi2oaiqWA; Expires=Fri, 29 Sep 2023 04:28:07 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.206

200 OK

6.4 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
data
Size
6.4 kB (6400 bytes)
Hash
d617e4c03c88158a5c09eb5458254d56
85d0d7539d6489190ab846afa5e4795c31c01af5
8c7eee0a25195d7fe6f8c1870c46974408a9fc66272d46f65d1440012bb1fa1c

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: vDbJ+Umz50DHbsbwH0N7nALv8+uyieWneCqExQdG5C0ovIuNKgmtGGYZ5KM+N+fgjdHrGmTfGbw=
x-amz-request-id: S6JBQQSNTE44XNDZ
date: Wed, 28 Sep 2022 22:26:35 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 92
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImViNWY2NDI4LTViMzMtNDQ4Ny04N2Q4LTA5YzZmZmIyMjI1NiJ9.eyJpYXQiOjE2NjQ0MDQwODYsImV4cCI6MTY2NTYxMzY4NiwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo0ZWYyNWJmMi1jMzE2LTQyNmItOGZmZC1jNDU3MjkwOWU0NWIiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiNGVmMjViZjItYzMxNi00MjZiLThmZmQtYzQ1NzI5MDllNDViIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.OIJCA9RehEGjSqG12OfbK2ukA3p-pZjS0U02jfVgTegFfwJQbzLivT5F3p6r8sle7YJft8FgCBULtkTb5qGaXw&priority=low&vsn=2.0.0

44.193.189.104

101 Switching Protocols

0 B

URL HTTP/1.1
pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImViNWY2NDI4LTViMzMtNDQ4Ny04N2Q4LTA5YzZmZmIyMjI1NiJ9.eyJpYXQiOjE2NjQ0MDQwODYsImV4cCI6MTY2NTYxMzY4NiwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo0ZWYyNWJmMi1jMzE2LTQyNmItOGZmZC1jNDU3MjkwOWU0NWIiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiNGVmMjViZjItYzMxNi00MjZiLThmZmQtYzQ1NzI5MDllNDViIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.OIJCA9RehEGjSqG12OfbK2ukA3p-pZjS0U02jfVgTegFfwJQbzLivT5F3p6r8sle7YJft8FgCBULtkTb5qGaXw&priority=low&vsn=2.0.0
IP
44.193.189.104:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImViNWY2NDI4LTViMzMtNDQ4Ny04N2Q4LTA5YzZmZmIyMjI1NiJ9.eyJpYXQiOjE2NjQ0MDQwODYsImV4cCI6MTY2NTYxMzY4NiwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo0ZWYyNWJmMi1jMzE2LTQyNmItOGZmZC1jNDU3MjkwOWU0NWIiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiNGVmMjViZjItYzMxNi00MjZiLThmZmQtYzQ1NzI5MDllNDViIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.OIJCA9RehEGjSqG12OfbK2ukA3p-pZjS0U02jfVgTegFfwJQbzLivT5F3p6r8sle7YJft8FgCBULtkTb5qGaXw&priority=low&vsn=2.0.0 HTTP/1.1
Host: pubsub.salemove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.americafirst.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /RoKOZP+z7/s958fRxUVOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Wed, 28 Sep 2022 22:28:07 GMT
sec-websocket-accept: Hk0pJ/ADX5fiqjuVUk8uoU7CmVU=
server: envoy
upgrade: websocket

libs.salemove.com/visitor-app.edec9f19.min.js

143.204.55.70

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.edec9f19.min.js
IP
143.204.55.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.edec9f19.min.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 19 Sep 2022 07:46:51 GMT
last-modified: Thu, 15 Sep 2022 04:56:00 GMT
etag: W/"0ce0e7e01a1ac311f43289af03d29f8c"
x-amz-meta-s3cmd-attrs: md5:0ce0e7e01a1ac311f43289af03d29f8c
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ANVqWKA1g9zsM-BFqiu7IkKe3HLJeoBeayJYUCsz3AVYUYth_S53Xg==
age: 830477
X-Firefox-Spdy: h2

libs.salemove.com/visitor-app.edec9f19.default.css

143.204.55.70

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.edec9f19.default.css
IP
143.204.55.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.edec9f19.default.css HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 19 Sep 2022 07:46:51 GMT
last-modified: Thu, 15 Sep 2022 04:56:00 GMT
etag: W/"637ed3b584e37417a7f8e40b73e0d1f1"
x-amz-meta-s3cmd-attrs: md5:637ed3b584e37417a7f8e40b73e0d1f1
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lr8rNNn-iKF-3tvlHrBaX6SMFRmo-Q6u-zYnpfhzAsfz8_UYFArr1A==
age: 830477
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=y1mqx27&upv=1.1.0

3.33.220.150

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=y1mqx27&upv=1.1.0
IP
3.33.220.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=y1mqx27&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:07 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=rvp9pzq&upv=1.1.0

3.33.220.150

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=rvp9pzq&upv=1.1.0
IP
3.33.220.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fabout%2Fhelp%2Fsupport.html&upid=rvp9pzq&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 22:28:07 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations