Report - amfdc5u.firebaseapp.com/

Report Overview

Submitted URL
amfdc5u.firebaseapp.com/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2023-01-31 16:11:31
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-13T05:18:23Z	768 B	30 kB	87.248.119.252
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	670 B	349 B	31.13.72.36
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-13T05:25:18Z	369 B	16 kB	151.101.84.157
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.162.79.115
assets.adobedtm.com	512	2014-01-28T05:51:35Z	2023-03-13T05:29:24Z	868 B	100 kB	23.38.200.237
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
calcs.americafirst.com	unknown	2015-03-13T23:13:09Z	2023-01-31T17:12:44Z	391 B	26 kB	148.66.212.61
listen.audiohook.com	37502	2020-07-24T05:05:41Z	2023-03-13T09:43:24Z	428 B	215 B	3.226.55.195
js.adsrvr.org	1664	2012-11-26T21:54:54Z	2023-03-13T06:57:06Z	372 B	2.4 kB	54.230.241.118
cm.everesttech.net	996	2017-01-30T05:59:57Z	2023-03-13T05:18:24Z	431 B	475 B	18.201.4.185
sc87389896us1.cobrowse.oraclecloud.com	481955	2017-06-02T21:33:35Z	2023-01-31T17:12:44Z	390 B	9.8 kB	104.110.2.75
www.americafirst.com	341739	2016-02-02T22:03:12Z	2023-03-12T22:50:25Z	19 kB	743 kB	206.81.136.154
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	378 B	29 kB	157.240.205.11
api.salemove.com	18122	2014-11-30T05:43:38Z	2023-03-11T02:36:20Z	499 B	13 kB	54.230.111.22
sp.analytics.yahoo.com	816	2014-01-31T21:48:24Z	2023-03-13T05:18:24Z	1.4 kB	1.9 kB	212.82.100.181
pubsub.salemove.com	15427	2018-06-15T13:12:49Z	2023-03-11T02:36:20Z	1.2 kB	231 B	34.226.49.141
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	2.8 kB	172.64.155.188
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	441 B	1.8 kB	104.17.25.14
public.cobrowse.oraclecloud.com	12865	2017-03-30T13:21:33Z	2023-03-10T12:25:27Z	1.9 kB	151 kB	104.110.2.75
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	1.9 kB	54.230.245.118
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	377 B	21 kB	142.250.74.46
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	612 B	599 B	173.194.221.157
integration.silvercloudinc.com	44066	2017-04-05T10:48:27Z	2023-03-09T08:51:29Z	402 B	517 B	54.230.111.17
assets.americafirst.com	442352	2017-02-08T17:13:08Z	2023-01-31T17:12:44Z	374 B	13 kB	206.81.136.155
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-13T05:18:25Z	2.6 kB	4.8 kB	52.18.129.71
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	400 B	51 kB	142.250.74.72
americafirstcreditunion.demdex.net	387571	2017-05-12T10:45:16Z	2023-03-07T05:56:24Z	507 B	3.4 kB	52.18.15.195
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.6 kB	1.3 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.7 kB	5.5 kB	93.184.220.29
sstats.americafirst.com	366317	2020-05-20T11:51:11Z	2023-03-07T05:56:24Z	2.8 kB	1.7 kB	15.236.117.205
api.glia.com	30061	2020-06-03T03:36:19Z	2023-03-11T12:12:46Z	944 B	21 kB	54.230.111.10
libs.salemove.com	22528	2018-08-28T20:19:24Z	2023-03-11T12:12:46Z	1.6 kB	172 kB	54.230.111.92
insight.adsrvr.org	631	2012-05-30T16:03:18Z	2023-03-13T05:18:25Z	593 B	262 B	15.197.193.217
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	1.6 kB	1.3 kB	142.250.74.164
amfdc5u.firebaseapp.com	unknown	2023-01-31T05:39:30Z	2023-01-31T13:54:55Z	453 B	809 B	199.36.158.100
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	95.101.11.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
apcnt.com	unknown	2022-12-05T01:10:52Z	2023-02-18T10:39:52Z	979 B	770 B	142.202.191.247
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.0 kB	2.9 kB	104.18.32.68
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	1.3 kB	55 kB	142.250.74.10
t.co	569	2012-07-25T21:09:44Z	2023-03-13T05:25:19Z	756 B	43 kB	104.244.42.5
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	142.250.74.131
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.7 kB	3.6 kB	142.250.74.66
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	866 B	451 B	216.239.34.36
analytics.twitter.com	526	2013-04-10T21:53:18Z	2023-03-13T05:25:19Z	773 B	613 B	104.244.42.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	amfdc5u.firebaseapp.com/	America First Credit Union

PhishTank

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	amfdc5u.firebaseapp.com/	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	amfdc5u.firebaseapp.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	amfdc5u.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	amfdc5u.firebaseapp.com/static/js/main.a7b8f871.js	414 kB	2023-03-12	2024-04-12
Pretty URL amfdc5u.firebaseapp.com/static/js/main.a7b8f871.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:03:30 Last Seen2024-04-12 10:00:02 Times Seen137 Hash 384c7e20230bd8925565d11bb781010c 555b6af3f4bf805eee352ae3c42eda1ddd9f2ca7 2ec16fcb4f858f762bdc51b97b6668589809d34924cec4bb45e86aedac763a37 Loading...

	www.americafirst.com/services/other-services/atm.html	589 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen115 Hash dd575ac9a81abd05479ea79423ee8bd9 6b524982cf6108634834dc5a2d884815a076731b 04ae98ee65febe0f8ae2fff952df307712dd88e6c609bc0b0c9713206d595944 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js	1.8 kB	2023-03-07	2024-03-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-03-12 05:02:29 Times Seen239 Hash 97ac3fbd1b2375e4d0cf80e9115559a5 099a651392c3842ea70c4db55b4cc3049ffc65fd 3a62bf91740b52c78f26413dfd2eb1ffd4c16bfaf8c33b69a0f76c0ed3eeb635 Loading...

	public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=hc4uv5qgufwldkftamv&version=20230031	44 kB	2023-03-07	2023-04-05
Pretty URL public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=hc4uv5qgufwldkftamv&version=20230031 IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:35 Last Seen2023-04-05 02:07:38 Times Seen62 Hash 1ce358cf7eeb8f4e31d78e424392d30d e45e9ea9e750bec59e6590e03f57aec8a65d9772 2e57e1de709bfc021b4b52581a9dc961d7299158f0fbb5abd21cc653f526fb59 Loading...

	www.americafirst.com/services/other-services/atm.html	230 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen124 Hash d1f09dfa4029220379cf7ae95360a894 5b78b4aff01bd6dba62b93b422cef35ef262f291 69b9ca9c54e6757b208aa3cf9dc252d28fd19cb3537bc78688dca8099a325038 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181501769&cv=11&fst=1675181501769&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4	2.2 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181501769&cv=11&fst=1675181501769&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash 4caa5b16fd8d2e7c9cb1a2cb61f8f2bf 437f774602c0cd197c629ce0b2e02ec58532b1f4 10f01924e23ff5be46986986879cccaeb9648f4469c5797f37680c2ce808512b Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js	38 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 356af67cd733d2e73d2a0c45af828543 68abce8bd6ce505b56b20f8487836651c00920db d1064fbe58765fe980b21cff44f55b4875eb7d25f2ac608768cc18f586743c50 Loading...

	www.americafirst.com/services/other-services/atm.html	242 B	2023-03-13	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash cf616fdfe8ce4882eac9ec7780ced6df b29c8df7880edf8eadfac047b0c6302da0e6eacb 6cdff3486ea73eacb25409d8a2506bc2f716b3099482bbad9267dfbc92d1adf0 Loading...

	www.americafirst.com/services/other-services/atm.html	952 B	2023-03-08	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:08:03 Last Seen2024-02-17 04:51:02 Times Seen82 Hash 8de13c98f95444867da2254f47893b5b a8b89f4872af165a74164186461528ac872e4601 be8226842bf1d4a21646ffd0c8cacf1877d68a84d5a93531ea369e3a2b12b94b Loading...

	www.googletagmanager.com/gtag/js?id=G-880V30VXTN&l=dataLayer&cx=c	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-880V30VXTN&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash 0d6217cd5f45a885aa695ac393e8bf60 10b4c146fe413a2ac9cfa20360ea1310f181d3e3 36250f6caa10fcec86ee283246f31a40a8c5d6d304f6a29f0cc7150cf3329822 Loading...

	connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95	74 kB	2023-03-12	2024-04-20
Pretty URL connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:01:49 Last Seen2024-04-20 17:48:03 Times Seen983 Hash 19cd6e47a2804b5793d5ea070fcd8ca3 be3ae77ec133b1d125b803fbb12b3ab2adfe11fc 5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a Loading...

	libs.salemove.com/visitor-app.37823f27.min.js	824 kB	2023-03-12	2023-03-13
Pretty URL libs.salemove.com/visitor-app.37823f27.min.js IP 54.230.111.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:12:43 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 950058b651ed103cd653c72cc9bc8d61 80bee3d67ba4af7ef77c436b7d58865537690f2f d06e6f92b511bfffb453b57ba9e78826411611d752afd5d7a123ea203d4a3e1c Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js	36 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash e156e52a2eb2e425a9fb070cffe02bf7 613f90cd98d1e76ba42edb79768ce08bd7d1841c ddceffe418e5eb4cca816dd76986a02c5448a89ac864d81b2050351e065895bb Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js	1.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:19 Last Seen2024-02-17 04:51:03 Times Seen272 Hash a67d659f582bf93e1d8156fc182326f5 ddd3e9a62627e7235a41b3593b9be08eeb5a1c07 d76d1ac714b8979dc902ef8f6b3de25fc320b974816b7d592caa7496cc98e5d5 Loading...

	www.americafirst.com/services/other-services/atm.html	756 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash ab13414dbdb8208549660740fdee91f7 9ac20e75cdae43c42e643d6cbf2a56f070949611 5f141aba103efa133f29e2a2d2b3f750f79d7396884d9f542bd27cac5903147a Loading...

	www.googletagmanager.com/gtag/js?id=AW-791415936	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-791415936 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:05 Times Seen1 Hash 581cfd635195318ba5cd92ef0858f154 2fc423f20667669338edbdc94ef879a23104ef5e c014bb68dded75c7431f1b0d6afbafac41d7c8ade9a0fff51b51423f82187c58 Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js	34 kB	2023-03-08	2024-04-24
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-24 20:41:25 Times Seen6821 Hash dfdd9e1f988805f0c2fbb10cd6b8f034 b6cd42821dd2e732919fd053a4665af0e15e0335 d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 54.230.241.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	connect.facebook.net/signals/config/335590106865602?v=2.9.95&r=stable	154 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/335590106865602?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 266e1c47e30aee8664ab20186d9857d3 408986b373b9dca46844d412f0a775626d86ee0c e3ced0192426e1300bd035c6631e1c93401e9b28dcca324c4238796a51935217 Loading...

	libs.salemove.com/visitor/webcomponents_es5-b699746e7.js	936 B	2023-03-07	2024-04-24
Pretty URL libs.salemove.com/visitor/webcomponents_es5-b699746e7.js IP 54.230.111.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-04-24 00:18:14 Times Seen162 Hash f86098c5208655efb405300993461936 a0a5b6aea7bbb6a51940f8c874aee109477c7b56 832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js	43 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 34af3e60c8fb84b4bd057f3ed1619ec4 3e328d9a6ef4294dad31558a13fea9584f4add91 1d5d1d46da78cb41d999ccaeb7a82433059fea44f9f207db32db2b995eff0171 Loading...

	www.americafirst.com/services/other-services/atm.html	198 B	2023-03-13	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash 2060c4b9b175957da57955236e6bfb5c 702026089f16398a6b1c293fc3f66b377618c040 3f0d4caf42d2461fee969c6edf96558a2ab91a28b77777e0411e78d1b106795a Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:56:10 Times Seen37062650 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js	8.4 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen243 Hash ea4b068b960d37c312c379f07a3e8d45 19278c6d1bb29f33e4f81956b4d56404420bbb4b b8e2fb4c19eb3b6d407f0956f60230db764d5870cfc2e82d58ff179e510aa467 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js	4.8 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash 9e00b415275521f913bf61966d8f1b6a 3e029197e3febab7e6a91c2f5a934639a7637e1e cc6c959b43539c6e9514ad8b63677dee28ce1d36f8287e141a564cf404e9d1ff Loading...

	www.americafirst.com/services/other-services/atm.html	2.0 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash 64e0b709ac006d789dbdddd54235ab55 729564b2c3289b7cd3762aaa67e1cb152ab9bf4c 4d43db195eaa36ca0adfa2b4f3d140389965ed8e9b973f3094481758977029ad Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181501899&cv=11&fst=1675181501899&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4	2.2 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181501899&cv=11&fst=1675181501899&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash 70df347fee651e025450b584f62436f5 aa69a64b72f0fd5de2bae4e5c421cf89ade84fc4 5882520eb5ee03881b8fa59d9d52dfa0330f7a8a51ba8e4ce255417e12f56049 Loading...

	integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js	63 kB	2023-03-13	2024-04-04
Pretty URL integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2024-04-04 19:42:49 Times Seen155 Hash 80f213d3a2f208a7129b19b16ceaefaa 48ef84d55de7986f5d0612c97cc4860f670351aa 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0 Loading...

	www.americafirst.com/etc/clientlibs/afcu/base.min.js	205 kB	2023-03-13	2023-05-04
Pretty URL www.americafirst.com/etc/clientlibs/afcu/base.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:43 Last Seen2023-05-04 04:41:41 Times Seen9 Hash 53bc47046fefa1f26ab3d6a1131087f5 be027fb5b828a14e697cc938a526d8ff301e42c6 f8074fee90688cf7425c1f9cfe0d674b48a6df6162d0103ff303c2321ddf9924 Loading...

	www.americafirst.com/services/other-services/atm.html	272 B	2023-03-07	2024-04-04
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:49 Times Seen124 Hash a398cc78f8189c4fa0b6165ccfa858f3 d85faf49dba957f826a931a4f2bb45a4a365962d 88aa75296cb01a28dec6b18aebf1a22b49f7f3bc1fcb84bf096faf7ae84ce462 Loading...

	www.googletagmanager.com/gtag/js?id=AW-614375826	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-614375826 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:06 Times Seen1 Hash 04e2b47e4e99b49d1fa3735516524b2b 7702f8d37af002327eb3ceb36e202c3b40a13956 617f2a0556e127154fc8e60003f192c12f6e81d1eee40e97e0263fa3bdd7dd3c Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js	119 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 54daab1bb64dbe576b51e12ad9a63658 7fa94279986d013dd79de73355d8f9f020d74173 eae49ef693cbfe17002c01faeca9ff44fd3ac6a74d4519ac201d9d52a99c0f3a Loading...

	public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js	115 kB	2023-03-07	2024-04-04
Pretty URL public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:51 Times Seen255 Hash 619ea4c083a27523d708e062b444ad6b a9fd520ef53b582e29975beb584fc8ea69f7053c 1a289a3e9d916859094be1ef02b28bcd6dd1fd6c578893b8782fc246e733ec94 Loading...

	calcs.americafirst.com/scripts/tipped/comboTipped.js	67 kB	2023-03-07	2023-03-13
Pretty URL calcs.americafirst.com/scripts/tipped/comboTipped.js IP 148.66.212.61 ASN #13649 ASN-VINS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 0aa397bc66e377771c7e7a0c8edd1580 18654f592b40ce0334e8b1b13a598592df375da4 b869b8e90d37abddcd401fd0fe818eb65568f2b82466b038db4d16f1ff93eb81 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js	32 kB	2023-03-07	2024-02-17
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash d87853c9b79ab88bff32909fa686e76c a4aa86c22437299c4ec383592e9e0ef1e9ad39c2 94bb2e97357d49ad14a1fe983fc1f10adf22e3aaf6e212bcc355f6a15c79c7ad Loading...

	www.americafirst.com/services/other-services/atm.html	464 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash b780adb6713bb7851ff7642fdc2790d6 4fe3157f9dd65f5b228bca06c75e4c69fa6d6547 1ffdf931eb2e5a31e87f5439e0f429254570b63731ebde4ceea9aa71321be54e Loading...

	public.cobrowse.oraclecloud.com/rely/global_launcher.js	196 kB	2023-03-07	2023-12-15
Pretty URL public.cobrowse.oraclecloud.com/rely/global_launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-12-15 17:20:49 Times Seen115 Hash c3f1598b042efa5820d3436290fe48e1 b16bd721ac840a0fdc771fdf8c0ed8117b978b93 8ca4e52383c80722fe7a35ec20d4c6705aec49ef14e7c607ae161633f4de7219 Loading...

	www.americafirst.com/services/other-services/atm.html	154 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash 266e54c6ef8a10f39f44105f493d9e56 0b48ff89a6d2f3f6f2e70a329669809f1d9f6ded a4c45b971b1f7772883579d2722ef245f3fc1e3ba6bd0f30d61c203d8e6852c9 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.252 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js	92 kB	2023-03-07	2024-04-24
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 00:04:02 Times Seen296 Hash 8378dd18d27d369a41cd582ec02fc311 3f3a56f0d72c447de8abb2bd9bcb084c1d54a52a 1ab5cd011a40c13c883577c5aa0095513fa2f7279809b0fefe9eeacbf85577b3 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js	4.3 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen244 Hash a09b7a4d5b05eb9bbac906f89de65560 8212d0453aa96851e2f132b3f9a6bb068ac608a5 bc31618f95dc7cc9749e0cb29a4b09630b24844e922385a13ac4a0daed3db70f Loading...

	assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js	3.3 kB	2023-03-08	2024-04-24
Pretty URL assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:57:44 Last Seen2024-04-24 20:41:23 Times Seen5772 Hash b89fcb8870ac40eecb6d3cc844d35389 1bbde1a85912bdeff9c9cf55bf2fb3969d245874 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa Loading...

	www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer	131 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:03 Last Seen2023-03-13 13:26:03 Times Seen1 Hash 6db8c69c8b030d410069559dd02ecb5c b1edff1afba687722a075ad2ea2470ef10571ea5 cb3c54dd1a6ea7aa06026d73c2c5ced2c60f8df71563a6cf2ddfcd445e0c62ce Loading...

	www.americafirst.com/services/other-services/atm.html	500 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 53c5df81540c1d81f0484e48633dd3a7 2158e2660f23ce040e5973bc2329f2c2fd22ad77 c387118b560c919f9149d2d6f1483f53ed7f37f335d627fdff99ff50b3785386 Loading...

	www.americafirst.com/services/other-services/atm.html	524 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:06 Times Seen1 Hash 1caa90d95a192b1a76ec8af54b77bf97 c32d0309d5e0a90aa5dd4f1372f953b7d1ddf519 194c5b05ddc49030aa24970bc5a4a985a4ae515a3c22e53f9720d5dc7f14c609 Loading...

	www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js	50 kB	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen245 Hash 7c5945d9fdb20ee5b15b71b4a97a2ea3 19925f89eb9b10673b48be170c98019c95c5bfb7 53ee1afd714638531a5b6212352f3c89366c802ad5e220cecf676387c242ab86 Loading...

	www.americafirst.com/services/other-services/atm.html	403 B	2023-03-07	2023-06-01
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-06-01 12:53:35 Times Seen10 Hash f24ae9d28cd54512b097751630e6d4d0 150431adde49c74d6a5809971d31ca536d3f3a12 35427de58583d32b781be631b76155c738f3a6b2af38f20f68bea73094bfb020 Loading...

	www.americafirst.com/services/other-services/atm.html	153 B	2023-03-07	2023-03-13
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2023-03-13 13:26:07 Times Seen1 Hash 99ea501b030c880bb0a2a2a8145641ff 5086036e90e2547f8a5f4b9d486e17b0c52d2003 37fc7ef119ac5c84544de199720cbd976c06ca595a2b64ad25b5066b489bdc10 Loading...

	americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL americafirstcreditunion.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.americafirst.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js	32 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-24 20:41:23 Times Seen283 Hash 3f8c54286dc2c062186d92333bb0533f fa1cf489a85944fcb9793108ba596db9f189d680 8a3dd24fe00542dbc89ec319209a1b3aa3859832c571b3b6fe3d76fbbf45482b Loading...

	api.glia.com/salemove_integration.js	8.8 kB	2023-03-12	2023-03-26
Pretty URL api.glia.com/salemove_integration.js IP 54.230.111.10 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:03:30 Last Seen2023-03-26 01:52:14 Times Seen4 Hash 8fbf3720d25bde79ccad301ab0a57770 284c0580081d07ce07cb228a426b282d1c23ef50 4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391 Loading...

	sc87389896us1.cobrowse.oraclecloud.com/launcher.js	37 kB	2023-03-07	2024-04-04
Pretty URL sc87389896us1.cobrowse.oraclecloud.com/launcher.js IP 104.110.2.75 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-04-04 19:42:50 Times Seen249 Hash 2321e235cd1219f0ea1f75a72519efc0 2f434898447e018a8c327efea19f9a638c4dd9ab e9cb6c823d852d50f504f8568c9e9e7d2234819796449106f8ca4f04f4d3f07b Loading...

	assets.americafirst.com/js/pm_fp.js	13 kB	2023-03-07	2024-02-17
Pretty URL assets.americafirst.com/js/pm_fp.js IP 206.81.136.155 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:03 Times Seen247 Hash 805e6f717afb1f6a4af203a52f7c569d 939d695b61b5ada21794c1e98de324479de158bf 190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896 Loading...

	www.americafirst.com/services/other-services/atm.html	312 B	2023-03-07	2024-02-17
Pretty URL www.americafirst.com/services/other-services/atm.html IP 206.81.136.154 ASN #17150 AFCU Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:45:03 Last Seen2024-02-17 04:51:02 Times Seen122 Hash f386e32f899ed57f698e976a88e5f15e cfc424d5a55b1c45eefe7d10e1dad52f8cd1a412 c55c15472fe67e3c9701242fda8132b5fc747d555931adbaa9fe31749c626914 Loading...

	assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js	346 kB	2023-03-13	2023-03-13
Pretty URL assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:43:27 Last Seen2023-03-13 13:26:07 Times Seen1 Hash bc90c2402668f7fcff8af00f42c06e80 fb681c29a878e2948969ef726346e45d7c915e65 8bec3f36c5fbd3ee91bc05bf1940f59d80b60cba6d8cc551daf7839056e8dca9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

		Size	First Seen	Last Seen
	#1 Eval - 358288417d5e191885dd8baa72a7479e	65 kB	2023-03-07	2024-02-17
Pretty Observations First Seen2023-03-07 01:12:13 Last Seen2024-02-17 04:51:03 Times Seen122 Hash 358288417d5e191885dd8baa72a7479e 918f8f75203b9b71e69db5860536b5d289f80464 072d86f4e1c0c69cc10c78417d048264421313ff69409de20ba31f10777bb2f5 Loading...

HTTP Transactions (143)

URL IP Response Size

amfdc5u.firebaseapp.com/

199.36.158.100

200 OK

190 B

URL HTTP/2
amfdc5u.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (512), with no line terminators
Size
190 B (190 bytes)
Hash
37ab0fd6dc271cce5b75a729df96d578
406de10022668168eca379d1d44d06a1c23bec26
42a9ffc68e983642598ef68e48d1a9d9c43e3c8d9dd3003a09fbc629910dccb4

Detections

Analyzer	Verdict	Alert
openphish	America First Credit Union
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: amfdc5u.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "a0ffd04569be39957374de62cf5dd2785d8d8549b60e9bd29a373801bff7a90f-br"
last-modified: Mon, 30 Jan 2023 15:00:21 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 31 Jan 2023 16:11:19 GMT
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675181479.182710,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 190
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4359
Expires: Tue, 31 Jan 2023 17:23:58 GMT
Date: Tue, 31 Jan 2023 16:11:19 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7378
Expires: Tue, 31 Jan 2023 18:14:17 GMT
Date: Tue, 31 Jan 2023 16:11:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 15:35:54 GMT
content-type: application/json
age: 2125
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12116
Expires: Tue, 31 Jan 2023 19:33:15 GMT
Date: Tue, 31 Jan 2023 16:11:19 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04edd8119f1d89a73b74cec8ed03736a
4baa9606e8a71e96bf34ac2a1fe9b7e52fe946b8
5ca904cb1573cb3ee6192a75a21dd54c93f4d1dbc587a4795afbc31486de34f6

HTTP Headers

POST /s/gts1d4int/ULiEbIvUkmk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: UhtyB6q6dmxsIXCW7xHrAA4eKHBVpplNDstQENU+5awvByDNmh/RgDhza/JYYPONLe1LN6PGrgE=
x-amz-request-id: JNX2S529GQ83487V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 15:22:16 GMT
age: 2943
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 16:11:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 15:49:04 GMT
age: 1336
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3885fe477641c4f3158f9dc58072b74
01ab68f38d080fec8afeb8f089c1c669ed5c86d3
52bd9d7b02d681b2c639d06972bcc6637088af4e5104f14f1ee066e024e19e16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52BD9D7B02D681B2C639D06972BCC6637088AF4E5104F14F1EE066E024E19E16"
Last-Modified: Tue, 31 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20239
Expires: Tue, 31 Jan 2023 21:48:39 GMT
Date: Tue, 31 Jan 2023 16:11:20 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3885fe477641c4f3158f9dc58072b74
01ab68f38d080fec8afeb8f089c1c669ed5c86d3
52bd9d7b02d681b2c639d06972bcc6637088af4e5104f14f1ee066e024e19e16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52BD9D7B02D681B2C639D06972BCC6637088AF4E5104F14F1EE066E024E19E16"
Last-Modified: Tue, 31 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20239
Expires: Tue, 31 Jan 2023 21:48:39 GMT
Date: Tue, 31 Jan 2023 16:11:20 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16356
Expires: Tue, 31 Jan 2023 20:43:56 GMT
Date: Tue, 31 Jan 2023 16:11:20 GMT
Connection: keep-alive

apcnt.com/page/init

142.202.191.247

200 OK

0 B

URL HTTP/1.1
apcnt.com/page/init
IP
142.202.191.247:0
ASN
#398019 DYNU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /page/init HTTP/1.1
Host: apcnt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-page-name,x-token-id
Referer: https://amfdc5u.firebaseapp.com/
Origin: https://amfdc5u.firebaseapp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 31 Jan 2023 16:11:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Allow: HEAD, OPTIONS, GET, POST
Access-Control-Allow-Origin: https://amfdc5u.firebaseapp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-page-name, x-token-id
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin

push.services.mozilla.com/

35.162.79.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.79.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bq9Bng3VcRmRs/2lBSRVLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aPHG6Pe+XMvvanRnZiglxx1wqvY=

apcnt.com/page/init

142.202.191.247

401 UNAUTHORIZED

35 B

URL HTTP/1.1
apcnt.com/page/init
IP
142.202.191.247:0
ASN
#398019 DYNU

File type
JSON data\012- , ASCII text
Size
35 B (35 bytes)
Hash
85ab59091df1b777ae06fddf917881ce
9e833ae263f15bddb20a6c8786becedab4273f33
c8df23d7c8e90073b944834bdd42b665a14173a7eb38e1bde8fceed940fcdec5

HTTP Headers

GET /page/init HTTP/1.1
Host: apcnt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-PAGE-NAME: Afcu
X-TOKEN-ID: CQ4G699BBMBg9q5FhA4YAr
Origin: https://amfdc5u.firebaseapp.com
Connection: keep-alive
Referer: https://amfdc5u.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 401 UNAUTHORIZED
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 31 Jan 2023 16:11:20 GMT
Content-Type: application/json
Content-Length: 35
Connection: keep-alive
Access-Control-Allow-Origin: https://amfdc5u.firebaseapp.com
Access-Control-Allow-Credentials: true
Vary: Origin

ocsp.usertrust.com/

172.64.155.188

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
ae39333ae66accd3f8c0b703536422b3
56276d359bb892b328ad946d38c5198258e7c7a6
fa80d7b61e5d5b84955ab46a8ea06f2661f36614ef81d3e6596dccfa30c9b51b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:21 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 22:12:16 GMT
Expires: Sat, 04 Feb 2023 22:12:15 GMT
Etag: "56276d359bb892b328ad946d38c5198258e7c7a6"
Cache-Control: max-age=603458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 324
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7923b9024c0bb50f-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
504bf11d8906ba63a9f5a9d23ece140f
f39b77d8c4da4c0cb06fbc9094b7859977107742
3b376dc0f315b2525a97b9054dc4e71cff390f117b5432b17f1f3ca2fce5e1e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 12:26:32 GMT
Expires: Tue, 07 Feb 2023 12:26:31 GMT
Etag: "f39b77d8c4da4c0cb06fbc9094b7859977107742"
Cache-Control: max-age=590709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923b9026e5cb4f4-OSL

assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js

23.38.200.237

200 OK

97 kB

URL HTTP/2
assets.adobedtm.com/launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32715)
Size
97 kB (97378 bytes)
Hash
5cc9d4acdd41713ae121b044b2d3fdf6
0fc95d9c6535461e9911d89bd26e1f86b246ce9e
fb126c36a09b71df64b11b91a356b9c7d5086e1b882ec0260c03cc83cfc8a71e

HTTP Headers

GET /launch-EN7ab29dc248554a978d6a43ab5b3b3e8f.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bc90c2402668f7fcff8af00f42c06e80:1674584240.268644"
last-modified: Tue, 24 Jan 2023 18:17:20 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 97378
cache-control: max-age=3600
expires: Tue, 31 Jan 2023 17:11:21 GMT
date: Tue, 31 Jan 2023 16:11:21 GMT
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

sc87389896us1.cobrowse.oraclecloud.com/launcher.js

104.110.2.75

200 OK

9.5 kB

URL HTTP/2
sc87389896us1.cobrowse.oraclecloud.com/launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
C++ source, ASCII text, with very long lines (21806), with CRLF, LF line terminators
Size
9.5 kB (9477 bytes)
Hash
f2675c03e6a7139681958ede8c291f34
dee8ba07ce2007a6fd1fd9518d9e316f7611d3e6
e141aba7a3c84fda9f541f0a8336a7a73305a36a290c6a0eb8eb4c51498633cb

HTTP Headers

GET /launcher.js HTTP/1.1
Host: sc87389896us1.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
etag: "2321e235cd1219f0ea1f75a72519efc0:1557866875"
last-modified: Tue, 14 May 2019 20:47:55 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:11:21 GMT
content-length: 9477
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9581
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 16:11:21 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9581
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 16:11:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 45064
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9581
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 16:11:21 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:53:29 GMT
age: 51472
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -npeyE-5ETAaI6cs7oewWxVe4ZUrtmhvCNC4tMWT_3ab3hZ3tw060w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 18:56:07 GMT
age: 76515
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 51186
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9580
Expires: Tue, 31 Jan 2023 18:51:02 GMT
Date: Tue, 31 Jan 2023 16:11:22 GMT
Connection: keep-alive

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13853 bytes)
Hash
d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:47:13 GMT
age: 66249
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10898 bytes)
Hash
4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 66397
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.americafirst.com/services/other-services/atm.html

206.81.136.154

200 OK

28 kB

URL HTTP/1.1
www.americafirst.com/services/other-services/atm.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (824)
Size
28 kB (27541 bytes)
Hash
4633588f161c1c465fd5562fd2484044
6c59c9ab99a5cc4be883b6042b1e39deed19bcc1
4e938f84ce57787cf2a6d24a99fecd7fc7097083bbe64c9312de31805042f719

HTTP Headers

GET /services/other-services/atm.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amfdc5u.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:21 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2
Expires: Tue, 31 Jan 2023 16:11:23 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 27541
Keep-Alive: timeout=5, max=11
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js

104.17.25.14

200 OK

792 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1605)
Size
792 B (792 bytes)
Hash
13edf8140d2675abddd5abd0375c61a6
3f4c7b5b315e74accb4c96b3fac756c69600a1c5
fdd2b6d118db42dec69f1eb5775ad1fa4eee0ce1de0817af3d33f490e2668795

HTTP Headers

GET /ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.2/jquery.xdomainrequest.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 792
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-727"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1070684
expires: Sun, 21 Jan 2024 16:11:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlOyQW6Vxaa7UsP%2FqlilOtWU2wrch1UBEBjx7PbMKaoPJqkHalwBjuNXOBqJlMusFDXhWGFAQuEalmagZPjhMplKzadg%2FlThMJzR%2FhuEYNF3GWKXh4ijbHSiOQG7k1DTO%2FV5pmHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7923b9072e03b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js

142.250.74.10

200 OK

7.2 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6069)
Size
7.2 kB (7240 bytes)
Hash
11e8a58070c375f6b89929805853f58e
0a6c4e2684d0e9b9889a5bdb0374fe241732845f
f8c5cc4360a468004402e0d214b44ade691375bd085d40ce4fc8bd182649e1fd

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/autocomplete/autocomplete-min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:46:17 GMT
expires: Fri, 26 Jan 2024 20:46:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 415505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js

142.250.74.10

200 OK

37 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/utilities/utilities.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11284)
Size
37 kB (37009 bytes)
Hash
d3a2418128f6434c0b8b2bd37ec9832d
58b94b60fedb0db4ffe094146d76596037f221c8
2554d2265affb518693b7d60c49fe22d7fff5ca0116b588e665702fcd1521202

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/utilities/utilities.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 37009
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:44:48 GMT
expires: Tue, 30 Jan 2024 18:44:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 77194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js

142.250.74.10

200 OK

8.0 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6109)
Size
8.0 kB (7976 bytes)
Hash
b5597319a33d8a6dc405d6c9ea80b518
e1e0abe7671d8ea2174e3eefc5b92824719617ca
65827ab1400d29599f39266266cef6bb866ddd6df703627383fc0544c0e53c03

HTTP Headers

GET /ajax/libs/yui/2.8.0r4/build/datasource/datasource-min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 22:57:34 GMT
expires: Tue, 30 Jan 2024 22:57:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 62028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6c2b176158d7c85cf2c8fd9bdd28930d
483d693fa2ffe3edce0dd65f52f3f1705612ef54
07f3c855155c186a74e02d255cf719072105c72c312248104ff0652c73dc45ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106651
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:22 GMT
Etag: "63d83b45-1d7"
Expires: Wed, 01 Feb 2023 21:48:53 GMT
Last-Modified: Mon, 30 Jan 2023 21:48:53 GMT
Server: nginx
Content-Length: 471

www.americafirst.com/etc/designs/afcu.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/designs/afcu.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css

206.81.136.154

200 OK

3.7 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (1188)
Size
3.7 kB (3717 bytes)
Hash
a6fa5ea919fd5af0172540091dd7f2e3
e38c151a85dfe4dcf531078dc417b99ab21cbd38
213df987f8b0ce29ae4df227bec70a1dd54535c6f2f1f09daeb1e1f871618884

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3717
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/vendor/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js

206.81.136.154

200 OK

11 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jqueryui.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (587)
Size
11 kB (11168 bytes)
Hash
2877fededda3f465ad9ea93b980b7253
22a68f52fc9c5123cde8a9e5376507f0fadf9cf2
c7c4a22646b98ee2eb953d58524004c6d72bae9b119d5f0b86a7060436f8d642

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jqueryui.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 11168
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js

206.81.136.154

200 OK

32 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (657)
Size
32 kB (32312 bytes)
Hash
4ff70b3af60012dc39eb3975d2483cbd
5b2ecc408bf76a628d4c92a6aff21bae63620f63
b85935f2651ce59a567339ad09aa6e9eaec44be595e31d9997235a279c31b4c5

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 32312
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5f759b96a696e1f82e3d127bb0713981
1d349377de6d064e533f719459c89cacc0e6533f
afd3761306f9abcddcccf5d24bcc8a57a4d02664b969f37128b222a8924da02a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 00:32:54 GMT
Expires: Tue, 07 Feb 2023 00:32:53 GMT
Etag: "1d349377de6d064e533f719459c89cacc0e6533f"
Cache-Control: max-age=547890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923b9098fe1b4f4-OSL

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css

206.81.136.154

200 OK

1.3 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (755)
Size
1.3 kB (1283 bytes)
Hash
bf89f0f71413d9ab3f1f2900b6b292c8
1471be4e9652fe4d8c865a58e29363d94497a6f3
8f47d7932519e20660e758448ccdd4d978bf2cab42157f7fd26c1376271b4971

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1283
Keep-Alive: timeout=5, max=5
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js

206.81.136.154

200 OK

13 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (586)
Size
13 kB (12667 bytes)
Hash
02dfccce6d9a7de6da98d282c4f17e1f
41eb389f7adfeb25cecd4ea3eb09be81d6ae458b
f23dfe5ed4e16dddac960c5bd171c06f90d7eb7e02ed26fd29ded3160a323b72

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 12667
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js

206.81.136.154

200 OK

3.0 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/swift.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (525)
Size
3.0 kB (2993 bytes)
Hash
b933e81a6ffae2a9d9823cb78f111c9a
ccdf99561fbc365320814394ddf304d701cde551
14a5e6a44dd63a2657a870c3b883d7bc90f34c24ffbb3570d5b7a7d50e7a6142

HTTP Headers

GET /etc/clientlibs/afcu/vendor/swift.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2993
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js

206.81.136.154

200 OK

793 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/jquery_cookie.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (506)
Size
793 B (793 bytes)
Hash
9f89be8c9e55c4458eeab10d5668571e
4a9dbe1699f2255a484c6a3bea7ca65c143cd955
c6fd4e7f42656b4a0f7c2d5c43d58f04c54c023e6059886680ed7472566e6dcb

HTTP Headers

GET /etc/clientlibs/afcu/vendor/jquery_cookie.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 793
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020

206.81.136.154

200 OK

24 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (759)
Size
24 kB (24078 bytes)
Hash
b00b4eedd5bf17f29d3654d22c45b8ed
473e2e308348e21d7d7df502a620ff21d22ea0ab
c228f1003616dcdb6f50f389cd7cbee90e76afdfe635a2867a0e4b29a571a974

HTTP Headers

GET /etc/clientlibs/afcu/vendor/bootstrap.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=6
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css

206.81.136.154

200 OK

0 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css

206.81.136.154

200 OK

1.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text, with very long lines (311)
Size
1.1 kB (1127 bytes)
Hash
ceee945acaceeaa45d77eb9ab0edf73c
15d73dde292077e50ad6f75bdbdd435ce24ce6d6
3238846fffcf4dddfd85156359176d382fbad7d1f37b27b38e8f02b0971af635

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1127
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/css

assets.americafirst.com/js/pm_fp.js

206.81.136.155

200 OK

13 kB

URL HTTP/1.1
assets.americafirst.com/js/pm_fp.js
IP
206.81.136.155:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (12876), with no line terminators
Size
13 kB (12876 bytes)
Hash
805e6f717afb1f6a4af203a52f7c569d
939d695b61b5ada21794c1e98de324479de158bf
190f442b064e275022a918a7c555dc26749ae9a5dda27681c0bf097f500b2896

HTTP Headers

GET /js/pm_fp.js HTTP/1.1
Host: assets.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 21:18:47 GMT
ETag: "324c-568a7c9249bc0"
Accept-Ranges: bytes
Content-Length: 12876
Keep-Alive: timeout=15, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e3a93a1fc6d125505a1723e93ddd4e94
20972c2e5924d77cd98068d3b66c67af74bd511b
541c5f137967786fb50d6d16170ea25a5ac8ed8a689e07ebb0ec70c98441eb97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 07:05:39 GMT
Expires: Mon, 06 Feb 2023 07:05:38 GMT
Etag: "20972c2e5924d77cd98068d3b66c67af74bd511b"
Cache-Control: max-age=485055,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7923b909becfb51d-OSL

www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js

206.81.136.154

200 OK

9.9 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/slick.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (573)
Size
9.9 kB (9936 bytes)
Hash
1fbfef4765bbbbbb5e71d11866d5ebc9
ec9102bf15c63b471d80689b8e9b6afb599e5bb2
bba09183f6c1c6219819f6d5d5170f883d08817d81e85e4d9cc6ac92f0028151

HTTP Headers

GET /etc/clientlibs/afcu/vendor/slick.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9936
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js

206.81.136.154

200 OK

12 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/html2canvas.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (564)
Size
12 kB (12329 bytes)
Hash
1598e8ae94bd862ac60ce2ca3ee667a0
95b9e1242259033519025572e443577b9c18066a
cf88575b8e2f460dc9c04e6cd929f68901edbc978c148862b091d122c72570f9

HTTP Headers

GET /etc/clientlibs/afcu/vendor/html2canvas.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 12329
Keep-Alive: timeout=5, max=2
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js

206.81.136.154

200 OK

2.1 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/mask.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (574)
Size
2.1 kB (2105 bytes)
Hash
b24b3d75f693b844eb6eca9ab8e1623a
bb04eecc43833e4d7606dc075c233a68a2acbb66
7dbba0141c31e2e593ed72f78eea04214cbb07262d3e65278d387e55d8ebc1f0

HTTP Headers

GET /etc/clientlibs/afcu/vendor/mask.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2105
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js

206.81.136.154

200 OK

1.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/vendor/backstretch.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (529)
Size
1.8 kB (1833 bytes)
Hash
0e3967977de38ac9df932eb4f0d041d7
9f4844d8b9e468482a750153f8be6cdd4e63b8da
af2a1133bd2dd371509660def707ad117da17381216b8679f1116f198c85eb5e

HTTP Headers

GET /etc/clientlibs/afcu/vendor/backstretch.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1833
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020

206.81.136.154

200 OK

41 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with very long lines (686)
Size
41 kB (41258 bytes)
Hash
bb77f11c9dc3138faa732b4666e96291
0b5d8dcaaef98afa5d06d8219128ee8c160982cb
f88112b1c148b57cfe7dc9e9c282773b7760db248f7f2c312f7996e88f776ed2

HTTP Headers

GET /etc/clientlibs/afcu/base.min.css?t=10302020 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/base.min.js

206.81.136.154

200 OK

45 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/base.min.js
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Unicode text, UTF-8 text
Size
45 kB (45180 bytes)
Hash
f27b32ead6526932bd00d8d9b755ac35
6c1de1390199b4797cccbec7ab064f0b3151a511
21d0e72057b3ce20b33682466724c4f5850fd620e39ad3b72dbf4fc1c2b24683

HTTP Headers

GET /etc/clientlibs/afcu/base.min.js HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:23 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 45180
Keep-Alive: timeout=5, max=5
Connection: Keep-Alive
Content-Type: application/javascript

www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css

206.81.136.154

200 OK

128 B

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/components/general/loader.min.css
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
adb1039e2fdbbd2f0cd7f8b4853c880a
4edbabcfd7af0e4ce929c1d873e42352165f01fe
e62b524db3bef5e4bd24d06e3871ff68384d6b69b2d34ca97404cd5b6497b70c

HTTP Headers

GET /etc/clientlibs/afcu/components/general/loader.min.css HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:22 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 16:11:22 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 128
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/css

www.americafirst.com/content/dam/nav/nav-services-03.jpg

206.81.136.154

200 OK

26 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-services-03.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
26 kB (26264 bytes)
Hash
a5f8703ff8569c481686dee7efdfbe71
359441bc385f5d9fbb236fc97616df5a3ebcd701
ab8da6f834b214aa136841d1652d27f3bfbc5cee47bff31ccdf0e5a08f026906

HTTP Headers

GET /content/dam/nav/nav-services-03.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 26264
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-loans-02.jpg

206.81.136.154

200 OK

30 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-loans-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
30 kB (29739 bytes)
Hash
075c8ddbe10da377b9e0fa000cbd6923
9545743e2c7add002c66d2b7a474dd3fa4be0f2c
fadbf02e0f7b34d1da7e0791c2398e5abaf27b914d5825088adcd6af5071a6b7

HTTP Headers

GET /content/dam/nav/nav-loans-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 29739
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/nav/nav-accounts-02.jpg

206.81.136.154

200 OK

23 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-accounts-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
23 kB (22732 bytes)
Hash
a99514fea1815a6b5ebe648041a2fe71
49b017bd5f63cb5bf37ecfba0b539e91519477f3
f0c59daceffddeadba354ccec9deb0ed3c425b7a0015ead6877fae4b7f5cc907

HTTP Headers

GET /content/dam/nav/nav-accounts-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 22732
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/content/dam/icons/become-a-member-white.png

206.81.136.154

200 OK

4.0 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/become-a-member-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3952 bytes)
Hash
ae6f04ea223ca69f073ff3f750af6c26
79c984f108dab1619d58a86ee08c871a18dac1ab
38779672cd3226ed3e5f13be3b79cdab74b55e74bb5fbc96051436e5caa52643

HTTP Headers

GET /content/dam/icons/become-a-member-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3952
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg

206.81.136.154

200 OK

21 kB

URL HTTP/1.1
www.americafirst.com/content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size
21 kB (20583 bytes)
Hash
56a4d6e72dbcb720820272077b6db785
796c589c3b12f4b27d4508149000edf51a02a3af
4cc97dc3a3d6faa8e866600202b98af8fd7008e93d3463d6a04b380f26f0d573

HTTP Headers

GET /content/dam/business/20_03_AFCU_SBAPPP_Forgive_Message.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 20583
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg

public.cobrowse.oraclecloud.com/rely/global_launcher.js

104.110.2.75

200 OK

62 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/global_launcher.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (43236), with NEL line terminators
Size
62 kB (61668 bytes)
Hash
2193eb443cd104c584f67d4af22d6915
833c832f79003b28c570aedaf4e1aee102ddc9aa
ef46bfe4fadb62c0861b0b9b52506b37d36ddcf722d7445dd62d312f52d17a2d

HTTP Headers

GET /rely/global_launcher.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "c3f1598b042efa5820d3436290fe48e1:1642746872.088599"
last-modified: Fri, 21 Jan 2022 01:34:30 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:11:23 GMT
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js

23.38.200.237

200 OK

1.6 kB

URL HTTP/2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3138)
Size
1.6 kB (1598 bytes)
Hash
dbb5211703cf7696d634360cc8874fa7
9231e7ebe8096b629c9ac522e41f8c2a8013db99
535a218392da01549f9fd640908f59c213e809c2db778c36094e3a84959106df

HTTP Headers

GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1598
expires: Tue, 31 Jan 2023 17:11:23 GMT
date: Tue, 31 Jan 2023 16:11:23 GMT
cache-control: no-cache
access-control-allow-origin: https://www.americafirst.com
timing-allow-origin: *
X-Firefox-Spdy: h2

public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=hc4uv5qgufwldkftamv&version=20230031

104.110.2.75

200 OK

12 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=hc4uv5qgufwldkftamv&version=20230031
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Size
12 kB (11698 bytes)
Hash
9466edea5b690a8dcc94a8aee5255448
8200790330fb146fdc254fb694871e0e9d73e974
f59a6c07012c632c6d0014640439abdd1e0de1f6b4cb557c43531c43af88d24c

HTTP Headers

GET /rely/storage/ll_storage_html5.html?context=hc4uv5qgufwldkftamv&version=20230031 HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "b7b7e70ac037b592aef8c274d8e66a71:1634875896.03281"
last-modified: Thu, 21 Oct 2021 23:11:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:11:23 GMT
content-length: 11698
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ba0a5a019f68de808d546b25f5f1afd9
33c3d1972b2d517029bab1e749ee1374300491d9
edfd8175f0da704eb77840543eb2913a223a94107e3c4adb2bf30b8bda9fe991

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:23 GMT
Last-Modified: Tue, 31 Jan 2023 14:40:38 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html

206.81.136.154

200 OK

858 B

URL HTTP/1.1
www.americafirst.com/content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
HTML document, Unicode text, UTF-8 text, with very long lines (447)
Size
858 B (858 bytes)
Hash
d344ffcf24451f48cc4a82e1fc7bb8d5
b47e685cb8714da632fb6bd694e18dc116d926d3
b727522f65faca7335b136f99ee635ad087344b582582ab8ce4f73278ce9b230

HTTP Headers

GET /content/afcu/en/main-site-configuration/_jcr_content/header/notification.nocache.html HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: max-age=300, max-age=2
Expires: Tue, 31 Jan 2023 16:11:25 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 858
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

206.81.136.154

200 OK

14 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Web Open Font Format (Version 2), TrueType, length 14076, version 1.0\012- data
Size
14 kB (14076 bytes)
Hash
bf912df22c6dc861e7a01c32fc165187
6918b9cb1fba7d78ce615063203fb5b1eb63ec50
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

HTTP Headers

GET /etc/clientlibs/afcu/fonts/google/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 14076
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: font/woff2

www.americafirst.com/content/dam/nav/nav-about-02.jpg

206.81.136.154

200 OK

34 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-about-02.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size
34 kB (34420 bytes)
Hash
6f3cd2c29035f40678a77eb275e92a24
c2ae338b5b20e2784eb52b5940dd994d6c3903d0
9b026865527a86a69ccecccbc65f7d93361a6ca8c58ab92470cdf8cd2de5724e

HTTP Headers

GET /content/dam/nav/nav-about-02.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 34420
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg

www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

206.81.136.154

200 OK

14 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
Web Open Font Format (Version 2), TrueType, length 13944, version 1.0\012- data
Size
14 kB (13944 bytes)
Hash
b27045292283a12723b217e203986aeb
4f9874233a688abe21c9d0b44223d909ca96ea43
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

HTTP Headers

GET /etc/clientlibs/afcu/fonts/google/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2 HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 13944
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/woff2

www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt

206.81.136.154

200 OK

9.8 kB

URL HTTP/1.1
www.americafirst.com/etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, afcu-icons \012- data
Size
9.8 kB (9761 bytes)
Hash
48e99398ff3cb928d8a206047c748f83
fa541d94e75fca57c118adf7fc30361012d31132
17ba00b0551f829848d9cc73126aae46f3d0d1668432e30bdecffb2bc70f4ae1

HTTP Headers

GET /etc/clientlibs/afcu/fonts/afcu-icons/css/fonts/afcu-icons.ttf?vjz2zt HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/etc/clientlibs/afcu/base.min.css?t=10302020
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: inline
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9761
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/x-font-ttf

dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865

52.18.129.71

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865
IP
52.18.129.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=18391985601785552492346630912802107042; Max-Age=15552000; Expires=Sun, 30 Jul 2023 16:11:23 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: jIEpivC4RHc=
Content-Length: 0
Connection: keep-alive

calcs.americafirst.com/scripts/tipped/comboTipped.js

148.66.212.61

200 OK

26 kB

URL HTTP/2
calcs.americafirst.com/scripts/tipped/comboTipped.js
IP
148.66.212.61:0
ASN
#13649 ASN-VINS

File type
ASCII text, with very long lines (38112), with CRLF line terminators
Size
26 kB (25966 bytes)
Hash
c4079849c0a18c215ab4eb8352502346
1556667f388302868adcae03f8eb4f31e003f7fe
d18e9af72308137dad68f2826f902bf44abaa7fc1e0be381840f55a3c3f75229

HTTP Headers

GET /scripts/tipped/comboTipped.js HTTP/1.1
Host: calcs.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
vary: accept-encoding
content-type: application/javascript
content-encoding: gzip
strict-transport-security: max-age=31622400; includeSubDomains
date: Tue, 31 Jan 2023 16:11:21 GMT
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
etag: W/"66987-1555013214000"
last-modified: Thu, 11 Apr 2019 20:06:54 GMT
access-control-allow-headers: Charset, Content-Type, Accept
X-Firefox-Spdy: h2

dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865

52.18.129.71

200 OK

124 B

URL HTTP/1.1
dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865
IP
52.18.129.71:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
124 B (124 bytes)
Hash
1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca

HTTP Headers

GET /id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&ts=1675181500865 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: LHbwdAKLRy8=
Content-Length: 124
Connection: keep-alive

www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png

206.81.136.154

200 OK

10 kB

URL HTTP/1.1
www.americafirst.com/content/dam/afcu/logo/logo-desktop-inverse.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 390 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9957 bytes)
Hash
55a1e45732b0d0cb9435fcf2c85914a8
8f9ebea0799281fa44904feee3dab6041b467d2a
96b761c941e24fe52b008c62e966aef6e6c8e8a60578cf473914cf94b16adde6

HTTP Headers

GET /content/dam/afcu/logo/logo-desktop-inverse.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/icons/apply-for-loan-white.png

206.81.136.154

200 OK

2.9 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/apply-for-loan-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2894 bytes)
Hash
312e291b178453932dfb5beef551903f
ff74f2bbb372130309e5e521f4370fbc2ee65242
5ae41c9124cae5796f2b2f3730d17e75e9ca046468f4813863a079ded3baa4b6

HTTP Headers

GET /content/dam/icons/apply-for-loan-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 2894
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/icons/find-location-white.png

206.81.136.154

200 OK

3.2 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/find-location-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3192 bytes)
Hash
f347329ac596e314631c4260fb3c0e52
a569c2e0fd0e31dd80cb7caa321a385b3b7340e7
90dbbeb09e5e2bcc6bdda8bfeabf3e968fc71626578eb512a1892b44144e5fb5

HTTP Headers

GET /content/dam/icons/find-location-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 3192
Keep-Alive: timeout=5, max=3
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/icons/careers-white.png

206.81.136.154

200 OK

1.8 kB

URL HTTP/1.1
www.americafirst.com/content/dam/icons/careers-white.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 171 x 161, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1794 bytes)
Hash
55a943fbd9790b225523ad51e9dffb60
808c85daf40c6840a5a798b7df3ed6397604cd32
21d908e848b57784f769bbf34c6669460b1c5b2d77d41cedceffc8c4e4930b36

HTTP Headers

GET /content/dam/icons/careers-white.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 1794
Keep-Alive: timeout=5, max=33
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/nav/nav-learn.jpg

206.81.136.154

200 OK

48 kB

URL HTTP/1.1
www.americafirst.com/content/dam/nav/nav-learn.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:09:20 15:02:31], progressive, precision 8, 300x250, components 3\012- data
Size
48 kB (47901 bytes)
Hash
a8e23fd69a941262a473447da048ab48
7eeb55c530ab4eb492deffbec84d114434eecde4
991e3d5fa232e5259df67968507cff332947551feedcb1c9e3e70fe3b9900498

HTTP Headers

GET /content/dam/nav/nav-learn.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 47901
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ba420a04bb781bf846c111b6a9855e55
114686b6cf50b19397b6c6bc329e4fe30415d944
1c683f1afa86309ffe195be7b3c2d053705be6f12afea58bb10fb2e5f164d1b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 16:11:23 GMT
Last-Modified: Tue, 31 Jan 2023 15:57:51 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZObWfQjhnLXX-JnFOas8euJmjOrkn-2WAiTrhHK-u52QCYP07JTdJA==
Age: 812

www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-791415936&l=dataLayer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
51 kB (50642 bytes)
Hash
1880769cc8ca0bd4c6b859d92e42e0a3
d7337d9fa2d3dadc62da04b40c2872cf73586548
86de9eb1e3a3b6e46604089fd52634d6df1d17a1c3056b52278082658f8b4bb3

HTTP Headers

GET /gtag/js?id=AW-791415936&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 16:11:23 GMT
expires: Tue, 31 Jan 2023 16:11:23 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png

3.226.55.195

200 OK

42 B

URL HTTP/2
listen.audiohook.com/62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png
IP
3.226.55.195:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /62bca906-f665-4c3f-ba78-eecdf2220bf5/pixel.png HTTP/1.1
Host: listen.audiohook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:23 GMT
content-type: image/gif
content-length: 42
server: meinheld/1.0.2
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg

206.81.136.154

200 OK

73 kB

URL HTTP/1.1
www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2019:12:05 09:57:21], baseline, precision 8, 300x250, components 3\012- data
Size
73 kB (72575 bytes)
Hash
654623c1eca99226260d4088c59f5769
daf39810839c151ad081ffb21cb48dcec37684ef
b576be4e253bd51d928168804d9584916507a203d920c9208dfe132621018f12

HTTP Headers

GET /content/dam/visa/visa-card-signature-mega.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 72575
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg

public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js

104.110.2.75

200 OK

21 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/client/ui/livelook_ui_manager.bundle.js
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20968 bytes)
Hash
c71817d4d41ad2a3069aa18ed35afdee
177989b846b7f092036daa1f1e5b26f245e8c576
0cdedffe5d8f066d5401afa0f96159649d2296d49a48339cf093c9d9677e3bc6

HTTP Headers

GET /rely/client/ui/livelook_ui_manager.bundle.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
etag: "619ea4c083a27523d708e062b444ad6b:1648187515.534791"
last-modified: Fri, 25 Mar 2022 00:51:52 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 16:11:23 GMT
content-length: 20968
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2

public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif

104.110.2.75

200 OK

56 kB

URL HTTP/2
public.cobrowse.oraclecloud.com/rely/resources/images/v4llpanel/wait.gif
IP
104.110.2.75:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 220 x 24\012- data
Size
56 kB (55779 bytes)
Hash
9c93dd978bd0230c76e230af8fd04c02
e1c9a00f267d3ed3435de98ce008788e2349fd91
527a1ec8fe47ac6533dad4bccbfc1e2ea49f6cf0fac6bcabf1dc896cfa7b5e0f

HTTP Headers

GET /rely/resources/images/v4llpanel/wait.gif HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
etag: "9c93dd978bd0230c76e230af8fd04c02:1666988500.023083"
last-modified: Fri, 28 Oct 2022 20:21:40 GMT
server: AkamaiNetStorage
content-length: 55779
date: Tue, 31 Jan 2023 16:11:24 GMT
X-Firefox-Spdy: h2

www.americafirst.com/content/dam/fraud-alert.png

206.81.136.154

200 OK

9.3 kB

URL HTTP/1.1
www.americafirst.com/content/dam/fraud-alert.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9298 bytes)
Hash
dd7bdf0aaaf27f83c082611b017b95ea
bd8154d11973b6135b7f03c9084311628241e8cf
04b1df5dce9cfce88abc012067950b7c579a7f7922cd10ce5994261794ff4a79

HTTP Headers

GET /content/dam/fraud-alert.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 9298
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.americafirst.com/content/dam/services/hbg-atm-services.jpg

206.81.136.154

200 OK

144 kB

URL HTTP/1.1
www.americafirst.com/content/dam/services/hbg-atm-services.jpg
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x350, components 3\012- data
Size
144 kB (144232 bytes)
Hash
affe84eae9bfd543485baae9838ed46f
d379f76098d93614d9e103c3972d937d78e6f743
441e8035b9b3c7ff1308eefadaf29aa740f0ba261ae4c2601582cf6bb58a296c

HTTP Headers

GET /content/dam/services/hbg-atm-services.jpg HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:23 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:23 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 144232
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

js.adsrvr.org/up_loader.1.1.0.js

54.230.241.118

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
54.230.241.118:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1882 bytes)
Hash
8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 08:26:11 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5g-TXujm8NfNymjFvAiCsGtYtTow76EyrNbDr2WNZBpYXK8swa92lw==
Age: 27913

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 15:45:20 GMT
expires: Tue, 31 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 1564
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Last-Modified: Tue, 31 Jan 2023 15:48:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ci/KsXBAantTuLppGUVic7eMVtTYVLyyz+BZJjcVAToat+pxCz5bkBu+ThcS9f7Kj80ozd9INJ5yFWByZqX73w==
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 16:11:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Last-Modified: Tue, 31 Jan 2023 15:48:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3c5444c58d6fcf1b2fb3bcff10311a7
9f610e32a917333e0f8d8dd646e4a36b568d440e
ad04ad784518cf27fc8b57e9a8f76b1bc29dd92a7c134314021ff16548b1e9f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Etag: "63d7077a-1d7"
Server: ECS (amb/6B83)
Content-Length: 471

www.americafirst.com/etc/designs/afcu/favicon.ico

206.81.136.154

200 OK

539 B

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/favicon.ico
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
539 B (539 bytes)
Hash
cf6a37e110a617a3e7413b77d97289b8
801be9f2564697765c78184bddd08c62742dc718
d6ef48fc93e655c8b777ffee311f873fd3fb0ebc156b18ac0f34b73c93119045

HTTP Headers

GET /etc/designs/afcu/favicon.ico HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true; _gcl_au=1.1.1379923977.1675181501; _ga_880V30VXTN=GS1.1.1675181501.1.0.1675181501.0.0.0; _ga=GA1.1.1121627442.1675181502
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:24 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For,Accept-Encoding
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:24 GMT
Content-Encoding: gzip
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 539
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

www.americafirst.com/etc/designs/afcu/app-icon.png

206.81.136.154

200 OK

22 kB

URL HTTP/1.1
www.americafirst.com/etc/designs/afcu/app-icon.png
IP
206.81.136.154:0
ASN
#17150 AFCU

File type
PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
22 kB (21908 bytes)
Hash
932d24e68290973a7aca51f7d75aa1ec
79f9906573424ec3c8c14e14c98afcf82e82fa21
a4c742b8570790ea5039e38793f3dd9a46b3d2be81eb9fc9797b31515dd861b6

HTTP Headers

GET /etc/designs/afcu/app-icon.png HTTP/1.1
Host: www.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/services/other-services/atm.html
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true; _gcl_au=1.1.1379923977.1675181501; _ga_880V30VXTN=GS1.1.1675181501.1.0.1675181501.0.0.0; _ga=GA1.1.1121627442.1675181502
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 16:11:24 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://*.americafirst.com;
Vary: X-Forwarded-For
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 02 Mar 2023 16:11:24 GMT
Content-Disposition: inline
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: ALLOW-FROM https://apps.americafirst.com
Content-Length: 21908
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png

sstats.americafirst.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1675181501322

15.236.117.205

200 OK

48 B

URL HTTP/2
sstats.americafirst.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1675181501322
IP
15.236.117.205:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
11b79aaa6ef0d798735cba86c000b121
918e5e34a7290e6d2d6151a6e546919a1a4f9995
67b8c85f0f67c335746b9340671b169c846479a6c3cb204f3374afd9ba15d865

HTTP Headers

GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&ts=1675181501322 HTTP/1.1
Host: sstats.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183361; at_check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://www.americafirst.com
access-control-allow-credentials: true
date: Tue, 31 Jan 2023 16:11:24 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CvVersion%7C5.5.0%7CMCMID%7C00962439532206666192147248179340143043; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:11:11 GMT;
s_ecid=MCMID%7C00962439532206666192147248179340143043; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:11:11 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Tue, 31 Jan 2023 16:11:24 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181501769&cv=11&fst=1675181501769&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.66

200 OK

968 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/791415936/?random=1675181501769&cv=11&fst=1675181501769&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2173), with no line terminators
Size
968 B (968 bytes)
Hash
f4b0a8f442d036ee655496b27d164615
f572c9395b54434745845abd7bb83e31c22eed53
64919aa469c433b251820a03bb53a0904c83cff0cfcabffb0efdfc81d3018fae

HTTP Headers

GET /pagead/viewthroughconversion/791415936/?random=1675181501769&cv=11&fst=1675181501769&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 968
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 16:26:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181501899&cv=11&fst=1675181501899&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.66

200 OK

968 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/614375826/?random=1675181501899&cv=11&fst=1675181501899&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2173), with no line terminators
Size
968 B (968 bytes)
Hash
038ac170a202f6dba5096931c8b4de6b
d878e2cb5ed50e6b9ba974158ebffcba6d5fc743
3426ccc9fb8929d60ac461e8aacb9fe6ca4e4d1a0fbe545622b0ee6c19159943

HTTP Headers

GET /pagead/viewthroughconversion/614375826/?random=1675181501899&cv=11&fst=1675181501899&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&auid=1379923977.1675181501&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 968
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 16:26:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=00962439532206666192147248179340143043&ts=1675181501982

52.18.129.71

200 OK

899 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=00962439532206666192147248179340143043&ts=1675181501982
IP
52.18.129.71:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (2321), with no line terminators
Size
899 B (899 bytes)
Hash
8a2968df87318669e59703572a678e8b
ca1a01e28aa506d93b47f87b11cd7092f761da5c
39beed3dd2358fc09cd92af232a85285de57c9da6a094c11f38ffe9c0d21c3e8

HTTP Headers

GET /id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7873BC75245AD770A490D4D%40AdobeOrg&d_nsid=0&d_mid=00962439532206666192147248179340143043&ts=1675181501982 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.americafirst.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=08537901197400182951675380967956849487; Max-Age=15552000; Expires=Sun, 30 Jul 2023 16:11:24 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: q4Y8oC0zSxc=
Content-Length: 899
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
77afb2fccc7a28d1684cc59890b5bb6d
5faadc812a246f792e988a43453ea92b12b81414
b1668b8b23868a365090dd5fadd8f085ca7df66dc0a58144bda226322cfb67b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3078
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Last-Modified: Tue, 31 Jan 2023 15:20:06 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312

api.glia.com/salemove_integration.js

54.230.111.10

200 OK

8.8 kB

URL HTTP/2
api.glia.com/salemove_integration.js
IP
54.230.111.10:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8817), with no line terminators
Size
8.8 kB (8817 bytes)
Hash
8fbf3720d25bde79ccad301ab0a57770
284c0580081d07ce07cb228a426b282d1c23ef50
4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391

HTTP Headers

GET /salemove_integration.js HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 8817
last-modified: Mon, 30 Jan 2023 22:06:45 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Tue, 31 Jan 2023 16:09:24 GMT
etag: "8fbf3720d25bde79ccad301ab0a57770"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YgsgJp_RypkVcjTdbReqs42KsKVKJHVa7GmDWQ7bMxm9CZbgj5WJjQ==
age: 200
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f8ea24ecb6a19ffdd8ccbccc43eeb6b8
6ffba8f506cbf135ce001d1ab10aa88aae7eb738
29314c2367f53dbcad9155f39a5f71e9f1e70abfc36f0bb525ed1ee4a52428d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Last-Modified: Tue, 31 Jan 2023 14:30:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

region1.google-analytics.com/g/collect?v=2&tid=G-880V30VXTN&gtm=2oe1p0&_p=92821882&cid=1121627442.1675181502&ul=en-us&sr=1280x1024&uaW=1&_s=1&uid=&sid=1675181501&sct=1&seg=0&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&dr=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&dt=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-880V30VXTN&gtm=2oe1p0&_p=92821882&cid=1121627442.1675181502&ul=en-us&sr=1280x1024&uaW=1&_s=1&uid=&sid=1675181501&sct=1&seg=0&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&dr=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&dt=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-880V30VXTN&gtm=2oe1p0&_p=92821882&cid=1121627442.1675181502&ul=en-us&sr=1280x1024&uaW=1&_s=1&uid=&sid=1675181501&sct=1&seg=0&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&dr=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&dt=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.americafirst.com
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t.co/i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29

104.244.42.5

200 OK

42 kB

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29
IP
104.244.42.5:0
ASN
#13414 TWITTER

File type
gzip compressed data, from Unix\012- data
Size
42 kB (42334 bytes)
Hash
f60017a3b2e1dc268f7cd266f9f5f717
e88d67c94638bfda84637aab88ce051ae7932fb5
c81c2a40b55af94a016d8ecec75f030c1ad95de2549859cb143ec74dac128842

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=94692be8-f4b9-4603-a058-c868701d7a57; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:11:24 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 91c3ab6647295e76
strict-transport-security: max-age=0
x-response-time: 120
x-connection-hash: 1462332497ac55950e316c3b25e46bd72f6ba8b7265c7c3ed5753efdf1ebec26
X-Firefox-Spdy: h2

api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&

54.230.111.10

200 OK

9.8 kB

URL HTTP/2
api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&
IP
54.230.111.10:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (9846), with no line terminators
Size
9.8 kB (9846 bytes)
Hash
c726ae7c9e203586b42d9338f2fb8a60
8251aa363586908412f0dbae6b771e4354e6bdb6
ab9a9a97bba976e6e41429530b67019fc2a999bb52041af6f8cdfae38d4ce9b5

HTTP Headers

POST /visitor_config?referrer=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html& HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 9846
date: Tue, 31 Jan 2023 16:11:24 GMT
access-control-allow-origin: https://www.americafirst.com
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
access-control-expose-headers: 
access-control-max-age: 7200
access-control-allow-headers: Content-Type, Accept, Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-site-visitor-config: true
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, max-age=0
set-cookie: visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE0ODQsInZpc2l0b3JfaWQiOiI4YzZiOTcwYy03NjM5LTQxZWQtYWE0Yy03MTI5NWYyZGFlNzgiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.HsBj01JtRh7INZgLbGkYwZZ8l34n4lyNnVByS7pKDzPGHhzcNw3b57oc3-XFGNWnsZ5D6wl2_9IN7aoMg6gcgA; path=/; expires=Wed, 31 Jan 2024 16:11:24 -0000; secure; HttpOnly; SameSite=None
incompat_visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzUxODE0ODQsInZpc2l0b3JfaWQiOiI4YzZiOTcwYy03NjM5LTQxZWQtYWE0Yy03MTI5NWYyZGFlNzgiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.HsBj01JtRh7INZgLbGkYwZZ8l34n4lyNnVByS7pKDzPGHhzcNw3b57oc3-XFGNWnsZ5D6wl2_9IN7aoMg6gcgA; path=/; expires=Wed, 31 Jan 2024 16:11:24 -0000; secure; HttpOnly
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZqQS5-gzmCaEk2bHKpAgfcGcM1qUX9Q50sLP2Y52hRNZPEsgfwoekQ==
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

28 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:0
ASN
#203220 Yahoo! UK Services Limited

File type
ASCII text, with very long lines (43342)
Size
28 kB (28209 bytes)
Hash
2901cf737d8231dd01577ed300854e89
4633f23744e67c41474115b5a9b167b583a30e62
d3c635f5c42a44359f50b8a76447fb4de64898739b23888596ab8c3fff3dd99b

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fFn8f04tXzl468Zh28Q4Yp22snwv1BnZkUJk25ZYGgU1OJVJQGii7mqNDScGNoj5Vj+8sZVsZpk=
x-amz-request-id: KBCE361S3MHQP0YR
date: Tue, 31 Jan 2023 16:11:19 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 6
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

americafirstcreditunion.demdex.net/dest5.html?d_nsid=0

52.18.15.195

200 OK

2.8 kB

URL HTTP/1.1
americafirstcreditunion.demdex.net/dest5.html?d_nsid=0
IP
52.18.15.195:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: americafirstcreditunion.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 31 Jan 2023 16:11:24 GMT
DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: Bnu5rI9lTzg=
Content-Length: 2791
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
beba92ff0bc5737791ba6982e7b0dba5
712af102d8a29ef26a49a16f95e8e90e3d9067b6
a778a2a369102dfbf4c67d64ff337d136f1ae79b4c1f72d0d4d7c0cfb3704e37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4681
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Last-Modified: Tue, 31 Jan 2023 14:53:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-18557726-1&cid=1121627442.1675181502&jid=1722570463&gjid=966024434&_gid=798483354.1675181502&_u=YCDACAAABAAAAC~&z=1671205628

173.194.221.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-18557726-1&cid=1121627442.1675181502&jid=1722570463&gjid=966024434&_gid=798483354.1675181502&_u=YCDACAAABAAAAC~&z=1671205628
IP
173.194.221.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-18557726-1&cid=1121627442.1675181502&jid=1722570463&gjid=966024434&_gid=798483354.1675181502&_u=YCDACAAABAAAAC~&z=1671205628 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.americafirst.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/791415936/?random=1675181501769&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807691824&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&if=false&ts=1675181502314&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181502312.46758247&it=1675181501821&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&if=false&ts=1675181502314&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181502312.46758247&it=1675181501821&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=335590106865602&ev=PageView&dl=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&rl=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&if=false&ts=1675181502314&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675181502312.46758247&it=1675181501821&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 31 Jan 2023 16:11:24 GMT
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/614375826/?random=1675181501899&cv=11&fst=1675180800000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&ref=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&tiba=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3703189975&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10143434.json

87.248.119.252

200 OK

2 B

URL HTTP/2
s.yimg.com/wi/config/10143434.json
IP
87.248.119.252:0
ASN
#203220 Yahoo! UK Services Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10143434.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: QCRG9B2CVV9K6TNG
x-amz-id-2: nyOgLugHem3R+Kw4uqeshsvztE+iOlEfi5w4NDhInK61q1j2ejzk/qfvevS2HTx9yAeWzQXtmpc=
content-type: application/json
date: Tue, 31 Jan 2023 15:45:32 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1553
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 16:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
22f354b4c3e0d843d9c97a01b3cbe488
c13ccb3b4da0438175000684f534fa15c4b11fb2
fbde4ea91eadcde8b0d4ba5a92fdb848a9623328e0cd4eb64ed0390a86d22b0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167046
Date: Tue, 31 Jan 2023 16:11:24 GMT
Etag: "63d91f2b-1d7"
Expires: Thu, 02 Feb 2023 14:35:30 GMT
Last-Modified: Tue, 31 Jan 2023 14:01:15 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1n0RJB7QNPLKDCorY1GdwnVGxW0HI_v3LYeZLELZsibf74uIvf9lRA==
Age: 2055

sstats.americafirst.com/b/ss/afcu.global/1/JS-2.23.0-LCXS/s99748959441873?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A11%3A42%202%200&sdid=09804B9E27FD5E6E-4912E9452C8A12A7&mid=00962439532206666192147248179340143043&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1

15.236.117.205

200 OK

43 B

URL HTTP/2
sstats.americafirst.com/b/ss/afcu.global/1/JS-2.23.0-LCXS/s99748959441873?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A11%3A42%202%200&sdid=09804B9E27FD5E6E-4912E9452C8A12A7&mid=00962439532206666192147248179340143043&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1
IP
15.236.117.205:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/afcu.global/1/JS-2.23.0-LCXS/s99748959441873?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2016%3A11%3A42%202%200&sdid=09804B9E27FD5E6E-4912E9452C8A12A7&mid=00962439532206666192147248179340143043&aamlh=6&ce=UTF-8&ns=americafirstcreditunion&cdp=2&fpCookieDomainPeriods=2&pageName=www%3Apersonal%3Aservices%3Aother-services%3Aatm&g=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&r=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&cc=USD&ch=personal&events=prodView&products=%3Baccounts%3B&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=www&c2=services&c3=other-services&v3=user%3A%20age&c4=%20&v5=en&c6=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&v17=desktop&v18=landscape&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=A7873BC75245AD770A490D4D%40AdobeOrg&AQE=1 HTTP/1.1
Host: sstats.americafirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Cookie: AMCV_A7873BC75245AD770A490D4D%40AdobeOrg=179643557%7CMCIDTS%7C19389%7CMCMID%7C00962439532206666192147248179340143043%7CMCAID%7CNONE%7CMCOPTOUT-1675188702s%7CNONE%7CMCAAMLH-1675786302%7C6%7CMCAAMB-1675786302%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.5.0; mbox=session#5b0b1c6ab38c48f5b14184761c2acb68#1675183363|PC#5b0b1c6ab38c48f5b14184761c2acb68.37_0#1738426303; at_check=true; _gcl_au=1.1.1379923977.1675181501; _ga_880V30VXTN=GS1.1.1675181501.1.0.1675181501.0.0.0; _ga=GA1.2.1121627442.1675181502; _gid=GA1.2.798483354.1675181502; _gat=1; s_ecid=MCMID%7C00962439532206666192147248179340143043; AMCVS_A7873BC75245AD770A490D4D%40AdobeOrg=1; _fbp=fb.1.1675181502312.46758247; s_ppv=www%253Apersonal%253Aservices%253Aother-services%253Aatm%2C38%2C38%2C939%2C1%2C2; s_ips=939; s_tp=2486; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 31 Jan 2023 16:11:25 GMT
expires: Mon, 30 Jan 2023 16:11:25 GMT
last-modified: Wed, 01 Feb 2023 16:11:25 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C00962439532206666192147248179340143043; Path=/; Domain=americafirst.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:11:11 GMT;
etag: 3597424847100772352-4619766894765003548
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29

104.244.42.131

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29
IP
104.244.42.131:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=afbf4c48-87a2-43dc-8434-8f81c8194f7a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6100f7d5-40dd-4ad2-bdaa-73c0d01978eb&tw_document_href=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1epw&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_qcak5fSZtS6vcdpVfsUZ5w=="; Max-Age=63072000; Expires=Thu, 30 Jan 2025 16:11:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 55b87d77b3e68780
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 5a4e96f7d1b042574892b030550e32c7333a03acd236e4d5ed812766d235693a
X-Firefox-Spdy: h2

cm.everesttech.net/cm/dd?d_uuid=08537901197400182951675380967956849487

18.201.4.185

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=08537901197400182951675380967956849487
IP
18.201.4.185:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=08537901197400182951675380967956849487 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Tue, 31 Jan 2023 16:11:25 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9k9rQAAAMgj6QOV; Domain=.everesttech.net; Expires=Wed, 31-Jan-2024 16:11:25 GMT; Path=/
everest_session_v2=Y9k9rQAAAMgj6gOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV
Server: AMO-cookiemap/1.1

libs.salemove.com/visitor/bootstrapper-b699746e7.js

54.230.111.92

200 OK

168 kB

URL HTTP/2
libs.salemove.com/visitor/bootstrapper-b699746e7.js
IP
54.230.111.92:0
ASN
#16509 AMAZON-02

File type
data
Size
168 kB (167731 bytes)
Hash
f53be4d98a3a54de3b76715782f7e8e1
823465f4a57b23f1dfd1e2f86f79b5a4e2229f03
b14daa292a4f40a6e0be1147f03c84f25fde806806e4762110b6aeece24e5512

HTTP Headers

GET /visitor/bootstrapper-b699746e7.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 24 Jan 2023 01:31:22 GMT
last-modified: Wed, 11 Jan 2023 09:37:32 GMT
etag: W/"2165cd2f7e440e8923eb5db1f3658f0e"
x-amz-meta-s3cmd-attrs: md5:2165cd2f7e440e8923eb5db1f3658f0e
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: brYo3eEfBjIdHAStjMl6QoOIfwq3sgj8BeSXPAZWh7KeUVCJSWxxTA==
age: 657603
X-Firefox-Spdy: h2

dpm.demdex.net/ibs:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV

52.18.129.71

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV
IP
52.18.129.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=08857786377673948451755874733775733972; Max-Age=15552000; Expires=Sun, 30 Jul 2023 16:11:25 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +RouLaEXTmw=
Content-Length: 0
Connection: keep-alive

libs.salemove.com/visitor/webcomponents_es5-b699746e7.js

54.230.111.92

200 OK

936 B

URL HTTP/2
libs.salemove.com/visitor/webcomponents_es5-b699746e7.js
IP
54.230.111.92:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (390)
Size
936 B (936 bytes)
Hash
f86098c5208655efb405300993461936
a0a5b6aea7bbb6a51940f8c874aee109477c7b56
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db

HTTP Headers

GET /visitor/webcomponents_es5-b699746e7.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 936
date: Tue, 17 Jan 2023 05:31:50 GMT
last-modified: Wed, 11 Jan 2023 09:37:33 GMT
etag: "f86098c5208655efb405300993461936"
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: USdB7fRkmJ0hBRmAAGKG1xKdHQCEOMtRppxdafqtyJth0pY65xNSoA==
age: 1247976
X-Firefox-Spdy: h2

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV

52.18.129.71

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV
IP
52.18.129.71:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9k9rQAAAMgj6QOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.americafirst.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: SJu7ydVoSNA=
Content-Length: 59
Connection: keep-alive

api.salemove.com/visitor_app/37823f27/sites/e145621f-e1f5-4daf-91b1-a9fe91fef2f6/custom_locales/English_custom/0117d7193c5925

54.230.111.22

200 OK

12 kB

URL HTTP/2
api.salemove.com/visitor_app/37823f27/sites/e145621f-e1f5-4daf-91b1-a9fe91fef2f6/custom_locales/English_custom/0117d7193c5925
IP
54.230.111.22:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12363), with no line terminators
Size
12 kB (12369 bytes)
Hash
f0e50ca9285b423371c1e60b38a7377f
11c46eb2a30754e32457453b2c406c9b5d1d0487
dca1627becde1bd4ba8289d69314879158d29acef87e32aced90a3abbea825a2

HTTP Headers

GET /visitor_app/37823f27/sites/e145621f-e1f5-4daf-91b1-a9fe91fef2f6/custom_locales/English_custom/0117d7193c5925 HTTP/1.1
Host: api.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.americafirst.com
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 12369
date: Thu, 12 Jan 2023 08:10:07 GMT
access-control-allow-origin: https://www.americafirst.com
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
access-control-expose-headers: 
access-control-max-age: 7200
access-control-allow-headers: Content-Type, Accept, Authorization
cache-control: public, max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ytFfzKA_CwkcAS5AZRXvC6i6vByxonpaQJgM3aVNwfCBUBz846kNrA==
age: 1670478
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10167917&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:25 GMT
expires: Tue, 31 Jan 2023 16:11:25 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBK092WMCEEzpmASS4SxNmiqVYqFNwxEFEgEBAQGP2mPjYwAAAAAA_eMAAA&S=AQAAAmVVY7P0nsXJRsuNey0bQRc; Expires=Wed, 31 Jan 2024 22:11:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A11%3A42%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A11%3A42%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Tue%2C%2031%20Jan%202023%2016%3A11%3A42%20GMT&n=0&b=Free%20ATM%20Machine%20Locations%20in%20Utah%20and%20Nevada-%20America%20First%20Credit%20Union&.yp=10143434&f=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&e=https%3A%2F%2Famfdc5u.firebaseapp.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:25 GMT
expires: Tue, 31 Jan 2023 16:11:25 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBK092WMCEEyBDjw1tfSwCTAMXJHN7jQFEgEBAQGP2mPjYwAAAAAA_eMAAA&S=AQAAAlAau87vbfZ4589VvTsn_kI; Expires=Wed, 31 Jan 2024 22:11:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjBmMjFmMmMxLTIzMzgtNDg0OS05ZTIxLWJiZGJiNmM5OGUwNiJ9.eyJpYXQiOjE2NzUxODE0ODQsImV4cCI6MTY3NjM5MTA4NCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo4YzZiOTcwYy03NjM5LTQxZWQtYWE0Yy03MTI5NWYyZGFlNzgiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiOGM2Yjk3MGMtNzYzOS00MWVkLWFhNGMtNzEyOTVmMmRhZTc4In0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.xA7hH2o1W9HJfotZ2dnKHwIR-mEt4j7w0XfA0QK5wEW5dVbyvQ1pq14hT6dItTa2tx-WvJE-lzZkyIWoZLer2Q&priority=low&vsn=2.0.0

34.226.49.141

101 Switching Protocols

0 B

URL HTTP/1.1
pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjBmMjFmMmMxLTIzMzgtNDg0OS05ZTIxLWJiZGJiNmM5OGUwNiJ9.eyJpYXQiOjE2NzUxODE0ODQsImV4cCI6MTY3NjM5MTA4NCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo4YzZiOTcwYy03NjM5LTQxZWQtYWE0Yy03MTI5NWYyZGFlNzgiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiOGM2Yjk3MGMtNzYzOS00MWVkLWFhNGMtNzEyOTVmMmRhZTc4In0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.xA7hH2o1W9HJfotZ2dnKHwIR-mEt4j7w0XfA0QK5wEW5dVbyvQ1pq14hT6dItTa2tx-WvJE-lzZkyIWoZLer2Q&priority=low&vsn=2.0.0
IP
34.226.49.141:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjBmMjFmMmMxLTIzMzgtNDg0OS05ZTIxLWJiZGJiNmM5OGUwNiJ9.eyJpYXQiOjE2NzUxODE0ODQsImV4cCI6MTY3NjM5MTA4NCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjo4YzZiOTcwYy03NjM5LTQxZWQtYWE0Yy03MTI5NWYyZGFlNzgiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiOGM2Yjk3MGMtNzYzOS00MWVkLWFhNGMtNzEyOTVmMmRhZTc4In0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6ImUxNDU2MjFmLWUxZjUtNGRhZi05MWIxLWE5ZmU5MWZlZjJmNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiZTE0NTYyMWYtZTFmNS00ZGFmLTkxYjEtYTlmZTkxZmVmMmY2Il19XX0.xA7hH2o1W9HJfotZ2dnKHwIR-mEt4j7w0XfA0QK5wEW5dVbyvQ1pq14hT6dItTa2tx-WvJE-lzZkyIWoZLer2Q&priority=low&vsn=2.0.0 HTTP/1.1
Host: pubsub.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.americafirst.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AocYg6higZOYc4uF8kz+Kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Tue, 31 Jan 2023 16:11:24 GMT
sec-websocket-accept: sRUQEHfWeJRKIcXXMpO5X75Re3Y=
server: envoy
upgrade: websocket

integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js

54.230.111.17

200 OK

0 B

URL HTTP/2
integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/silvercloudjs/silvercloud.js HTTP/1.1
Host: integration.silvercloudinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 01:49:03 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 31 Jan 2023 05:42:54 GMT
etag: W/"80f213d3a2f208a7129b19b16ceaefaa"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yWQZtmk94IasWguMqUt9fzAgXMQjRyoAj6kFWCMc-e0cKNNdpu3ulQ==
age: 38694
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

libs.salemove.com/visitor-app.37823f27.min.js

54.230.111.92

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.37823f27.min.js
IP
54.230.111.92:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.37823f27.min.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 11 Jan 2023 12:01:51 GMT
last-modified: Wed, 11 Jan 2023 10:17:48 GMT
etag: W/"950058b651ed103cd653c72cc9bc8d61"
x-amz-meta-s3cmd-attrs: md5:950058b651ed103cd653c72cc9bc8d61
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wkEF491OKjSq3g3qE9cC-pEBwKrdL8wip0YTUeyiYXBOZ_9jJVwZgw==
age: 1742975
X-Firefox-Spdy: h2

libs.salemove.com/visitor-app.37823f27.default.css

54.230.111.92

200 OK

0 B

URL HTTP/2
libs.salemove.com/visitor-app.37823f27.default.css
IP
54.230.111.92:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /visitor-app.37823f27.default.css HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 23 Jan 2023 05:56:57 GMT
last-modified: Wed, 11 Jan 2023 10:17:48 GMT
etag: W/"e3c368308d2549c22efd3b5cf7add0ae"
x-amz-meta-s3cmd-attrs: md5:e3c368308d2549c22efd3b5cf7add0ae
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lSF1vKK6jt1To-hkiNM0ZBx7UvDzlnukb0OuNWukD_WeIcwWCHqYzw==
age: 728069
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=w9sdam5&ref=https%3A%2F%2Fwww.americafirst.com%2Fservices%2Fother-services%2Fatm.html&upid=y1mqx27&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.americafirst.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 16:11:25 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML