Report - a5mfcu.firebaseapp.com/

Report Overview

Submitted URL
a5mfcu.firebaseapp.com/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2023-01-31 16:12:34
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
listen.audiohook.com	37502	2020-07-24T05:05:41Z	2023-03-13T09:43:24Z	428 B	215 B	3.226.55.195
api.glia.com	30061	2020-06-03T03:36:19Z	2023-03-11T12:12:46Z	1.6 kB	21 kB	54.230.111.10
t.co	569	2012-07-25T21:09:44Z	2023-03-13T05:25:19Z	810 B	434 B	104.244.42.69
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
apcnt.com	unknown	2022-12-05T01:10:52Z	2023-02-18T10:39:52Z	975 B	768 B	142.202.191.247
sc87389896us1.cobrowse.oraclecloud.com	481955	2017-06-02T21:33:35Z	2023-01-31T17:12:44Z	390 B	9.8 kB	104.110.2.75
public.cobrowse.oraclecloud.com	12865	2017-03-30T13:21:33Z	2023-03-10T12:25:27Z	1.9 kB	90 kB	104.110.2.75
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	2.8 kB	104.18.32.68
www.americafirst.com	341739	2016-02-02T22:03:12Z	2023-03-12T22:50:25Z	44 kB	744 kB	206.81.136.154
libs.salemove.com	22528	2018-08-28T20:19:24Z	2023-03-11T12:12:46Z	1.6 kB	172 kB	54.230.111.104
integration.silvercloudinc.com	44066	2017-04-05T10:48:27Z	2023-03-09T08:51:29Z	402 B	517 B	54.230.111.84
americafirstcreditunion.demdex.net	387571	2017-05-12T10:45:16Z	2023-03-07T05:56:24Z	507 B	3.4 kB	54.217.75.251
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
assets.adobedtm.com	512	2014-01-28T05:51:35Z	2023-03-13T05:29:24Z	1.3 kB	113 kB	23.38.200.237
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	54.230.245.39
insight.adsrvr.org	631	2012-05-30T16:03:18Z	2023-03-13T05:18:25Z	1.2 kB	524 B	15.197.193.217
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.1 kB	6.3 kB	142.250.74.131
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-13T05:18:25Z	664 B	1.7 kB	34.243.64.240
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	670 B	349 B	31.13.72.36
sp.analytics.yahoo.com	816	2014-01-31T21:48:24Z	2023-03-13T05:18:24Z	1.4 kB	1.9 kB	212.82.100.181
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.0 kB	2.9 kB	172.64.155.188
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.7 kB	5.8 kB	93.184.220.29
js.adsrvr.org	1664	2012-11-26T21:54:54Z	2023-03-13T06:57:06Z	372 B	2.4 kB	54.230.241.118
americafirstcreditun.tt.omtrdc.net	341132	2013-05-12T12:25:20Z	2023-03-05T20:33:59Z	560 B	573 B	18.200.4.79
calcs.americafirst.com	unknown	2015-03-13T23:13:09Z	2023-01-31T17:12:44Z	1.0 kB	479 B	148.66.212.61
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	378 B	29 kB	157.240.205.11
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-13T05:25:18Z	369 B	16 kB	151.101.84.157
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-13T05:18:23Z	768 B	7.6 kB	87.248.119.252
analytics.twitter.com	526	2013-04-10T21:53:18Z	2023-03-13T05:25:19Z	773 B	613 B	104.244.42.195
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	377 B	21 kB	142.250.74.46
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.7 kB	3.6 kB	142.250.74.66
sstats.americafirst.com	366317	2020-05-20T11:51:11Z	2023-03-07T05:56:24Z	2.1 kB	772 B	15.236.125.10
a5mfcu.firebaseapp.com	unknown	2023-01-31T05:39:35Z	2023-01-31T17:12:11Z	452 B	809 B	199.36.158.100
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.226.190.180
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.9 kB	71 kB	34.120.237.76
assets.americafirst.com	442352	2017-02-08T17:13:08Z	2023-01-31T17:12:44Z	990 B	13 kB	206.81.136.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	a5mfcu.firebaseapp.com/	America First Credit Union

PhishTank

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	a5mfcu.firebaseapp.com/	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	a5mfcu.firebaseapp.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	a5mfcu.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	www.americafirst.com/services/other-services/atm.html	589 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen115 Hash dd575ac9a81abd05479ea79423ee8bd9 6b524982cf6108634834dc5a2d884815a076731b 04ae98ee65febe0f8ae2fff952df307712dd88e6c609bc0b0c9713206d595944 Loading...

	public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=he72bpqhfgbldkfumxc&version=20230031	44 kB	2023-03-07	2023-04-05
Pretty URL public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=he72bpqhfgbldkfumxc&version=20230031 IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:35 Last Seen2023-04-05 02:07:38 Times Seen62 Hash 1ce358cf7eeb8f4e31d78e424392d30d e45e9ea9e750bec59e6590e03f57aec8a65d9772 2e57e1de709bfc021b4b52581a9dc961d7299158f0fbb5abd21cc653f526fb59 Loading...

	connect.facebook.net/signals/config/335590106865602?v=2.9.95&r=stable	154 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/335590106865602?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 266e1c47e30aee8664ab20186d9857d3 408986b373b9dca46844d412f0a775626d86ee0c e3ced0192426e1300bd035c6631e1c93401e9b28dcca324c4238796a51935217 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js	38 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 356af67cd733d2e73d2a0c45af828543 68abce8bd6ce505b56b20f8487836651c00920db d1064fbe58765fe980b21cff44f55b4875eb7d25f2ac608768cc18f586743c50 Loading...

	www.americafirst.com/services/other-services/atm.html	2.0 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash 64e0b709ac006d789dbdddd54235ab55 729564b2c3289b7cd3762aaa67e1cb152ab9bf4c 4d43db195eaa36ca0adfa2b4f3d140389965ed8e9b973f3094481758977029ad Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js	32 kB	2023-03-07	2024-02-17
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash d87853c9b79ab88bff32909fa686e76c a4aa86c22437299c4ec383592e9e0ef1e9ad39c2 94bb2e97357d49ad14a1fe983fc1f10adf22e3aaf6e212bcc355f6a15c79c7ad Loading...

	www.americafirst.com/etc/clientlibs/afcu/base.min.js	205 kB	2023-03-13	2023-05-04
Pretty URL www.americafirst.com/etc/clientlibs/afcu/base.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2023-05-04 04:41:41 Times Seen9 Hash 53bc47046fefa1f26ab3d6a1131087f5 be027fb5b828a14e697cc938a526d8ff301e42c6 f8074fee90688cf7425c1f9cfe0d674b48a6df6162d0103ff303c2321ddf9924 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js	1.8 kB	2023-03-07	2024-03-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-03-12 05:02:29 Times Seen239 Hash 97ac3fbd1b2375e4d0cf80e9115559a5 099a651392c3842ea70c4db55b4cc3049ffc65fd 3a62bf91740b52c78f26413dfd2eb1ffd4c16bfaf8c33b69a0f76c0ed3eeb635 Loading...

	www.americafirst.com/services/other-services/atm.html	464 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash b780adb6713bb7851ff7642fdc2790d6 4fe3157f9dd65f5b228bca06c75e4c69fa6d6547 1ffdf931eb2e5a31e87f5439e0f429254570b63731ebde4ceea9aa71321be54e Loading...

	www.americafirst.com/services/other-services/atm.html	272 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:49 Times Seen124 Hash a398cc78f8189c4fa0b6165ccfa858f3 d85faf49dba957f826a931a4f2bb45a4a365962d 88aa75296cb01a28dec6b18aebf1a22b49f7f3bc1fcb84bf096faf7ae84ce462 Loading...

	a5mfcu.firebaseapp.com/static/js/main.a7b8f871.js	414 kB	2023-03-12	2024-04-12
Pretty URL a5mfcu.firebaseapp.com/static/js/main.a7b8f871.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:03:30 Last Seen2024-04-12 10:00:02 Times Seen137 Hash 384c7e20230bd8925565d11bb781010c 555b6af3f4bf805eee352ae3c42eda1ddd9f2ca7 2ec16fcb4f858f762bdc51b97b6668589809d34924cec4bb45e86aedac763a37 Loading...

	sc87389896us1.cobrowse.oraclecloud.com/launcher.js	37 kB	2023-03-07	2024-04-04
Pretty URL sc87389896us1.cobrowse.oraclecloud.com/launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen249 Hash 2321e235cd1219f0ea1f75a72519efc0 2f434898447e018a8c327efea19f9a638c4dd9ab e9cb6c823d852d50f504f8568c9e9e7d2234819796449106f8ca4f04f4d3f07b Loading...

	integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js	63 kB	2023-03-13	2024-04-04
Pretty URL integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js IP 54.230.111.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2024-04-04 19:42:49 Times Seen155 Hash 80f213d3a2f208a7129b19b16ceaefaa 48ef84d55de7986f5d0612c97cc4860f670351aa 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95	74 kB	2023-03-12	2024-04-20
Pretty URL connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:01:49 Last Seen2024-04-20 17:48:03 Times Seen983 Hash 19cd6e47a2804b5793d5ea070fcd8ca3 be3ae77ec133b1d125b803fbb12b3ab2adfe11fc 5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a Loading...

	www.americafirst.com/services/other-services/atm.html	243 B	2023-03-13	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:05 Last Seen2023-03-13 13:26:05 Times Seen1 Hash b57e06176a14e1d4662ee769dd06b563 6ab880c23a1ceb6dfd18da17b4430d44647d9011 1d35e71f29ef18ffee780fc439d24b72976826f6e986279951840d4bd9a23a43 Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js	34 kB	2023-03-08	2024-04-25
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-25 12:05:41 Times Seen6823 Hash dfdd9e1f988805f0c2fbb10cd6b8f034 b6cd42821dd2e732919fd053a4665af0e15e0335 d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:22:14 Times Seen37063329 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	libs.salemove.com/visitor/webcomponents_es5-b699746e7.js	936 B	2023-03-07	2024-04-24
Pretty URL libs.salemove.com/visitor/webcomponents_es5-b699746e7.js IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-04-24 00:18:14 Times Seen162 Hash f86098c5208655efb405300993461936 a0a5b6aea7bbb6a51940f8c874aee109477c7b56 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js	32 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 3f8c54286dc2c062186d92333bb0533f fa1cf489a85944fcb9793108ba596db9f189d680 8a3dd24fe00542dbc89ec319209a1b3aa3859832c571b3b6fe3d76fbbf45482b Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js	4.8 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash 9e00b415275521f913bf61966d8f1b6a 3e029197e3febab7e6a91c2f5a934639a7637e1e cc6c959b43539c6e9514ad8b63677dee28ce1d36f8287e141a564cf404e9d1ff Loading...

	public.cobrowse.oraclecloud.com/rely/global_launcher.js	196 kB	2023-03-07	2023-12-15
Pretty URL public.cobrowse.oraclecloud.com/rely/global_launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-12-15 17:20:49 Times Seen115 Hash c3f1598b042efa5820d3436290fe48e1 b16bd721ac840a0fdc771fdf8c0ed8117b978b93 8ca4e52383c80722fe7a35ec20d4c6705aec49ef14e7c607ae161633f4de7219 Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 54.230.241.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	www.americafirst.com/services/other-services/atm.html	524 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:06 Times Seen1 Hash 1caa90d95a192b1a76ec8af54b77bf97 c32d0309d5e0a90aa5dd4f1372f953b7d1ddf519 194c5b05ddc49030aa24970bc5a4a985a4ae515a3c22e53f9720d5dc7f14c609 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js	50 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 7c5945d9fdb20ee5b15b71b4a97a2ea3 19925f89eb9b10673b48be170c98019c95c5bfb7 53ee1afd714638531a5b6212352f3c89366c802ad5e220cecf676387c242ab86 Loading...

	calcs.americafirst.com/scripts/tipped/comboTipped.js	67 kB	2023-03-07	2023-03-13
Pretty URL calcs.americafirst.com/scripts/tipped/comboTipped.js IP 148.66.212.61 ASN #13649 ASN-VINS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 0aa397bc66e377771c7e7a0c8edd1580 18654f592b40ce0334e8b1b13a598592df375da4 b869b8e90d37abddcd401fd0fe818eb65568f2b82466b038db4d16f1ff93eb81 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.252 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	www.americafirst.com/services/other-services/atm.html	312 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash f386e32f899ed57f698e976a88e5f15e cfc424d5a55b1c45eefe7d10e1dad52f8cd1a412 c55c15472fe67e3c9701242fda8132b5fc747d555931adbaa9fe31749c626914 Loading...

	www.americafirst.com/services/other-services/atm.html	153 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 99ea501b030c880bb0a2a2a8145641ff 5086036e90e2547f8a5f4b9d486e17b0c52d2003 37fc7ef119ac5c84544de199720cbd976c06ca595a2b64ad25b5066b489bdc10 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181564441&cv=11&fst=1675181564441&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4	2.2 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181564441&cv=11&fst=1675181564441&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:05 Last Seen2023-03-13 13:26:05 Times Seen1 Hash f8c19ea5d4e5ac363849e9ceb51ac55c b4ffaab03007a210066dae0aa4e747ec6f2e5f26 6812215205d0a2260624ce1cf39f4e92ae2030c613697691cc506b110e66c701 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js	4.3 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash a09b7a4d5b05eb9bbac906f89de65560 8212d0453aa96851e2f132b3f9a6bb068ac608a5 bc31618f95dc7cc9749e0cb29a4b09630b24844e922385a13ac4a0daed3db70f Loading...

	www.americafirst.com/services/other-services/atm.html	230 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen124 Hash d1f09dfa4029220379cf7ae95360a894 5b78b4aff01bd6dba62b93b422cef35ef262f291 69b9ca9c54e6757b208aa3cf9dc252d28fd19cb3537bc78688dca8099a325038 Loading...

	www.googletagmanager.com/gtag/js?id=G-880V30VXTN&l=dataLayer&cx=c	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-880V30VXTN&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:05 Last Seen2023-03-13 13:26:05 Times Seen1 Hash 339776e563240a386fa02c4b3c1b8d45 444237768eda9ab1d41f63ed8b187310569ba3d9 d9dba3f637a9d33dc52ed5afa3d8201203672a90227a0823503be4ebe4e7d345 Loading...

	www.americafirst.com/services/other-services/atm.html	154 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash 266e54c6ef8a10f39f44105f493d9e56 0b48ff89a6d2f3f6f2e70a329669809f1d9f6ded a4c45b971b1f7772883579d2722ef245f3fc1e3ba6bd0f30d61c203d8e6852c9 Loading...

	www.americafirst.com/services/other-services/atm.html	403 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash f24ae9d28cd54512b097751630e6d4d0 150431adde49c74d6a5809971d31ca536d3f3a12 35427de58583d32b781be631b76155c738f3a6b2af38f20f68bea73094bfb020 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js	43 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 34af3e60c8fb84b4bd057f3ed1619ec4 3e328d9a6ef4294dad31558a13fea9584f4add91 1d5d1d46da78cb41d999ccaeb7a82433059fea44f9f207db32db2b995eff0171 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js	36 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash e156e52a2eb2e425a9fb070cffe02bf7 613f90cd98d1e76ba42edb79768ce08bd7d1841c ddceffe418e5eb4cca816dd76986a02c5448a89ac864d81b2050351e065895bb Loading...

	www.googletagmanager.com/gtag/js?id=AW-791415936	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-791415936 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:05 Times Seen1 Hash 581cfd635195318ba5cd92ef0858f154 2fc423f20667669338edbdc94ef879a23104ef5e c014bb68dded75c7431f1b0d6afbafac41d7c8ade9a0fff51b51423f82187c58 Loading...

	assets.americafirst.com/js/pm_fp.js	13 kB	2023-03-07	2024-02-17
Pretty URL assets.americafirst.com/js/pm_fp.js IP 206.81.136.155 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 805e6f717afb1f6a4af203a52f7c569d 939d695b61b5ada21794c1e98de324479de158bf 190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js	92 kB	2023-03-07	2024-04-24
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 00:04:02 Times Seen296 Hash 8378dd18d27d369a41cd582ec02fc311 3f3a56f0d72c447de8abb2bd9bcb084c1d54a52a 1ab5cd011a40c13c883577c5aa0095513fa2f7279809b0fefe9eeacbf85577b3 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181564346&cv=11&fst=1675181564346&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4	2.2 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181564346&cv=11&fst=1675181564346&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:05 Last Seen2023-03-13 13:26:05 Times Seen1 Hash 51d6f06f85b0939f0ea338ef5f9bc7f0 333a49980f80369e6eb4d126f0a930aef05c3e98 90e3eaca5aa53b9015b841fba888e36d1b0fadf8b425fad896d00207b55842cd Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js	119 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 54daab1bb64dbe576b51e12ad9a63658 7fa94279986d013dd79de73355d8f9f020d74173 eae49ef693cbfe17002c01faeca9ff44fd3ac6a74d4519ac201d9d52a99c0f3a Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js	8.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen243 Hash ea4b068b960d37c312c379f07a3e8d45 19278c6d1bb29f33e4f81956b4d56404420bbb4b b8e2fb4c19eb3b6d407f0956f60230db764d5870cfc2e82d58ff179e510aa467 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.americafirst.com/services/other-services/atm.html	500 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 53c5df81540c1d81f0484e48633dd3a7 2158e2660f23ce040e5973bc2329f2c2fd22ad77 c387118b560c919f9149d2d6f1483f53ed7f37f335d627fdff99ff50b3785386 Loading...

	americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	www.americafirst.com/services/other-services/atm.html	199 B	2023-03-13	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:05 Last Seen2023-03-13 13:26:05 Times Seen1 Hash c072f8235c9d85804643f948878e952a 41f6ac14bb3dec53e86fe585f734a6693a2bc8b4 a1f2ade06efd4399c96daeddbbbc2c349501b60a8572dbed16c5e92f627a0b4e Loading...

