myfw.com Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myfw.com/login/
Submission: On November 18 via api (November 18th 2023, 4:37:36 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 1 countries across 19 domains to perform 53 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is myfw.com.
TLS certificate: Issued by E1 on September 22nd 2023. Valid for: 3 months.

This is the only time myfw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e4a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:50ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	3.161.188.14 3.161.188.14	16509 (AMAZON-02) (AMAZON-02)
2	2600:1408:c40... 2600:1408:c400:2b::17de:4ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::93	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.191.77 99.84.191.77	16509 (AMAZON-02) (AMAZON-02)
2 2	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	3.161.188.120 3.161.188.120	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
53	22

19 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

myfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.188.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-188-14.atl59.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:2b::17de:4ce (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.188.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-188-120.atl59.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	myfw.com myfw.com	499 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	79 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	247 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	525 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2298	1 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2687	257 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3361	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
53	19

	Domain	Requested by
19	myfw.com	myfw.com
4	www.google.com	myfw.com
3	bat.bing.com	myfw.com bat.bing.com
3	www.googletagmanager.com	myfw.com www.googletagmanager.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	www.googleadservices.com	2 redirects
2	www.gstatic.com	myfw.com www.gstatic.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.facebook.com
1	track.hubspot.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api.hubapi.com	js.hsadspixel.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	myfw.com
1	js.hs-scripts.com	myfw.com
53	24

This site contains links to these domains. Also see Links.

Domain
myfw.gcs-web.com
mortgage.myfw.com
cibng.ibanking-services.com
fwtb.ebanking-services.com
fwtb.accessasc.com
www.myaccountaccess.com
direct.imagedepositgateway.com
www.myvirtualmerchant.com
fisl.outsystemsenterprise.com
www.google.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
myfw.com E1	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-27` - `2023-11-25`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://myfw.com/login/
Frame ID: 222894CC72D6C7AC24FC8A814FD065DE
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - First Western Trust

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

78 %
IPv6

19
Domains

24
Subdomains

22
IPs

1
Countries

1054 kB
Transfer

2416 kB
Size

21
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://myfw.gcs-web.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://mortgage.myfw.com/
Title: Mortgage Services

Search URL Search Domain Scan URL

URL: https://cibng.ibanking-services.com/EamWeb/Account/Login.aspx?orgId=519_102007011&FIFID=102007011&brand=519_102007011&appId=CeB&FIORG=519
Title: iWealth Banking

Search URL Search Domain Scan URL

URL: https://fwtb.ebanking-services.com/EamWeb/account/login.aspx?appId=beb&brand=fwtb
Title: iWealth Business Banking

Search URL Search Domain Scan URL

URL: https://fwtb.accessasc.com/Account/Login?ReturnUrl=%2F
Title: Wealth Trust & Investment Management

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do?theme=elan1&loc=17029
Title: First Western Credit Card

Search URL Search Domain Scan URL

URL: https://direct.imagedepositgateway.com/merchant/0519/
Title: First Western Remote Deposit Capture

Search URL Search Domain Scan URL

URL: https://www.myvirtualmerchant.com/VirtualMerchant/
Title: First Western Virtual Merchant

Search URL Search Domain Scan URL

URL: https://fisl.outsystemsenterprise.com/DemoStudio/PublicDemoAccess?PublicKey=c4ea63ce-e228-4ff7-be35-7ba0f6cf100b
Title: View a demo.

Search URL Search Domain Scan URL

URL: https://www.google.com/search?client=firefox-b-1-d&sa=X&biw=1440&bih=826&q=first+western+trust+denver+co&npsic=0&rflfq=1&rlha=0&rllag=39736318,-104978546,2859&tbm=lcl&ved=2ahUKEwiB5rCM-prpAhWCYTUKHZ01Dr8QtgN6BAgHEAQ&tbs=lrf:!1m4!1u3!2m2!3m1!1e1!1m5!1u15!2m2!15m1!1shas_1wheelchair_1accessible_1entrance!4e2!2m1!1e3!3sIAE,lf:1,lf_ui:4&rldoc=1#rlfi=hd:;si:1568259790141259408,l,Ch1maXJzdCB3ZXN0ZXJuIHRydXN0IGRlbnZlciBjbyIDiAEBWjQKE2ZpcnN0IHdlc3Rlcm4gdHJ1c3QiHWZpcnN0IHdlc3Rlcm4gdHJ1c3QgZGVudmVyIGNv;mv:[[39.754446699999995,-104.9494058],[39.7181907,-105.0076871]]
Title: 1900 16th StreetSuite 1200Denver, CO 80202

Search URL Search Domain Scan URL

URL: https://mortgage.myfw.com/team/
Title: Mortgage Services

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstwesterntrust/

Search URL Search Domain Scan URL

URL: https://twitter.com/MyFirstWestern

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/first-western-trust/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FirstWesternTrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.googleadservices.com/pagead/conversion/981110430/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM&ct_eid=2 HTTP 302
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM

Request Chain 45

https://www.googleadservices.com/pagead/conversion/981110430/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD&ct_eid=2 HTTP 302
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
myfw.com/login/ 50 KB
11 KB 260ms
199ms Document
text/html 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 201357a436c36fe0ce823d6f68e58c330785a6d3f84762c4fdb2ff507618805e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8281a371fa7f4bc7-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 16:37:30 GMT
last-modified: Mon, 13 Nov 2023 17:02:08 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 117ms
50ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981110430

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c75f05d3b85c7b77ad3860f528ca707afde23aee2923115cf73675da12102f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75292
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 16:37:30 GMT

GET
H2 200 autoptimize_d8b54561337c9eb6abd645b47d38c48c.css
myfw.com/wp-content/cache/autoptimize/css/ 133 KB
20 KB 33ms
30ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-content/cache/autoptimize/css/autoptimize_d8b54561337c9eb6abd645b47d38c48c.css
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4673e072f47e08fac243b3a1c3dfeadf9e9dbb47fe0ce087f3df97c3fa025e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 15:58:35 GMT
server: cloudflare
age: 11508
etag: W/"655247ab-21425"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a3734a8a4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
myfw.com/wp-includes/js/jquery/ 85 KB
31 KB 30ms
28ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:18:24 GMT
server: cloudflare
age: 119545
etag: W/"6508a280-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a3734a8b4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
myfw.com/wp-includes/js/jquery/ 13 KB
5 KB 27ms
25ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:18:22 GMT
server: cloudflare
age: 119545
etag: W/"6508a27e-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a3734a8c4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
myfw.com/wp-content/themes/madison-taylor-marketing/assets/js/ 7 KB
3 KB 29ms
27ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-content/themes/madison-taylor-marketing/assets/js/lazysizes.min.js
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b0fd2683ae04fe8c136fe634032e6423ddeb28dea83342d58975821737e755

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:18:23 GMT
server: cloudflare
age: 119545
etag: W/"6508a27f-1a85"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a3734a8d4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 lity.min.js Show response
myfw.com/wp-content/themes/madison-taylor-marketing/assets/lity/ 6 KB
3 KB 46ms
44ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-content/themes/madison-taylor-marketing/assets/lity/lity.min.js
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b1a43f372796e82f5d55d3cb1a21bc1182bdc2582ee8bc19c0bb71f40c4a36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:17:13 GMT
server: cloudflare
age: 119545
etag: W/"6508a239-19f0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a3734a8e4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 FWT-Logo_White-300x168.webp
myfw.com/wp-content/uploads/2020/07/ 2 KB
2 KB 26ms
24ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/FWT-Logo_White-300x168.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee452db701b761fba2b42e3b4c091fd3d5eaee12ac95cec576988d083621ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:16:14 GMT
server: cloudflare
age: 11508
etag: "6508a1fe-8f2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a3734a8f4bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2290

GET
H2 200 Colbert_MesaVerde-e1596047218809-300x115.webp
myfw.com/wp-content/uploads/2020/07/ 9 KB
9 KB 27ms
26ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/Colbert_MesaVerde-e1596047218809-300x115.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01471f7a6c6a3ebb00c8945fdd139775e7346052b91e3b04bf636be051fb97ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:17:12 GMT
server: cloudflare
age: 11508
etag: "6508a238-2238"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a3734a904bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 8760

GET
H2 200 Untitled-design-1.webp
myfw.com/wp-content/uploads/2023/04/ 83 KB
84 KB 26ms
23ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2023/04/Untitled-design-1.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e1be5a780e48e2051c15ed6bb43ad78588db642b691314feed383d651ea526

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:10:33 GMT
server: cloudflare
age: 11508
etag: "6508a0a9-14d8a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a3737a924bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 85386

GET
H2 200 15_May-27-2020.webp
myfw.com/wp-content/uploads/2023/03/ 213 KB
213 KB 31ms
29ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2023/03/15_May-27-2020.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73915e926831ee1a2f78304614abe0a2d680ad7c3e90cb56d5ff082bc1475fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:10:35 GMT
server: cloudflare
age: 11507
etag: "6508a0ab-3523c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a3737a934bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 217660

GET
H3 200 Bg-25x14.webp
myfw.com/wp-content/uploads/2020/05/ 148 B
362 B 26ms
24ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/05/Bg-25x14.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32123d449ec469693a72bf13052e8ef5ea5ce16a4bbaf3e6f27f8e7bddba13a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:13:31 GMT
server: cloudflare
age: 11508
etag: "6508a15b-94"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac3b4bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 148

GET
H3 200 FWT-Logo_White-25x14.webp
myfw.com/wp-content/uploads/2020/07/ 252 B
429 B 27ms
23ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/FWT-Logo_White-25x14.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a081b8d297826c86e8c25833af6d1dc4a957f53741e61ca790fe87155803df94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:13:51 GMT
server: cloudflare
age: 11508
etag: "6508a16f-fc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac3d4bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 252

GET
H3 200 Equal-Housing-Lender.png
myfw.com/wp-content/uploads/2020/05/ 1 KB
1 KB 28ms
24ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/05/Equal-Housing-Lender.png
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118fa4401c193e1108d9703efc1286cf787917d148ae7c012d1d39b2eab8f1fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
age: 11508
cf-polished: origFmt=png, origSize=1381
content-disposition: inline; filename="Equal-Housing-Lender.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1182
cf-bgj: imgq:100,h2pri
last-modified: Mon, 18 Sep 2023 19:15:42 GMT
server: cloudflare
etag: "6508a1de-565"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac3e4bc9-BUF

GET
H3 200 Facebook-13x25.webp
myfw.com/wp-content/uploads/2020/07/ 192 B
368 B 28ms
24ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/Facebook-13x25.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b00e50ce6da872e7431ed2e8e7c4852404b252e1f74b1519bf731f69ee7208

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:13:38 GMT
server: cloudflare
age: 11508
etag: "6508a162-c0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac3f4bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 192

GET
H3 200 Twitter-25x20.webp
myfw.com/wp-content/uploads/2020/07/ 302 B
479 B 28ms
25ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/Twitter-25x20.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4877fc8e94ec82ee3e178f316bee71b3f208364199f793a6b8b3596fe7e7f812

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:14:43 GMT
server: cloudflare
age: 11508
etag: "6508a1a3-12e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac404bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 302

GET
H3 200 LinkedIn-25x23.webp
myfw.com/wp-content/uploads/2020/07/ 276 B
454 B 29ms
26ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/LinkedIn-25x23.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e876943eed12dc0cac2ab11d62bfd3df88364f81ae1cb9558bdd562617e046a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:10:09 GMT
server: cloudflare
age: 11508
etag: "6508a091-114"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac414bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 276

GET
H3 200 YouTube-25x17.webp
myfw.com/wp-content/uploads/2020/07/ 250 B
427 B 29ms
26ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/YouTube-25x17.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e252a78e5e39cdf8afa532206193b4b0fc46f4988f4e5e0b1b3e22225c95d2a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:17:13 GMT
server: cloudflare
age: 11508
etag: "6508a239-fa"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373ac424bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 250

GET
H2 200 468003.js Show response
js.hs-scripts.com/ 1 KB
1 KB 135ms
68ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/468003.js?integration=WordPress&ver=10.2.5

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562e3b0e997856175024aad4d86b523e10728b527682e8a76e81d027ac699f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 608a3fc1-628f-444e-98db-4e9c9853c73b
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 608a3fc1-628f-444e-98db-4e9c9853c73b
last-modified: Sat, 18 Nov 2023 13:25:42 GMT
server: cloudflare
x-trace: 2B15B4B9E81881D3CE99A557E2E2AF148B048FB92D000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://myfw.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-66c9b4c4f4-mdq7c
cf-ray: 8281a3741f584bc0-BUF
expires: Sat, 18 Nov 2023 16:38:30 GMT

GET
H3 200 autoptimize_single_e6e752dd18209b0f932e5a6a6672aeac.js Show response
myfw.com/wp-content/cache/autoptimize/js/ 3 KB
1 KB 31ms
28ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://myfw.com/wp-content/cache/autoptimize/js/autoptimize_single_e6e752dd18209b0f932e5a6a6672aeac.js
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b912305c377c5eead3cc0bd9eec15022f8d1514a4a20278ff0063ef430518195

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 15:58:35 GMT
server: cloudflare
age: 119545
etag: W/"655247ab-cd3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8281a373ac3c4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
77 KB 90ms
88ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7B9NH

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b81ad9592257f0fbbefed56cabffde12872eb30cfd55938017924e59392ab5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78328
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 16:37:30 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 99ms
33ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 11:13:24 GMT

GET
H3 200 Colbert_MesaVerde-e1596047218809-2048x788.webp
myfw.com/wp-content/uploads/2020/07/ 113 KB
114 KB 24ms
24ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfw.com/wp-content/uploads/2020/07/Colbert_MesaVerde-e1596047218809-2048x788.webp
Requested by: Host: myfw.com
URL: https://myfw.com/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fb2ceb22df132f026a34250486db86ac8ae63e966fd647a13c0e8cd7a3b700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:30 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 19:11:14 GMT
server: cloudflare
age: 11507
etag: "6508a0d2-1c5ce"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8281a373dc474bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 116174

GET
H2 200 css
fonts.googleapis.com/ 4 KB
880 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700%7CLato:400&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39b2ea3a064167a8936e0669f6215a74e0fa1a8d056bf1fa23e3d4035cae56af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 16:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 16:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 16:37:30 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/468003/ 65 KB
20 KB 193ms
129ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/468003/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/468003.js?integration=WordPress&ver=10.2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ad9639ef70ab3ed0b0ab28254f2363000c8d7242eae3d0749217a1a434ce12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
x-amz-version-id: B1FyiQK_7Bgbncrc0ZKjyamZ3D4SD1tI
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 5WHBAYVFDZ17C13N
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 88161f09-822f-4e8f-a268-147a2bee594e
x-envoy-upstream-service-time: 18
x-amz-id-2: dZurs5iFDubHH+eTb3Z12CaaXUL0MylUWTKPAG3CSPYyhYd9yg4PDA/ZMbh+zLtL4XcyJnIrbVM=
x-evy-trace-listener: listener_https
x-request-id: 88161f09-822f-4e8f-a268-147a2bee594e
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 15:57:22 GMT
server: cloudflare
etag: W/"029ca1039387a75fd07c97dc50fe099d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://myfw.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-mlgh4
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8281a374ff714bc0-BUF
expires: Sat, 18 Nov 2023 16:42:31 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 101ms
36ms Script
application/javascript 2606:4700::6811:e4a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/468003.js?integration=WordPress&ver=10.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
x-amz-version-id: MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 01f28eee-1646-4c59-96ce-7d55e1d92e82
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=81cb8099ea756aca-EWR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
age: 194
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 01f28eee-1646-4c59-96ce-7d55e1d92e82
last-modified: Fri, 27 Oct 2023 13:56:49 UTC
server: cloudflare
etag: W/"14edbc97b72939e54b0993394190ecf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
cf-ray: 8281a374ff724bc0-BUF
x-amz-cf-id: NZx6NClCNSBtP2sWnpckO1rfAhPul4sRVqUYlIUyuAkI665naJLEsQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.494/bundles/pixels-release.js

GET
H2 200 468003.js Show response
js.hs-analytics.net/analytics/1700325300000/ 66 KB
21 KB 143ms
78ms Script
text/javascript 2606:4700::6810:50ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1700325300000/468003.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/468003.js?integration=WordPress&ver=10.2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ff1efaea8b679bc00054785f25ed8ef924261c4d54f5f486d149e41e1a8068

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: VRF7V86Z0AAWCVHZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7a6f0118-2e13-4cc2-aca1-490fbcefb717
x-envoy-upstream-service-time: 16
x-amz-id-2: nOoJsZeKIL7qFdQGzgzxD9dNKiL2hrI4rUspro07Pzgbkysu6ON6QMeLRpJ2z6XG1bHM7gats3U=
x-evy-trace-listener: listener_https
x-request-id: 7a6f0118-2e13-4cc2-aca1-490fbcefb717
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 17:12:25 GMT
server: cloudflare
etag: W/"f55311c5c4694340d2ec025cd44b3f1e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-28qjm
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8281a374f90c4bcc-BUF
expires: Sat, 18 Nov 2023 16:42:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981110430/ 2 KB
2 KB 108ms
44ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981110430/?random=1700325450986&cv=11&fst=1700325450986&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892095170&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmyfw.com%2Flogin%2F&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20First%20Western%20Trust&auid=1206454741.1700325451&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981110430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27e15c231b1b1fab757ca843f4faf15d8d8e16f67dcb12e5396af87a63a7fb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
36 KB 96ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700%7CLato:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myfw.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:49:23 GMT
x-content-type-options: nosniff
age: 222488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 02:49:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 132ms
69ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700%7CLato:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myfw.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:57:09 GMT
x-content-type-options: nosniff
age: 222022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 02:57:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
96 KB 59ms
58ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6H1MGH7HTB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B9NH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d17fc09ca3ae4c4b7fd15e77f26caa1e73b1ed44fed7e26255c1960ea3e21a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98478
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 16:37:31 GMT

GET
H2 200 hotjar-1744589.js Show response
static.hotjar.com/c/ 9 KB
4 KB 231ms
136ms Script
application/javascript 3.161.188.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1744589.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B9NH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.188.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-188-14.atl59.r.cloudfront.net

Software

Resource Hash

44d899c213fe7e91a4fa3197cf9b718036b6127a7a4fa16ae72110f727961193

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 16:37:31 GMT
via: 1.1 672219a79c747e96501b7ae4734b91c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL59-P7
etag: W/b4a6d90dbbd768d27c89f3075bf88315
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: TJOtg_kfzOgiktQ26KOiV-h7mbPsMfw9etpvs3FFA6vUlHXDat9ZNA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 118ms
33ms Script
application/javascript 2600:1408:c400:2b::17de:4ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7B9NH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2b::17de:4ce Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 09:07:27 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33592
accept-ranges: bytes
content-length: 3840

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 113ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 18 Nov 2023 16:37:30 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 692ED6F803D3498C8FFB375F83E8935F Ref B: NYCEDGE1420 Ref C: 2023-11-18T16:37:31Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13187

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 98ms
29ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Nov 2023 16:46:38 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981110430/ 42 B
455 B 111ms
45ms Image
image/gif 2607:f8b0:4004:c07::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981110430/?random=1700325450986&cv=11&fst=1700323200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892095170&u_w=1600&u_h=1200&url=https%3A%2F%2Fmyfw.com%2Flogin%2F&frm=0&tiba=Login%20-%20First%20Western%20Trust&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNNyM2tke7GCZuAgjwsSTTDgOeC8rFuA&random=3014855146&rmt_tld=0&ipr=y

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 101ms
39ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6H1MGH7HTB&gtm=45je3b81v892582265z872647677&_p=1700325450771&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=357059512.1700325451&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1700325451&sct=1&seg=0&dl=https%3A%2F%2Fmyfw.com%2Flogin%2F&dt=Login%20-%20First%20Western%20Trust&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=726
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6H1MGH7HTB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myfw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 106ms
40ms Ping
text/plain 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6H1MGH7HTB&cid=357059512.1700325451&gtm=45je3b81v892582265z872647677&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6H1MGH7HTB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myfw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:11:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Nov 2024 05:11:27 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 33ms
33ms Script
application/x-javascript 2600:1408:c400:2b::17de:4ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2b::17de:4ce Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81720
accept-ranges: bytes
content-length: 3272

GET
H2 204 5257067.js Show response
bat.bing.com/p/action/ 0
116 B 43ms
42ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5257067.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 18 Nov 2023 16:37:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5EED51750046446B9572BAAFCD581B6D Ref B: NYCEDGE1420 Ref C: 2023-11-18T16:37:31Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 116ms
115ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5257067&Ver=2&mid=ee92172e-f893-4f8c-8823-6de430e24630&sid=c4c5d760863011ee85ea4b09215fd0e2&vid=c4c60610863011ee940073fd54a714a0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20-%20First%20Western%20Trust&p=https%3A%2F%2Fmyfw.com%2Flogin%2F&r=&lt=433&evt=pageLoad&sv=1&rn=753482

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 16:37:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9AF51A28AB744EA80BA6F672AED8B3A Ref B: NYCEDGE1420 Ref C: 2023-11-18T16:37:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 253 B
1 KB 144ms
78ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=468003

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5434ce9e4e2700ad282f01209bce2fb1c25caa0f4adbfd75d60502647de56c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dd5a4b7b-f168-4257-b657-af24a4865c9f
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dd5a4b7b-f168-4257-b657-af24a4865c9f
server: cloudflare
x-trace: 2B8610F5C1B27B8D81F97C68D935FCF748C7A6CE16000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://myfw.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-66c9b4c4f4-2cnwj
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8yofQlE9Ec6WhQxZ8Hychd86RVvr%2F9vnnuIL19qwV2DR04R58moLTEOsroMsIRHuSMdLRi4x9tKxBAMUsDbK8lraYWouk8b23kQyH50mVpsnYTfcC%2Fcm8%2BJ2Ss3PEvb1RKJ9X2AGeB6K4S%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8281a377081c6aee-BUF
access-control-allow-headers: *

GET
H2 200 modules.78e2d84033035343416f.js Show response
script.hotjar.com/ 225 KB
56 KB 131ms
36ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.78e2d84033035343416f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1744589.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8ad5a9cbb864898c238f716c1a12623c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 184645
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57067
last-modified: Thu, 16 Nov 2023 13:19:14 GMT
etag: "7b69405e970c278e52f057627811a838"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZuGzra0HmcbzK28Q1kMPHEll7LNDUwLbmeuPlQEUTntSolywFlAUOg==

GET
H2

200

wcm Show response
www.google.com/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/981110430/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM&ct_eid=2
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM

80 B
244 B

41ms
41ms

XHR
application/json

2607:f8b0:4004:c07::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Server

2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 18 Nov 2023 16:37:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=18775051281&cl=0DyNCNm7_H0Qnp3q0wM
access-control-allow-origin: https://myfw.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981110430/ 2 KB
2 KB 46ms
46ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981110430/?random=1700325451444&cv=11&fst=1700325451444&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892095170&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmyfw.com%2Flogin%2F&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20First%20Western%20Trust&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1206454741.1700325451&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981110430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8ef4a3fcebe9dfb8330d52497ed23b84dab4d59dec5e4e68030b5a28410f556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1267
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

wcm Show response
www.google.com/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/981110430/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD&ct_eid=2
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD

80 B
111 B

40ms
40ms

XHR
application/json

2607:f8b0:4004:c07::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Server

2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 18 Nov 2023 16:37:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=3035318100&cl=SwRpCMevl4EBEJ6d6tMD
access-control-allow-origin: https://myfw.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 1744589 Show response
vc.hotjar.io/sessions/ 0
257 B 263ms
135ms XHR
text/plain 3.161.188.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1744589?s=0.25&r=0.09843997710362573
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.78e2d84033035343416f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.188.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-188-120.atl59.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
via: 1.1 51f668a91bae8bddb47ed0ddef0f2984.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: ATL59-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: apwx-Vrwmf6BrGbliDeeQotSvFQDXfFeml1sOHYl5bH5yiKLePrDdw==

GET
H3 200 /
www.google.com/pagead/1p-user-list/981110430/ 42 B
64 B 44ms
44ms Image
image/gif 2607:f8b0:4004:c07::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981110430/?random=1700325451444&cv=11&fst=1700323200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892095170&u_w=1600&u_h=1200&url=https%3A%2F%2Fmyfw.com%2Flogin%2F&frm=0&tiba=Login%20-%20First%20Western%20Trust&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN6DKJBPlYAjn7CW8PXTjYPiB1QenwaOAIyu05DA6oyimnbkwd&random=3071145238&rmt_tld=0&ipr=y

Requested by

Host: myfw.com
URL: https://myfw.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 16:37:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 101ms
33ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 16:37:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: u1oj9m6cj/u57L/yCXr8pBWz9N/INQKcbbV4bUY4CR0kADjUX2ziwhjgo2mlg5UW+I/VtMbmRR6Ag7/nLjkeSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 144ms
79ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=220916345&v=1.1&a=468003&ct=standard-page&rcu=https%3A%2F%2Fmyfw.com%2Flogin%2F&pu=https%3A%2F%2Fmyfw.com%2Flogin%2F&t=Login+-+First+Western+Trust&cts=1700325451572&vi=3cc67d5a18a2ae4e27edd43bbb31bada&nc=true&u=125324629.3cc67d5a18a2ae4e27edd43bbb31bada.1700325451569.1700325451569.1700325451569.1&b=125324629.1.1700325451569&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:37:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: be618833-6c1f-410a-9b3d-b408e44fe149
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: be618833-6c1f-410a-9b3d-b408e44fe149
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqjnckMCxJkpCegQ469UtMQIJKtJaPUdZOARF8j2cbXYjPZ0zNcs55PbRRIo5EGma6GTBfpUkltVrE7wvp3BDUMdncQQ06OUjiu%2BxOWMIakHyBcZ6zWapz5ZvN93YSu2TD%2F8RrlGFjtzwuEzM%2B0Q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-p6v9z
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8281a378cf194bbb-BUF
x-robots-tag: none

GET
H2 200 163196868445358 Show response
connect.facebook.net/signals/config/ 130 KB
33 KB 77ms
76ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/163196868445358?v=2.9.138&r=stable&domain=myfw.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ce22e02e7dfde1fb9baa74363aecd4a75c7ffd9659f40801a5a2eef5a24090b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 16:37:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: YWbGDBCt+ebHpUAirsnAWOHDMCgY3PKNqVMApLZBISQuINcWJFwBFLI5YoFbunKQaBUbnhaHijlvIGKoCtxd+w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 104ms
33ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=163196868445358&ev=PageView&dl=https%3A%2F%2Fmyfw.com&rl=&if=false&ts=1700325451869&sw=1600&sh=1200&ud[external_id]=3cc67d5a18a2ae4e27edd43bbb31bada&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1700325451864.910629916&cs_est=true&pm=1&hrl=d9fceb&ler=empty&it=1700325451760&coo=false&cs_cc=1&cas=4393416277399367&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myfw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 16:37:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.myfw.com/	1970-01-20 16:18:47	Name: __cf_bm Value: rJUeVR2N_jDD0gjJCSIPPkIl4uEvmU879QbLSiLFkq4-1700325450-0-AecjoaludKiJ62iFaECOaykYilUniFzpmZ1riFbV3sDxhRBwga2nlLPnAWdGE7lvvKZ2VUOYIgOtu7X2GOwWBnE=
.myfw.com/	1970-01-20 18:28:21	Name: _gcl_au Value: 1.1.1206454741.1700325451
.myfw.com/	1970-01-21 01:54:45	Name: _ga_6H1MGH7HTB Value: GS1.1.1700325451.1.0.1700325451.60.0.0
.myfw.com/	1970-01-21 01:54:45	Name: _ga Value: GA1.1.357059512.1700325451
.myfw.com/	1970-01-20 16:20:11	Name: _uetsid Value: c4c5d760863011ee85ea4b09215fd0e2
.myfw.com/	1970-01-21 01:40:21	Name: _uetvid Value: c4c60610863011ee940073fd54a714a0
.bing.com/	1970-01-21 01:40:21	Name: MUID Value: 1E6C7C4EA64D66E33D2E6F83A7C26785
.bat.bing.com/	1970-01-20 16:28:50	Name: MR Value: 0
.doubleclick.net/	1970-01-21 01:54:45	Name: IDE Value: AHWqTUnXUjquCSzRncShBG70q1CNPc-hAdklzij5op8nMP5_kD0AYEH2dWZjS4_j
.myfw.com/	1970-01-21 01:04:21	Name: _hjSessionUser_1744589 Value: eyJpZCI6ImI0MTk4OTMyLTI3MWUtNWMxMC1hMDFlLTQyZjQyM2NhNDA5ZiIsImNyZWF0ZWQiOjE3MDAzMjU0NTE1MTIsImV4aXN0aW5nIjpmYWxzZX0=
.myfw.com/	1970-01-20 16:18:47	Name: _hjFirstSeen Value: 1
.myfw.com/	1970-01-20 16:18:47	Name: _hjIncludedInSessionSample_1744589 Value: 0
.myfw.com/	1970-01-20 16:18:47	Name: _hjSession_1744589 Value: eyJpZCI6Ijg3NjRjNTMxLWI4MjgtNDZmNC1hNTFhLTllYjc5MDM2OGJjMyIsImNyZWF0ZWQiOjE3MDAzMjU0NTE1MTMsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.myfw.com/	1970-01-20 16:18:47	Name: _hjAbsoluteSessionInProgress Value: 1
.myfw.com/	1970-01-20 20:37:57	Name: __hstc Value: 125324629.3cc67d5a18a2ae4e27edd43bbb31bada.1700325451569.1700325451569.1700325451569.1
.myfw.com/	1970-01-20 20:37:57	Name: hubspotutk Value: 3cc67d5a18a2ae4e27edd43bbb31bada
.myfw.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.myfw.com/	1970-01-20 16:18:47	Name: __hssc Value: 125324629.1.1700325451569
.hubspot.com/	1970-01-20 16:18:47	Name: __cf_bm Value: w86r3AICvnRTNab5IHIrY6iyUs12MPK.4TDHX.R_.5o-1700325451-0-AQmEEvYiWTk3QZmldOHKWMyuWmZom36AQl3aQ31/Odi3sKiwVYwuxj0uEb7uiZyymhxdzvAwVvPaawkhm73rh/Q=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: PZGKOXf.gw2QX3qZn9JOKzZIJJKQEaOiPmG3n5AP.ck-1700325451694-0-604800000
.myfw.com/	1970-01-20 18:28:21	Name: _fbp Value: fb.1.1700325451864.910629916

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
api.hubapi.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
myfw.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vc.hotjar.io
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
141.193.213.10
172.253.115.156
2001:4860:4802:32::181
2600:1408:c400:2b::17de:4ce
2606:4700:4400::6812:22e5
2606:4700::6810:50ba
2606:4700::6810:bd59
2606:4700::6811:cacc
2606:4700::6811:e4a3
2606:4700::6813:9a53
2607:f8b0:4004:c07::93
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c17::5e
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.161.188.120
3.161.188.14
99.84.191.77
01471f7a6c6a3ebb00c8945fdd139775e7346052b91e3b04bf636be051fb97ae
0b81ad9592257f0fbbefed56cabffde12872eb30cfd55938017924e59392ab5c
118fa4401c193e1108d9703efc1286cf787917d148ae7c012d1d39b2eab8f1fd
201357a436c36fe0ce823d6f68e58c330785a6d3f84762c4fdb2ff507618805e
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
23b00e50ce6da872e7431ed2e8e7c4852404b252e1f74b1519bf731f69ee7208
27e15c231b1b1fab757ca843f4faf15d8d8e16f67dcb12e5396af87a63a7fb9b
32123d449ec469693a72bf13052e8ef5ea5ce16a4bbaf3e6f27f8e7bddba13a4
39b2ea3a064167a8936e0669f6215a74e0fa1a8d056bf1fa23e3d4035cae56af
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44d899c213fe7e91a4fa3197cf9b718036b6127a7a4fa16ae72110f727961193
46ad9639ef70ab3ed0b0ab28254f2363000c8d7242eae3d0749217a1a434ce12
47e1be5a780e48e2051c15ed6bb43ad78588db642b691314feed383d651ea526
4877fc8e94ec82ee3e178f316bee71b3f208364199f793a6b8b3596fe7e7f812
4ce22e02e7dfde1fb9baa74363aecd4a75c7ffd9659f40801a5a2eef5a24090b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54b0fd2683ae04fe8c136fe634032e6423ddeb28dea83342d58975821737e755
562e3b0e997856175024aad4d86b523e10728b527682e8a76e81d027ac699f47
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8e876943eed12dc0cac2ab11d62bfd3df88364f81ae1cb9558bdd562617e046a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96ff1efaea8b679bc00054785f25ed8ef924261c4d54f5f486d149e41e1a8068
9d17fc09ca3ae4c4b7fd15e77f26caa1e73b1ed44fed7e26255c1960ea3e21a2
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a081b8d297826c86e8c25833af6d1dc4a957f53741e61ca790fe87155803df94
b912305c377c5eead3cc0bd9eec15022f8d1514a4a20278ff0063ef430518195
c73915e926831ee1a2f78304614abe0a2d680ad7c3e90cb56d5ff082bc1475fe
c75f05d3b85c7b77ad3860f528ca707afde23aee2923115cf73675da12102f35
c8fb2ceb22df132f026a34250486db86ac8ae63e966fd647a13c0e8cd7a3b700
cee452db701b761fba2b42e3b4c091fd3d5eaee12ac95cec576988d083621ea3
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
d8ef4a3fcebe9dfb8330d52497ed23b84dab4d59dec5e4e68030b5a28410f556
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e252a78e5e39cdf8afa532206193b4b0fc46f4988f4e5e0b1b3e22225c95d2a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4673e072f47e08fac243b3a1c3dfeadf9e9dbb47fe0ce087f3df97c3fa025e0
e5434ce9e4e2700ad282f01209bce2fb1c25caa0f4adbfd75d60502647de56c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b1a43f372796e82f5d55d3cb1a21bc1182bdc2582ee8bc19c0bb71f40c4a36
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

myfw.com Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

78 %IPv6

19 Domains

24 Subdomains

22 IPs

1 Countries

1054 kBTransfer

2416 kBSize

21 Cookies

15 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myfw.com Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

78 %
IPv6

19
Domains

24
Subdomains

22
IPs

1
Countries

1054 kB
Transfer

2416 kB
Size

21
Cookies

53 HTTP transactions
0 data transactions