	www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:06 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 9f022ef2c4bcf452631203c9fef0cdf1 14f2fbceb273d57efe2af110496b2c08d8e29d52 8385090bda090f7b75d128558c7f432c63111a1553b396ca352fd2f52a48b919 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js	1.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:19 Last Seen2024-02-17 04:51:03 Times Seen272 Hash a67d659f582bf93e1d8156fc182326f5 ddd3e9a62627e7235a41b3593b9be08eeb5a1c07 d76d1ac714b8979dc902ef8f6b3de25fc320b974816b7d592caa7496cc98e5d5 Loading...

	www.googletagmanager.com/gtag/js?id=AW-614375826	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-614375826 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:06 Times Seen1 Hash 04e2b47e4e99b49d1fa3735516524b2b 7702f8d37af002327eb3ceb36e202c3b40a13956 617f2a0556e127154fc8e60003f192c12f6e81d1eee40e97e0263fa3bdd7dd3c Loading...

	public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js	115 kB	2023-03-07	2024-04-04
Pretty URL public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:51 Times Seen255 Hash 619ea4c083a27523d708e062b444ad6b a9fd520ef53b582e29975beb584fc8ea69f7053c 1a289a3e9d916859094be1ef02b28bcd6dd1fd6c578893b8782fc246e733ec94 Loading...

	api.glia.com/salemove_integration.js	8.8 kB	2023-03-12	2023-03-26
Pretty URL api.glia.com/salemove_integration.js IP 54.230.111.10 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:03:30 Last Seen2023-03-26 01:52:14 Times Seen4 Hash 8fbf3720d25bde79ccad301ab0a57770 284c0580081d07ce07cb228a426b282d1c23ef50 4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391 Loading...

	www.americafirst.com/services/other-services/atm.html	952 B	2023-03-08	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:08:03 Last Seen2024-02-17 04:51:02 Times Seen82 Hash 8de13c98f95444867da2254f47893b5b a8b89f4872af165a74164186461528ac872e4601 be8226842bf1d4a21646ffd0c8cacf1877d68a84d5a93531ea369e3a2b12b94b Loading...

	assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js	346 kB	2023-03-13	2023-03-13
Pretty URL assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:43:27 Last Seen2023-03-13 13:26:07 Times Seen1 Hash bc90c2402668f7fcff8af00f42c06e80 fb681c29a878e2948969ef726346e45d7c915e65 8bec3f36c5fbd3ee91bc05bf1940f59d80b60cba6d8cc551daf7839056e8dca9 Loading...

	www.americafirst.com/services/other-services/atm.html	756 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash ab13414dbdb8208549660740fdee91f7 9ac20e75cdae43c42e643d6cbf2a56f070949611 5f141aba103efa133f29e2a2d2b3f750f79d7396884d9f542bd27cac5903147a Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js	3.3 kB	2023-03-08	2024-04-24
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-24 20:41:23 Times Seen5772 Hash b89fcb8870ac40eecb6d3cc844d35389 1bbde1a85912bdeff9c9cf55bf2fb3969d245874 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa Loading...

		Size	First Seen	Last Seen
	#1 Eval - 358288417d5e191885dd8baa72a7479e	65 kB	2023-03-07	2024-02-17
Pretty Observations First Seen2023-03-07 01:12:13 Last Seen2024-02-17 04:51:03 Times Seen122 Hash 358288417d5e191885dd8baa72a7479e 918f8f75203b9b71e69db5860536b5d289f80464 072d86f4e1c0c69cc10c78417d048264421313ff69409de20ba31f10777bb2f5 Loading...

HTTP Transactions (124)

URL IP Response Size

a5mfcu.firebaseapp.com/

199.36.158.100

200 OK

190 B

URL HTTP/2
a5mfcu.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (512), with no line terminators
Size
190 B (190 bytes)
Hash
37ab0fd6dc271cce5b75a729df96d578
406de10022668168eca379d1d44d06a1c23bec26
42a9ffc68e983642598ef68e48d1a9d9c43e3c8d9dd3003a09fbc629910dccb4

Detections

Analyzer	Verdict	Alert
openphish	America First Credit Union
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: a5mfcu.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "a0ffd04569be39957374de62cf5dd2785d8d8549b60e9bd29a373801bff7a90f-br"
last-modified: Mon, 30 Jan 2023 15:47:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 31 Jan 2023 16:12:22 GMT
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675181543.537259,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 190
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Tue, 31 Jan 2023 17:03:23 GMT
Date: Tue, 31 Jan 2023 16:12:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15574
Expires: Tue, 31 Jan 2023 20:31:56 GMT
Date: Tue, 31 Jan 2023 16:12:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 15:43:17 GMT
content-type: application/json
age: 1745
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Tue, 31 Jan 2023 18:13:50 GMT
Date: Tue, 31 Jan 2023 16:12:22 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04edd8119f1d89a73b74cec8ed03736a
4baa9606e8a71e96bf34ac2a1fe9b7e52fe946b8
5ca904cb1573cb3ee6192a75a21dd54c93f4d1dbc587a4795afbc31486de34f6

HTTP Headers

POST /s/gts1d4int/ULiEbIvUkmk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nKdvxGpfeF/qZIZol0AbrgnmDL1BWg+O6nrLCuhx9Rf9qZvTzi22HBCVTR0VeSwm/D90P2qGWdK1riw8VILf4Q==
x-amz-request-id: 90D7WQZJ7E0RDRSW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 15:51:13 GMT
age: 1269
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 16:12:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 15:49:04 GMT
age: 1399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
624ec1892d116932d4c6d861f6eac674
c8b359987387d3b970365ab821f3a8172a4e0616
9a729e57b0c874bad4233b08b005445d108c5bd6942409dd2bd6a2fc982aece7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A729E57B0C874BAD4233B08B005445D108C5BD6942409DD2BD6A2FC982AECE7"
Last-Modified: Sun, 29 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Tue, 31 Jan 2023 22:11:16 GMT
Date: Tue, 31 Jan 2023 16:12:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
624ec1892d116932d4c6d861f6eac674
c8b359987387d3b970365ab821f3a8172a4e0616
9a729e57b0c874bad4233b08b005445d108c5bd6942409dd2bd6a2fc982aece7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A729E57B0C874BAD4233B08B005445D108C5BD6942409DD2BD6A2FC982AECE7"
Last-Modified: Sun, 29 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1675
Expires: Tue, 31 Jan 2023 16:40:18 GMT
Date: Tue, 31 Jan 2023 16:12:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13052
Expires: Tue, 31 Jan 2023 19:49:55 GMT
Date: Tue, 31 Jan 2023 16:12:23 GMT
Connection: keep-alive

apcnt.com/page/init

142.202.191.247

200 OK

0 B

URL HTTP/1.1
apcnt.com/page/init
IP
142.202.191.247:0
ASN
#398019 DYNU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /page/init HTTP/1.1
Host: apcnt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-page-name,x-token-id
Referer: https://a5mfcu.firebaseapp.com/
Origin: https://a5mfcu.firebaseapp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 31 Jan 2023 16:12:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Allow: HEAD, OPTIONS, GET, POST
Access-Control-Allow-Origin: https://a5mfcu.firebaseapp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-page-name, x-token-id
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin

apcnt.com/page/init

142.202.191.247

401 UNAUTHORIZED

35 B

URL HTTP/1.1
apcnt.com/page/init
IP
142.202.191.247:0
ASN
#398019 DYNU

File type
JSON data\012- , ASCII text
Size
35 B (35 bytes)
Hash
85ab59091df1b777ae06fddf917881ce
9e833ae263f15bddb20a6c8786becedab4273f33
c8df23d7c8e90073b944834bdd42b665a14173a7eb38e1bde8fceed940fcdec5

HTTP Headers

GET /page/init HTTP/1.1
Host: apcnt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-PAGE-NAME: Afcu
X-TOKEN-ID: CQ4G699BBMBg9q5FhA4YAr
Origin: https://a5mfcu.firebaseapp.com
Connection: keep-alive
Referer: https://a5mfcu.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 401 UNAUTHORIZED
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 31 Jan 2023 16:12:23 GMT
Content-Type: application/json
Content-Length: 35
Connection: keep-alive
Access-Control-Allow-Origin: https://a5mfcu.firebaseapp.com
Access-Control-Allow-Credentials: true
Vary: Origin

push.services.mozilla.com/

44.226.190.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.226.190.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: upP+EHvEa+iIrmvMIGVXZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wHnNVKCSsuO4+rl6EV5Nn7bShSo=

ocsp.usertrust.com/

104.18.32.68

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
ae39333ae66accd3f8c0b703536422b3
56276d359bb892b328ad946d38c5198258e7c7a6
fa80d7b61e5d5b84955ab46a8ea06f2661f36614ef81d3e6596dccfa30c9b51b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:24 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 22:12:16 GMT
Expires: Sat, 04 Feb 2023 22:12:15 GMT
Etag: "56276d359bb892b328ad946d38c5198258e7c7a6"
Cache-Control: max-age=603458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 387
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7923ba8c0a3d0b3d-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
504bf11d8906ba63a9f5a9d23ece140f
f39b77d8c4da4c0cb06fbc9094b7859977107742
3b376dc0f315b2525a97b9054dc4e71cff390f117b5432b17f1f3ca2fce5e1e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 12:26:32 GMT
Expires: Tue, 07 Feb 2023 12:26:31 GMT
Etag: "f39b77d8c4da4c0cb06fbc9094b7859977107742"
Cache-Control: max-age=590646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923ba8c2f47b524-OSL

sc87389896us1.cobrowse.oraclecloud.com/launcher.js

104.110.2.75

200 OK

9.5 kB

URL HTTP/2
sc87389896us1.cobrowse.oraclecloud.com/launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
C++ source, ASCII text, with very long lines (21806), with CRLF, LF line terminators
Size
9.5 kB (9477 bytes)
Hash
f2675c03e6a7139681958ede8c291f34
dee8ba07ce2007a6fd1fd9518d9e316f7611d3e6
e141aba7a3c84fda9f541f0a8336a7a73305a36a290c6a0eb8eb4c51498633cb

HTTP Headers

GET /launcher.js HTTP/1.1
Host: sc87389896us1.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
etag: "2321e235cd1219f0ea1f75a72519efc0:1557866875"
last-modified: Tue, 14 May 2019 20:47:55 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:12:24 GMT
content-length: 9477
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js

23.38.200.237

200 OK

97 kB

URL HTTP/2
assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32715)
Size
97 kB (97378 bytes)
Hash
5cc9d4acdd41713ae121b044b2d3fdf6
0fc95d9c6535461e9911d89bd26e1f86b246ce9e
fb126c36a09b71df64b11b91a356b9c7d5086e1b882ec0260c03cc83cfc8a71e

HTTP Headers

GET /launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bc90c2402668f7fcff8af00f42c06e80:1674584240.268644"
last-modified: Tue, 24 Jan 2023 18:17:20 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 97378
cache-control: max-age=3600
expires: Tue, 31 Jan 2023 17:12:24 GMT
date: Tue, 31 Jan 2023 16:12:24 GMT
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

www.americafirst.com/services/other-services/atm.html

206.81.136.154

200 OK

28 kB

URL HTTP/1.1
www.americafirst.com/services/other-services/atm.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (824)
Size
28 kB (27542 bytes)
Hash
6fcd0a0c8cf3d6e67b1f54cecef85dfa
a12480c66ca2aaced0da1bbd75433da42f207693
bec8d01d659a315b90c278b69939c26c0bface8d0e988137db255c1fff02ef31

HTTP Headers

GET /services/other-services/atm.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a5mfcu.firebaseapp.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:24 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2
Expires: Tue, 31 Jan 2023 16:12:26 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 27542
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:12:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:12:24 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8558 bytes)
Hash
e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 46068
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5903 bytes)
Hash
42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 68939
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:12:24 GMT
Connection: keep-alive

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: f03b3e95-5cc6-4749-83c2-d59d6fa9eb2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiVunGWXoAMFXyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7365d-40b9b11f3f33592829a98fbc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JAYN7gfwR0kEenTaM8mS_jGEYfwvcUGrjI_6wTb29wZfcLRuS2WHQA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:52:32 GMT
age: 65992
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13853 bytes)
Hash
d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 66247
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 52185
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.americafirst.com/etc/designs/afcu.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/designs/afcu.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:24 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:24 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 51349
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6c2b176158d7c85cf2c8fd9bdd28930d
483d693fa2ffe3edce0dd65f52f3f1705612ef54
07f3c855155c186a74e02d255cf719072105c72c312248104ff0652c73dc45ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106588
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:25 GMT
Etag: "63d83b45-1d7"
Expires: Wed, 01 Feb 2023 21:48:53 GMT
Last-Modified: Mon, 30 Jan 2023 21:48:53 GMT
Server: nginx
Content-Length: 471

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020

206.81.136.154

200 OK

24 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (759)
Size
24 kB (24078 bytes)
Hash
b00b4eedd5bf17f29d3654d22c45b8ed
473e2e308348e21d7d7df502a620ff21d22ea0ab
c228f1003616dcdb6f50f389cd7cbee90e76afdfe635a2867a0e4b29a571a974

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e3a93a1fc6d125505a1723e93ddd4e94
20972c2e5924d77cd98068d3b66c67af74bd511b
541c5f137967786fb50d6d16170ea25a5ac8ed8a689e07ebb0ec70c98441eb97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 07:05:39 GMT
Expires: Mon, 06 Feb 2023 07:05:38 GMT
Etag: "20972c2e5924d77cd98068d3b66c67af74bd511b"
Cache-Control: max-age=484992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923ba911d96b524-OSL

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js

206.81.136.154

200 OK

13 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (586)
Size
13 kB (12667 bytes)
Hash
02dfccce6d9a7de6da98d282c4f17e1f
41eb389f7adfeb25cecd4ea3eb09be81d6ae458b
f23dfe5ed4e16dddac960c5bd171c06f90d7eb7e02ed26fd29ded3160a323b72

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 12667
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css

206.81.136.154

200 OK

3.7 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (1188)
Size
3.7 kB (3717 bytes)
Hash
a6fa5ea919fd5af0172540091dd7f2e3
e38c151a85dfe4dcf531078dc417b99ab21cbd38
213df987f8b0ce29ae4df227bec70a1dd54535c6f2f1f09daeb1e1f871618884

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3717
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js

206.81.136.154

200 OK

11 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (587)
Size
11 kB (11168 bytes)
Hash
2877fededda3f465ad9ea93b980b7253
22a68f52fc9c5123cde8a9e5376507f0fadf9cf2
c7c4a22646b98ee2eb953d58524004c6d72bae9b119d5f0b86a7060436f8d642

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 11168
Keep-Alive: timeout=5, max=11
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/vendor/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=10
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/components/general/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: text/css

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5f759b96a696e1f82e3d127bb0713981
1d349377de6d064e533f719459c89cacc0e6533f
afd3761306f9abcddcccf5d24bcc8a57a4d02664b969f37128b222a8924da02a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 00:32:54 GMT
Expires: Tue, 07 Feb 2023 00:32:53 GMT
Etag: "1d349377de6d064e533f719459c89cacc0e6533f"
Cache-Control: max-age=547827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923ba91ce5eb524-OSL

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css

206.81.136.154

200 OK

1.3 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (755)
Size
1.3 kB (1283 bytes)
Hash
bf89f0f71413d9ab3f1f2900b6b292c8
1471be4e9652fe4d8c865a58e29363d94497a6f3
8f47d7932519e20660e758448ccdd4d978bf2cab42157f7fd26c1376271b4971

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1283
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js

206.81.136.154

200 OK

3.0 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (525)
Size
3.0 kB (2993 bytes)
Hash
b933e81a6ffae2a9d9823cb78f111c9a
ccdf99561fbc365320814394ddf304d701cde551
14a5e6a44dd63a2657a870c3b883d7bc90f34c24ffbb3570d5b7a7d50e7a6142

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2993
Keep-Alive: timeout=5, max=8
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js

206.81.136.154

200 OK

793 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (506)
Size
793 B (793 bytes)
Hash
9f89be8c9e55c4458eeab10d5668571e
4a9dbe1699f2255a484c6a3bea7ca65c143cd955
c6fd4e7f42656b4a0f7c2d5c43d58f04c54c023e6059886680ed7472566e6dcb

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery_cookie.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 793
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css

206.81.136.154

200 OK

1.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text, with very long lines (311)
Size
1.1 kB (1127 bytes)
Hash
ceee945acaceeaa45d77eb9ab0edf73c
15d73dde292077e50ad6f75bdbdd435ce24ce6d6
3238846fffcf4dddfd85156359176d382fbad7d1f37b27b38e8f02b0971af635

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1127
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: text/css

assets.americafirst.com/js/pm_fp.js

206.81.136.155

200 OK

13 kB

URL HTTP/1.1
assets.americafirst.com/js/pm_fp.js
IP
206.81.136.155:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (12876), with no line terminators
Size
13 kB (12876 bytes)
Hash
805e6f717afb1f6a4af203a52f7c569d
939d695b61b5ada21794c1e98de324479de158bf
190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896

HTTP Headers

GET /js/pm_fp.js HTTP/1.1
Host: assets.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 21:18:47 GMT
ETag: "324c-568a7c9249bc0"
Accept-Ranges: bytes
Content-Length: 12876
Keep-Alive: timeout=15, max=69
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020

206.81.136.154

200 OK

41 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (686)
Size
41 kB (41258 bytes)
Hash
bb77f11c9dc3138faa732b4666e96291
0b5d8dcaaef98afa5d06d8219128ee8c160982cb
f88112b1c148b57cfe7dc9e9c282773b7760db248f7f2c312f7996e88f776ed2

HTTP Headers

GET /etc/clientlibs/afcu/base.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js

206.81.136.154

200 OK

32 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (657)
Size
32 kB (32312 bytes)
Hash
4ff70b3af60012dc39eb3975d2483cbd
5b2ecc408bf76a628d4c92a6aff21bae63620f63
b85935f2651ce59a567339ad09aa6e9eaec44be595e31d9997235a279c31b4c5

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 32312
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js

206.81.136.154

200 OK

9.9 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (573)
Size
9.9 kB (9936 bytes)
Hash
1fbfef4765bbbbbb5e71d11866d5ebc9
ec9102bf15c63b471d80689b8e9b6afb599e5bb2
bba09183f6c1c6219819f6d5d5170f883d08817d81e85e4d9cc6ac92f0028151

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9936
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js

206.81.136.154

200 OK

12 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (564)
Size
12 kB (12329 bytes)
Hash
1598e8ae94bd862ac60ce2ca3ee667a0
95b9e1242259033519025572e443577b9c18066a
cf88575b8e2f460dc9c04e6cd929f68901edbc978c148862b091d122c72570f9

HTTP Headers

GET /etc/clientlibs/afcu/vendor/html2canvas.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 12329
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js

206.81.136.154

200 OK

2.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (574)
Size
2.1 kB (2105 bytes)
Hash
b24b3d75f693b844eb6eca9ab8e1623a
bb04eecc43833e4d7606dc075c233a68a2acbb66
7dbba0141c31e2e593ed72f78eea04214cbb07262d3e65278d387e55d8ebc1f0

HTTP Headers

GET /etc/clientlibs/afcu/vendor/mask.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2105
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js

206.81.136.154

200 OK

1.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (529)
Size
1.8 kB (1833 bytes)
Hash
0e3967977de38ac9df932eb4f0d041d7
9f4844d8b9e468482a750153f8be6cdd4e63b8da
af2a1133bd2dd371509660def707ad117da17381216b8679f1116f198c85eb5e

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1833
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/base.min.js

206.81.136.154

200 OK

45 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text
Size
45 kB (45180 bytes)
Hash
f27b32ead6526932bd00d8d9b755ac35
6c1de1390199b4797cccbec7ab064f0b3151a511
21d0e72057b3ce20b33682466724c4f5850fd620e39ad3b72dbf4fc1c2b24683

HTTP Headers

GET /etc/clientlibs/afcu/base.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:12:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 45180
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/content/dam/nav/nav-services-03.jpg

206.81.136.154

200 OK

26 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-services-03.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
26 kB (26264 bytes)
Hash
a5f8703ff8569c481686dee7efdfbe71
359441bc385f5d9fbb236fc97616df5a3ebcd701
ab8da6f834b214aa136841d1652d27f3bfbc5cee47bff31ccdf0e5a08f026906

HTTP Headers

GET /content/dam/nav/nav-services-03.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 26264
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-about-02.jpg

206.81.136.154

200 OK

34 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-about-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
34 kB (34420 bytes)
Hash
6f3cd2c29035f40678a77eb275e92a24
c2ae338b5b20e2784eb52b5940dd994d6c3903d0
9b026865527a86a69ccecccbc65f7d93361a6ca8c58ab92470cdf8cd2de5724e

HTTP Headers

GET /content/dam/nav/nav-about-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 34420
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-loans-02.jpg

206.81.136.154

200 OK

30 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-loans-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
30 kB (29739 bytes)
Hash
075c8ddbe10da377b9e0fa000cbd6923
9545743e2c7add002c66d2b7a474dd3fa4be0f2c
fadbf02e0f7b34d1da7e0791c2398e5abaf27b914d5825088adcd6af5071a6b7

HTTP Headers

GET /content/dam/nav/nav-loans-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 29739
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-accounts-02.jpg

206.81.136.154

200 OK

23 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-accounts-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
23 kB (22732 bytes)
Hash
a99514fea1815a6b5ebe648041a2fe71
49b017bd5f63cb5bf37ecfba0b539e91519477f3
f0c59daceffddeadba354ccec9deb0ed3c425b7a0015ead6877fae4b7f5cc907

HTTP Headers

GET /content/dam/nav/nav-accounts-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 22732
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/icons/become-a-member-white.png

206.81.136.154

200 OK

4.0 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/become-a-member-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3952 bytes)
Hash
ae6f04ea223ca69f073ff3f750af6c26
79c984f108dab1619d58a86ee08c871a18dac1ab
38779672cd3226ed3e5f13be3b79cdab74b55e74bb5fbc96051436e5caa52643

HTTP Headers

GET /content/dam/icons/become-a-member-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3952
Keep-Alive: timeout=5, max=4
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg

206.81.136.154

200 OK

21 kB

URL HTTP/1.1
www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size
21 kB (20583 bytes)
Hash
56a4d6e72dbcb720820272077b6db785
796c589c3b12f4b27d4508149000edf51a02a3af
4cc97dc3a3d6faa8e866600202b98af8fd7008e93d3463d6a04b380f26f0d573

HTTP Headers

GET /content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:25 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:25 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 20583
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/jpeg

assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

23.38.200.237

200 OK

12 kB

URL HTTP/2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32717)
Size
12 kB (12384 bytes)
Hash
9edbefe8919a34cc9ec5343e49caf90d
9e8f2b92a35df8e01814e558d10248a928ea2504
c276e66ee697edfb8fbe70a13d6cb8498b21fb998d10d6faaf3999f34f5525cc

HTTP Headers

GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12384
expires: Tue, 31 Jan 2023 17:12:26 GMT
date: Tue, 31 Jan 2023 16:12:26 GMT
cache-control: no-cache
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js

23.38.200.237

200 OK

1.6 kB

URL HTTP/2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3138)
Size
1.6 kB (1598 bytes)
Hash
dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df

HTTP Headers

GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Tue, 31 Jan 2023 17:12:26 GMT
date: Tue, 31 Jan 2023 16:12:26 GMT
cache-control: no-cache
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=he72bpqhfgbldkfumxc&version=20230031

104.110.2.75

200 OK

12 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=he72bpqhfgbldkfumxc&version=20230031
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Size
12 kB (11698 bytes)
Hash
9466edea5b690a8dcc94a8aee5255448
8200790330fb146fdc254fb694871e0e9d73e974
f59a6c07012c632c6d0014640439abdd1e0de1f6b4cb557c43531c43af88d24c

HTTP Headers

GET /rely/storage/ll_storage_html5.html?context=he72bpqhfgbldkfumxc&version=20230031 HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "b7b7e70ac037b592aef8c274d8e66a71:1634875896.03281"
last-modified: Thu, 21 Oct 2021 23:11:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:12:26 GMT
content-length: 11698
X-Firefox-Spdy: h2

www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

206.81.136.154

200 OK

14 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Web Open Font Format (Version 2), TrueType, length 13944, version 1.0\012- data
Size
14 kB (13944 bytes)
Hash
b27045292283a12723b217e203986aeb
4f9874233a688abe21c9d0b44223d909ca96ea43
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

HTTP Headers

GET /etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 13944
Keep-Alive: timeout=5, max=2
Connection: Keep-Alive
Content-Type: font/woff2

www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html

206.81.136.154

200 OK

858 B

URL HTTP/1.1
www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document, Unicode text, UTF-8 text, with very long lines (447)
Size
858 B (858 bytes)
Hash
d344ffcf24451f48cc4a82e1fc7bb8d5
b47e685cb8714da632fb6bd694e18dc116d926d3
b727522f65faca7335b136f99ee635ad087344b582582ab8ce4f73278ce9b230

HTTP Headers

GET /content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: max-age=300, max-age=2
Expires: Tue, 31 Jan 2023 16:12:28 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 858
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

206.81.136.154

200 OK

14 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Web Open Font Format (Version 2), TrueType, length 14076, version 1.0\012- data
Size
14 kB (14076 bytes)
Hash
bf912df22c6dc861e7a01c32fc165187
6918b9cb1fba7d78ce615063203fb5b1eb63ec50
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

HTTP Headers

GET /etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 14076
Keep-Alive: timeout=5, max=8
Connection: Keep-Alive
Content-Type: font/woff2

www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt

206.81.136.154

200 OK

9.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, afcu-icons \012- data
Size
9.8 kB (9761 bytes)
Hash
48e99398ff3cb928d8a206047c748f83
fa541d94e75fca57c118adf7fc30361012d31132
17ba00b0551f829848d9cc73126aae46f3d0d1668432e30bdecffb2bc70f4ae1

HTTP Headers

GET /etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: inline
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9761
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: application/x-font-ttf

www.americafirst.com/content/dam/icons/apply-for-loan-white.png

206.81.136.154

200 OK

2.9 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/apply-for-loan-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2894 bytes)
Hash
312e291b178453932dfb5beef551903f
ff74f2bbb372130309e5e521f4370fbc2ee65242
5ae41c9124cae5796f2b2f3730d17e75e9ca046468f4813863a079ded3baa4b6

HTTP Headers

GET /content/dam/icons/apply-for-loan-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2894
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/png

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f8ea24ecb6a19ffdd8ccbccc43eeb6b8
6ffba8f506cbf135ce001d1ab10aa88aae7eb738
29314c2367f53dbcad9155f39a5f71e9f1e70abfc36f0bb525ed1ee4a52428d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2739
Cache-Control: max-age=94218
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Etag: "63d80041-1d7"
Expires: Wed, 01 Feb 2023 18:22:44 GMT
Last-Modified: Mon, 30 Jan 2023 17:37:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list

206.81.136.154

200 OK

852 B

URL HTTP/1.1
www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document, Unicode text, UTF-8 text
Size
852 B (852 bytes)
Hash
3223096a8eeaefa637c06a5409690621
b6215c90c165dcf3e62a0c1962577ade23847f0e
75fca8513347a739bb0a003e5d110064ca1ea09fa1697028248b9a73a785c28b

HTTP Headers

GET /content/afcu/en/main-site-configuration/_jcr_content/footer/feed-list.nocache.html/afcu/components/embedded/footer/feed-list HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: max-age=2
Expires: Tue, 31 Jan 2023 16:12:28 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 852
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

www.americafirst.com/content/dam/icons/find-location-white.png

206.81.136.154

200 OK

3.2 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/find-location-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3192 bytes)
Hash
f347329ac596e314631c4260fb3c0e52
a569c2e0fd0e31dd80cb7caa321a385b3b7340e7
90dbbeb09e5e2bcc6bdda8bfeabf3e968fc71626578eb512a1892b44144e5fb5

HTTP Headers

GET /content/dam/icons/find-location-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3192
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png

206.81.136.154

200 OK

10 kB

URL HTTP/1.1
www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 390 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9957 bytes)
Hash
55a1e45732b0d0cb9435fcf2c85914a8
8f9ebea0799281fa44904feee3dab6041b467d2a
96b761c941e24fe52b008c62e966aef6e6c8e8a60578cf473914cf94b16adde6

HTTP Headers

GET /content/dam/afcu/logo/logo-desktop-inverse.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9957
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/icons/careers-white.png

206.81.136.154

200 OK

1.8 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/careers-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1794 bytes)
Hash
55a943fbd9790b225523ad51e9dffb60
808c85daf40c6840a5a798b7df3ed6397604cd32
21d908e848b57784f769bbf34c6669460b1c5b2d77d41cedceffc8c4e4930b36

HTTP Headers

GET /content/dam/icons/careers-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1794
Keep-Alive: timeout=5, max=7
Connection: Keep-Alive
Content-Type: image/png

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ba420a04bb781bf846c111b6a9855e55
114686b6cf50b19397b6c6bc329e4fe30415d944
1c683f1afa86309ffe195be7b3c2d053705be6f12afea58bb10fb2e5f164d1b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 16:12:26 GMT
Last-Modified: Tue, 31 Jan 2023 14:39:46 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0dTHGniHtg3t0HVERK1zqDdFtES2sfc5HKv-LVMlFokL1K3XNlxtfQ==
Age: 5560

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png

3.226.55.195

200 OK

42 B

URL HTTP/2
listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png
IP
3.226.55.195:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png HTTP/1.1
Host: listen.audiohook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:26 GMT
content-type: image/gif
content-length: 42
server: meinheld/1.0.2
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg

206.81.136.154

200 OK

73 kB

URL HTTP/1.1
www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2019:12:05 09:57:21], baseline, precision 8, 300x250, components 3\012- data
Size
73 kB (72575 bytes)
Hash
654623c1eca99226260d4088c59f5769
daf39810839c151ad081ffb21cb48dcec37684ef
b576be4e253bd51d928168804d9584916507a203d920c9208dfe132621018f12

HTTP Headers

GET /content/dam/visa/visa-card-signature-mega.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 72575
Keep-Alive: timeout=5, max=1
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-learn.jpg

206.81.136.154

200 OK

48 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-learn.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:09:20 15:02:31], progressive, precision 8, 300x250, components 3\012- data
Size
48 kB (47901 bytes)
Hash
a8e23fd69a941262a473447da048ab48
7eeb55c530ab4eb492deffbec84d114434eecde4
991e3d5fa232e5259df67968507cff332947551feedcb1c9e3e70fe3b9900498

HTTP Headers

GET /content/dam/nav/nav-learn.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 47901
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/jpeg

public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js

104.110.2.75

200 OK

21 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20968 bytes)
Hash
c71817d4d41ad2a3069aa18ed35afdee
177989b846b7f092036daa1f1e5b26f245e8c576
0cdedffe5d8f066d5401afa0f96159649d2296d49a48339cf093c9d9677e3bc6

HTTP Headers

GET /rely/client/ui/livelook_ui_manager.bundle.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "619ea4c083a27523d708e062b444ad6b:1648187515.534791"
last-modified: Fri, 25 Mar 2022 00:51:52 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:12:26 GMT
content-length: 20968
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/fraud-alert.png

206.81.136.154

200 OK

9.3 kB

URL HTTP/1.1
www.americafirst.com/content/dam/fraud-alert.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9298 bytes)
Hash
dd7bdf0aaaf27f83c082611b017b95ea
bd8154d11973b6135b7f03c9084311628241e8cf
04b1df5dce9cfce88abc012067950b7c579a7f7922cd10ce5994261794ff4a79

HTTP Headers

GET /content/dam/fraud-alert.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9298
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/png

public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif

104.110.2.75

200 OK

56 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 220 x 24\012- data
Size
56 kB (55779 bytes)
Hash
9c93dd978bd0230c76e230af8fd04c02
e1c9a00f267d3ed3435de98ce008788e2349fd91
527a1ec8fe47ac6533dad4bccbfc1e2ea49f6cf0fac6bcabf1dc896cfa7b5e0f

HTTP Headers

GET /rely/resources/images/v4llpanel/wait.gif HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
etag: "9c93dd978bd0230c76e230af8fd04c02:1666988500.023083"
last-modified: Fri, 28 Oct 2022 20:21:40 GMT
server: AkamaiNetStorage
content-length: 55779
date: Tue, 31 Jan 2023 16:12:26 GMT
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/services/hbg-atm-services.jpg

206.81.136.154

200 OK

144 kB

URL HTTP/1.1
www.americafirst.com/content/dam/services/hbg-atm-services.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x350, components 3\012- data
Size
144 kB (144232 bytes)
Hash
affe84eae9bfd543485baae9838ed46f
d379f76098d93614d9e103c3972d937d78e6f743
441e8035b9b3c7ff1308eefadaf29aa740f0ba261ae4c2601582cf6bb58a296c

HTTP Headers

GET /content/dam/services/hbg-atm-services.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 144232
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ba0a5a019f68de808d546b25f5f1afd9
33c3d1972b2d517029bab1e749ee1374300491d9
edfd8175f0da704eb77840543eb2913a223a94107e3c4adb2bf30b8bda9fe991

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Last-Modified: Tue, 31 Jan 2023 14:41:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=85122608208407618783190363454904345487&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1675181564064

34.243.64.240

200 OK

900 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=85122608208407618783190363454904345487&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1675181564064
IP
34.243.64.240:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (2321), with no line terminators
Size
900 B (900 bytes)
Hash
a0b249c4b3622c3267eb6e2731179ff0
60fd6b0244a91f22f281d8fbb2a3ffddf10eb810
ab3802a82d7393d2ff0b6e13e7285c9977ed6ff4121a2a919db7df78ebe4b2ed

HTTP Headers

GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=85122608208407618783190363454904345487&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1675181564064 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0ebeee8d5.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=70214629062538220161478706623224986767; Max-Age=15552000; Expires=Sun, 30 Jul 2023 16:12:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: jYH2RWv4Qzg=
Content-Length: 900
Connection: keep-alive

js.adsrvr.org/up_loader.1.1.0.js

54.230.241.118

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
54.230.241.118:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1882 bytes)
Hash
8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 08:26:11 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vGmQS7R2PGydmENsDIuQE4gq8DxOfY4Hxm8bamwL6HkreYuszXlpfg==
Age: 27975

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Last-Modified: Tue, 31 Jan 2023 15:45:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 15:45:20 GMT
expires: Tue, 31 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 1626
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LiZxZn/FeDbBhEAxHkplhehi4OfMsj7MriR+T4T98yVdZ5XxyzezgG6wY2B/UB2RYbG6kzirBEULoqIySTYA4w==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 16:12:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:26 GMT
Last-Modified: Tue, 31 Jan 2023 15:45:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.americafirst.com/etc/designs/afcu/favicon.ico

206.81.136.154

200 OK

539 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/favicon.ico
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
539 B (539 bytes)
Hash
cf6a37e110a617a3e7413b77d97289b8
801be9f2564697765c78184bddd08c62742dc718
d6ef48fc93e655c8b777ffee311f873fd3fb0ebc156b18ac0f34b73c93119045

HTTP Headers

GET /etc/designs/afcu/favicon.ico HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426364; _gcl_au=1.1.90085472.1675181539; _ga=GA1.1.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true; _ga_880V30VXTN=GS1.1.1675181564.1.0.1675181564.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 539
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

www.americafirst.com/etc/designs/afcu/app-icon.png

206.81.136.154

200 OK

22 kB

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/app-icon.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
22 kB (21908 bytes)
Hash
932d24e68290973a7aca51f7d75aa1ec
79f9906573424ec3c8c14e14c98afcf82e82fa21
a4c742b8570790ea5039e38793f3dd9a46b3d2be81eb9fc9797b31515dd861b6

HTTP Headers

GET /etc/designs/afcu/app-icon.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426364; _gcl_au=1.1.90085472.1675181539; _ga=GA1.1.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true; _ga_880V30VXTN=GS1.1.1675181564.1.0.1675181564.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:12:26 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:12:26 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 21908
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png

americafirstcreditunion.demdex.net/dest5.html?d_nsid=0

54.217.75.251

200 OK

2.8 kB

URL HTTP/1.1
americafirstcreditunion.demdex.net/dest5.html?d_nsid=0
IP
54.217.75.251:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: americafirstcreditunion.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 31 Jan 2023 16:12:27 GMT
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 2RECPYoWSDI=
Content-Length: 2791
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3c5444c58d6fcf1b2fb3bcff10311a7
9f610e32a917333e0f8d8dd646e4a36b568d440e
ad04ad784518cf27fc8b57e9a8f76b1bc29dd92a7c134314021ff16548b1e9f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114175
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Etag: "63d858ea-1d7"
Expires: Wed, 01 Feb 2023 23:55:22 GMT
Last-Modified: Mon, 30 Jan 2023 23:55:22 GMT
Server: nginx
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Tue, 31 Jan 2023 16:12:27 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181564346&cv=11&fst=1675181564346&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.66

200 OK

966 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181564346&cv=11&fst=1675181564346&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2171), with no line terminators
Size
966 B (966 bytes)
Hash
a3792c6adb17707bf2d8758901adb2ba
9e85b2784c029cb1cac2239df0021c874675bd0d
4a984486f71bec896faece224fef821fcc49e69c370193b9d3a6960cd3377807

HTTP Headers

GET /pagead/viewthroughconversion/791415936/?random=1675181564346&cv=11&fst=1675181564346&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 966
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 16:27:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sstats.americafirst.com/b/ss/afcu.global/1/JS-2.23.0-LCXS/s94734938446356?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A12%3A44%202%200&sdid=02538BD4445148B5-1C4CDB7761FD32A4&mid=85122608208407618783190363454904345487&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1

15.236.125.10

200 OK

43 B

URL HTTP/2
sstats.americafirst.com/b/ss/afcu.global/1/JS-2.23.0-LCXS/s94734938446356?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A12%3A44%202%200&sdid=02538BD4445148B5-1C4CDB7761FD32A4&mid=85122608208407618783190363454904345487&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1
IP
15.236.125.10:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/afcu.global/1/JS-2.23.0-LCXS/s94734938446356?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A12%3A44%202%200&sdid=02538BD4445148B5-1C4CDB7761FD32A4&mid=85122608208407618783190363454904345487&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1 HTTP/1.1
Host: sstats.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188764s%7CNONE%7CMCAAMLH-1675786364%7C6%7CMCAAMB-1675786364%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183424|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426364; _gcl_au=1.1.90085472.1675181539; _ga=GA1.1.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161; at_check=true; _ga_880V30VXTN=GS1.1.1675181564.1.0.1675181564.0.0.0; AMCVS_A7873BC75245AD770A490D4D%40AdobeOrg=1; s_ppv=www%253Apersonal%253Aservices%253Aother-services%253Aatm%2C38%2C38%2C939%2C1%2C2; s_ips=939; s_tp=2486; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 31 Jan 2023 16:12:27 GMT
expires: Mon, 30 Jan 2023 16:12:27 GMT
last-modified: Wed, 01 Feb 2023 16:12:27 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C85122608208407618783190363454904345487; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:12:12 GMT;
etag: 3597424980901691392-4619770985721737286
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181564441&cv=11&fst=1675181564441&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.66

200 OK

965 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181564441&cv=11&fst=1675181564441&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2169), with no line terminators
Size
965 B (965 bytes)
Hash
2e73edc15ede5b4bd9436f23ee75c555
ee19f8a52f62964142ff1a61c308184b0c3193a3
160c783369a1b1049459aa62be88fdbe1691e1749ee47899e938200046d2ecab

HTTP Headers

GET /pagead/viewthroughconversion/614375826/?random=1675181564441&cv=11&fst=1675181564441&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=90085472.1675181539&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 965
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 16:27:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.glia.com/salemove_integration.js

54.230.111.10

200 OK

8.8 kB

URL HTTP/2
api.glia.com/salemove_integration.js
IP
54.230.111.10:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8817), with no line terminators
Size
8.8 kB (8817 bytes)
Hash
8fbf3720d25bde79ccad301ab0a57770
284c0580081d07ce07cb228a426b282d1c23ef50
4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391

HTTP Headers

GET /salemove_integration.js HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE1MjIsInZpc2l0b3JfaWQiOiJhYTNjM2Q2ZS03NTIwLTQxYzAtYTAwNy1mOWZkMzllMTBjOTkiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.SXrXT9KHK4rEZ2wFbiOZ-2Q0D1kc09AYJAT3KzSZyMHSLLxv4wokQZSDAPA-abCo_cBS1q3_FbsMxoY_XQ7eGw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 8817
last-modified: Mon, 30 Jan 2023 22:06:45 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Tue, 31 Jan 2023 16:09:24 GMT
etag: "8fbf3720d25bde79ccad301ab0a57770"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vNCYQaqu6EAaJgribJHL9S2trBSndwbFtZA-dDV_UQC0KeHDGX0wbg==
age: 263
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:0
ASN
#203220 Yahoo! UK Services Limited

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uXPM47MP6gdkQzGwBtXBZcOlbpGjs/11Y12J/szT5OxcuGUmLFtjAKEmDTQpSS2hXfQfduxny80=
x-amz-request-id: VTZE9C680FRE8D1W
date: Tue, 31 Jan 2023 16:12:20 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 8
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
77afb2fccc7a28d1684cc59890b5bb6d
5faadc812a246f792e988a43453ea92b12b81414
b1668b8b23868a365090dd5fadd8f085ca7df66dc0a58144bda226322cfb67b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6059
Cache-Control: max-age=163399
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Etag: "63d90187-138"
Expires: Thu, 02 Feb 2023 13:35:46 GMT
Last-Modified: Tue, 31 Jan 2023 11:54:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 312

api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&

54.230.111.10

200 OK

9.8 kB

URL HTTP/2
api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&
IP
54.230.111.10:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (9846), with no line terminators
Size
9.8 kB (9846 bytes)
Hash
ec98edc455ac1935eeb3d23bc7bfbd0a
1921701b53f7288b8886586ac3b535c28ea912a0
f693c2466a71b24353628233e4e986093a1ba02079d2ef105d8ef29d69096fa8

HTTP Headers

POST /visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html& HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 648
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE1MjIsInZpc2l0b3JfaWQiOiJhYTNjM2Q2ZS03NTIwLTQxYzAtYTAwNy1mOWZkMzllMTBjOTkiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.SXrXT9KHK4rEZ2wFbiOZ-2Q0D1kc09AYJAT3KzSZyMHSLLxv4wokQZSDAPA-abCo_cBS1q3_FbsMxoY_XQ7eGw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 9846
date: Tue, 31 Jan 2023 16:12:27 GMT
access-control-allow-origin: https://www.americafirst.com
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
access-control-expose-headers: 
access-control-max-age: 7200
access-control-allow-headers: Content-Type, Accept, Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-site-visitor-config: true
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, max-age=0
set-cookie: visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE1NDcsInZpc2l0b3JfaWQiOiJhYTNjM2Q2ZS03NTIwLTQxYzAtYTAwNy1mOWZkMzllMTBjOTkiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.-CGUdQxeeqitEkB0AImU4hXHf3muJLuV_tPWpggxkV6KHsQ1Itw3WpgRNFoHwqSSFByokTr8_O3WF_uSLAad4w; path=/; expires=Wed, 31 Jan 2024 16:12:27 -0000; secure; HttpOnly; SameSite=None
incompat_visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE1NDcsInZpc2l0b3JfaWQiOiJhYTNjM2Q2ZS03NTIwLTQxYzAtYTAwNy1mOWZkMzllMTBjOTkiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.-CGUdQxeeqitEkB0AImU4hXHf3muJLuV_tPWpggxkV6KHsQ1Itw3WpgRNFoHwqSSFByokTr8_O3WF_uSLAad4w; path=/; expires=Wed, 31 Jan 2024 16:12:27 -0000; secure; HttpOnly
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59OOIb_sfoJErETE-waDJwYlakQM6ip1qa6ivbpHfpbQp1rrmSq52A==
X-Firefox-Spdy: h2

t.co/i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29

104.244.42.69

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29
IP
104.244.42.69:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: muc_ads=62c14449-dc76-46bf-b7e8-98c0b3189729
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:26 GMT
perf: 7626143928
server: tsa_o
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: abb121e59de39b58
strict-transport-security: max-age=0
x-response-time: 107
x-connection-hash: 00cbb69529fc4a91d233ee65eea2c063e2001f6967d7f956c2d00b294b72d264
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&if=false&ts=1675181564702&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181540044.107322161&it=1675181564366&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&if=false&ts=1675181564702&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181540044.107322161&it=1675181564366&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&if=false&ts=1675181564702&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181540044.107322161&it=1675181564366&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 31 Jan 2023 16:12:27 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
beba92ff0bc5737791ba6982e7b0dba5
712af102d8a29ef26a49a16f95e8e90e3d9067b6
a778a2a369102dfbf4c67d64ff337d136f1ae79b4c1f72d0d4d7c0cfb3704e37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:12:27 GMT
Last-Modified: Tue, 31 Jan 2023 15:06:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313

s.yimg.com/wi/config/10143434.json

87.248.119.252

200 OK

2 B

URL HTTP/2
s.yimg.com/wi/config/10143434.json
IP
87.248.119.252:0
ASN
#203220 Yahoo! UK Services Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10143434.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: QCRG9B2CVV9K6TNG
x-amz-id-2: nyOgLugHem3R+Kw4uqeshsvztE+iOlEfi5w4NDhInK61q1j2ejzk/qfvevS2HTx9yAeWzQXtmpc=
content-type: application/json
date: Tue, 31 Jan 2023 15:45:32 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1616
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29

104.244.42.195

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29
IP
104.244.42.195:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=993f8bba-8784-4b50-a0dc-1b2cbc06cacd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d486551d-d951-4bad-9ee4-c16e7a5344fd&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:26 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_FgzKOk6nQTYkhAFHkAyn1g=="; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:12:27 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 3137095a0e2dc963
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: b34c7c47e91582460c0568cf198ffd6d77ba1d45bd71fafcdafd093ec89ac730
X-Firefox-Spdy: h2

libs.salemove.com/visitor/webcomponents_es5-b699746e7.js

54.230.111.104

200 OK

936 B

URL HTTP/2
libs.salemove.com/visitor/webcomponents_es5-b699746e7.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (390)
Size
936 B (936 bytes)
Hash
f86098c5208655efb405300993461936
a0a5b6aea7bbb6a51940f8c874aee109477c7b56
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

HTTP Headers

GET /visitor/webcomponents_es5-b699746e7.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 936
date: Tue, 17 Jan 2023 05:31:50 GMT
last-modified: Wed, 11 Jan 2023 09:37:33 GMT
etag: "f86098c5208655efb405300993461936"
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wA9BnKbXuQnQI-oar9K3Kw-5vqJeO73JjnkB9rGoPqSZsR06JrOhGQ==
age: 1248038
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A12%3A45%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A12%3A45%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A12%3A45%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:27 GMT
expires: Tue, 31 Jan 2023 16:12:27 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOs92WMCECMxIL8lTgkcx_ZFmLY9FWIFEgEBAQGP2mPjYwAAAAAA_eMAAA&S=AQAAAqmK0Soduf6cXl4gWY2ydmM; Expires=Wed, 31 Jan 2024 22:12:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Fa5mfcu.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:27 GMT
expires: Tue, 31 Jan 2023 16:12:27 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOs92WMCEEHEVRsJGh_TtVrIKEKDpqsFEgEBAQGP2mPjYwAAAAAA_eMAAA&S=AQAAAlNqjPuKouEEUFqeYSvnDA8; Expires=Wed, 31 Jan 2024 22:12:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

libs.salemove.com/visitor/bootstrapper-b699746e7.js

54.230.111.104

200 OK

168 kB

URL HTTP/2
libs.salemove.com/visitor/bootstrapper-b699746e7.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (59563)
Size
168 kB (167689 bytes)
Hash
4c73e10c38679c4ec6abbdfce105979f
43a7c98d9ef34edf18429eb2526b063638169529
8bf7506c5fad463c08ba9b4ab7ef0f29c2f80f7acfe41c8f0595bf39a7d3e829

HTTP Headers

GET /visitor/bootstrapper-b699746e7.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 24 Jan 2023 01:31:22 GMT
last-modified: Wed, 11 Jan 2023 09:37:32 GMT
etag: W/"2165cd2f7e440e8923eb5db1f3658f0e"
x-amz-meta-s3cmd-attrs: md5:2165cd2f7e440e8923eb5db1f3658f0e
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g1JLGuaQu_pxpoAv6_VrzvnY4vorgX7NtY_6aoHy8j_oIDQnsVR3wg==
age: 657666
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=rvp9pzq&upv=1.1.0

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=rvp9pzq&upv=1.1.0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track/up?adv=ejwe9j2&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=rvp9pzq&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 44499
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

americafirstcreditun.tt.omtrdc.net/rest/v1/delivery?client=americafirstcreditun&sessionId=c220f6aad7cd4ba2966835295ec0d3a9&version=2.10.0

18.200.4.79

200 OK

0 B

URL HTTP/2
americafirstcreditun.tt.omtrdc.net/rest/v1/delivery?client=americafirstcreditun&sessionId=c220f6aad7cd4ba2966835295ec0d3a9&version=2.10.0
IP
18.200.4.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /rest/v1/delivery?client=americafirstcreditun&sessionId=c220f6aad7cd4ba2966835295ec0d3a9&version=2.10.0 HTTP/1.1
Host: americafirstcreditun.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1145
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:26 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.americafirst.com
access-control-allow-credentials: true
x-request-id: a9ff015e11b136f45c36c5947ca524c5
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
X-Firefox-Spdy: h2

libs.salemove.com/visitor-app.37823f27.min.js

54.230.111.104

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.37823f27.min.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.37823f27.min.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 11 Jan 2023 12:01:51 GMT
last-modified: Wed, 11 Jan 2023 10:17:48 GMT
etag: W/"950058b651ed103cd653c72cc9bc8d61"
x-amz-meta-s3cmd-attrs: md5:950058b651ed103cd653c72cc9bc8d61
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IiVZ1wH_wXqIu0VNX55RtCOjd_IfJmQHdnJZaKx5OHrLRNhHHTRpcQ==
age: 1743037
X-Firefox-Spdy: h2

libs.salemove.com/visitor-app.37823f27.default.css

54.230.111.104

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.37823f27.default.css
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.37823f27.default.css HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 23 Jan 2023 05:56:57 GMT
last-modified: Wed, 11 Jan 2023 10:17:48 GMT
etag: W/"e3c368308d2549c22efd3b5cf7add0ae"
x-amz-meta-s3cmd-attrs: md5:e3c368308d2549c22efd3b5cf7add0ae
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ux7kSxPSvCm6peKBUML4XjTp_3rGTh3yiMZBzVDi7Og99y-e5EIZgQ==
age: 728131
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:12:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js

54.230.111.84

200 OK

0 B

URL HTTP/2
integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
IP
54.230.111.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/silvercloudjs/silvercloud.js HTTP/1.1
Host: integration.silvercloudinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 01:49:03 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 31 Jan 2023 05:42:54 GMT
etag: W/"80f213d3a2f208a7129b19b16ceaefaa"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i1cibSvn19OyZlbO8psoSfGtYhQ49zHl2UuYVu8WDjG8Bl11BtsQFA==
age: 38757
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

calcs.americafirst.com/scripts/tipped/comboTipped.js

148.66.212.61

200 OK

0 B

URL HTTP/2
calcs.americafirst.com/scripts/tipped/comboTipped.js
IP
148.66.212.61:0
ASN
#13649 ASN-VINS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/tipped/comboTipped.js HTTP/1.1
Host: calcs.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C85122608208407618783190363454904345487%7CMCAID%7CNONE%7CMCOPTOUT-1675188739s%7CNONE%7CMCAAMLH-1675786339%7C6%7CMCAAMB-1675786339%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19396%7CvVersion%7C5.5.0; mbox=session#c220f6aad7cd4ba2966835295ec0d3a9#1675183400|PC#c220f6aad7cd4ba2966835295ec0d3a9.37_0#1738426340; _gcl_au=1.1.90085472.1675181539; _ga=GA1.2.916973387.1675181539; s_ecid=MCMID%7C85122608208407618783190363454904345487; _gid=GA1.2.1268969855.1675181539; _gat=1; _fbp=fb.1.1675181540044.107322161
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
vary: accept-encoding
content-type: application/javascript
content-encoding: gzip
strict-transport-security: max-age=31622400; includeSubDomains
date: Tue, 31 Jan 2023 16:12:24 GMT
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
etag: W/"66987-1555013214000"
last-modified: Thu, 11 Apr 2019 20:06:54 GMT
access-control-allow-headers: Charset, Content-Type, Accept
X-Firefox-Spdy: h2

public.cobrowse.oraclecloud.com/rely/global_launcher.js

104.110.2.75

200 OK

0 B

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/global_launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rely/global_launcher.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "c3f1598b042efa5820d3436290fe48e1:1642746872.088599"
last-modified: Fri, 21 Jan 2022 01:34:30 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:12:25 GMT
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML