www.1fsb.bank Open in urlscan Pro
216.81.193.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://firststatebankloans.com/
Effective URL:
https://www.1fsb.bank/personal/loans/mortgages
Submission: On September 22 via manual (September 22nd 2023, 8:30:50 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 19 domains to perform 80 HTTP transactions. The main IP is 216.81.193.101, located in United States and belongs to LIGHTEDGE-AS-02, US. The main domain is www.1fsb.bank.
TLS certificate: Issued by R3 on August 24th 2023. Valid for: 3 months.

This is the only time www.1fsb.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
28	216.81.193.101 216.81.193.101	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
3	34.110.218.24 34.110.218.24	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	20.51.209.4 20.51.209.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	107.162.163.54 107.162.163.54	55002 (DEFENSE-NET) (DEFENSE-NET)
1	66.6.26.16 66.6.26.16	25773 (RADWARE-C...) (RADWARE-CLOUD-SERVICES)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	216.81.193.185 216.81.193.185	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
4 4	205.139.111.12 205.139.111.12	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
80	21

1 3.33.152.147 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

firststatebankloans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 216.81.193.101 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: amesnotes.city.ames.ia.us

www.1fsb.bank	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.110.218.24 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.218.110.34.bc.googleusercontent.com

cdn.vgmforbin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.forbin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1495 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.51.209.4 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cloud.chatbeacon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.162.163.54 (United States)

ASN55002 (DEFENSE-NET, US)

retailonline.fiservapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.6.26.16 (United States)

ASN25773 (RADWARE-CLOUD-SERVICES, US)

web13.secureinternetbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.81.193.185 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: ip185.city.ames.ia.us

services.forbin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.40.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.139.111.12 (United States) 4 redirects

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	1fsb.bank www.1fsb.bank	905 KB
12	chatbeacon.io cloud.chatbeacon.io	41 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 1059 p.typekit.net — Cisco Umbrella Rank: 1428	182 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	102 KB
4	mimecast.com 4 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 30156	6 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2460 insight.adsrvr.org — Cisco Umbrella Rank: 964	5 KB
4	forbin.com cdn.forbin.com — Cisco Umbrella Rank: 662030 services.forbin.com — Cisco Umbrella Rank: 804886	10 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6803	21 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 814	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	162 KB
2	fiservapps.com retailonline.fiservapps.com — Cisco Umbrella Rank: 265382	10 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1943	633 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	345 B
1	secureinternetbank.com web13.secureinternetbank.com — Cisco Umbrella Rank: 272770	20 KB
1	vgmforbin.com cdn.vgmforbin.com — Cisco Umbrella Rank: 749798	13 KB
1	firststatebankloans.com 1 redirects firststatebankloans.com	317 B
80	19

	Domain	Requested by
28	www.1fsb.bank	www.1fsb.bank
12	cloud.chatbeacon.io	www.1fsb.bank cloud.chatbeacon.io
4	protect-us.mimecast.com	4 redirects
4	use.typekit.net	www.1fsb.bank use.typekit.net
3	mpsnare.iesnare.com	retailonline.fiservapps.com mpsnare.iesnare.com www.1fsb.bank
3	ajax.googleapis.com	www.1fsb.bank
2	insight.adsrvr.org	protect-us.mimecast.com
2	fonts.googleapis.com	cloud.chatbeacon.io
2	www.facebook.com	www.1fsb.bank
2	js.adsrvr.org	www.googletagmanager.com www.1fsb.bank
2	connect.facebook.net	www.1fsb.bank connect.facebook.net
2	s.yimg.com	www.1fsb.bank s.yimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	services.forbin.com	www.1fsb.bank
2	www.googletagmanager.com	www.1fsb.bank www.googletagmanager.com
2	cdn.forbin.com	www.1fsb.bank
2	retailonline.fiservapps.com	www.1fsb.bank retailonline.fiservapps.com
1	sp.analytics.yahoo.com	www.1fsb.bank
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.typekit.net	use.typekit.net
1	web13.secureinternetbank.com	www.1fsb.bank
1	cdn.vgmforbin.com	www.1fsb.bank
1	firststatebankloans.com	1 redirects
80	24

This site contains links to these domains. Also see Links.

Domain
web13.secureinternetbank.com
retailonline.fiservapps.com
1fsb.mymortgage-online.com

Subject Issuer	Validity	Valid
1fsb.bank R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
cdn.forbin.com GTS CA 1D4	`2023-09-04` - `2023-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
cloud.chatbeacon.io RapidSSL TLS RSA CA G1	`2023-04-24` - `2024-05-14`	a year	crt.sh
retailonline.fiservapps.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-04-03`	a year	crt.sh
web13.secureinternetbank.com DigiCert SHA2 Extended Validation Server CA	`2023-01-17` - `2024-02-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
services.forbin.com R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.1fsb.bank/personal/loans/mortgages
Frame ID: D13D7BE096CFA0078D9F138EA1BD94A4
Requests: 73 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8fqcbxf&ref=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&upid=ircm8we&upv=1.1.0
Frame ID: D48D4892CFD8ADD886E2AD8A9EC632BF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up
Frame ID: 4C10152E48C9CF3BF6DD4B748497D109
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Loans and Real Estate Loans | First State Bank Nebraska

Page URL History Show full URLs

http://firststatebankloans.com/ HTTP 301
https://www.1fsb.bank/personal/loans/mortgages Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

80
Requests

96 %
HTTPS

45 %
IPv6

19
Domains

24
Subdomains

21
IPs

7
Countries

1589 kB
Transfer

2804 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://web13.secureinternetbank.com/ebc_ebc1151/login/104909531/1
Title: BizOnline

Search URL Search Domain Scan URL

URL: https://retailonline.fiservapps.com/Enroll/104909531/1
Title: Enroll now

Search URL Search Domain Scan URL

URL: https://retailonline.fiservapps.com/ForgotPassword/104909531/1
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://1fsb.mymortgage-online.com/
Title: Apply Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://firststatebankloans.com/ HTTP 301
https://www.1fsb.bank/personal/loans/mortgages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://protect-us.mimecast.com/s/sieSCVO0vztMwRgBiztR6c?domain=js.adsrvr.org HTTP 307
https://protect-us.mimecast.com/r/H7_gZf-zmIkidRas_EUZlWkKpjIU8SX_Yq2EI1BhNlhcJf9RDRvAJrFnGFjxrpEU5Ie3tSA1P5wLYnT4RcXkjeDWXVL6D1uFBFfl_XvoqS_aG4Ez7PLDsEOV084U7SzzUNm0X0Quw8-YiSMh9V18BtHHqhDzR86iIzi0eAcKwFwlyDl0--XYVAdNxSA4bX9Na8z60eCrjxybxQf2St_04uoNpo6FnT2PFkvBinlol_hCcmB9HM7psAtVl72e9F_Hi6kn3JuRu6pNXc75XbMqYCi5pz2Ew1KC3qq80Sc0wEHRun0BvXeN7XBxdaaZSHimoGfWfsRcGYgwbaZfYGfkyVOrvFmFjE-vk7eimyoZiFOBQbBay_MIc5tXdPTOlMz3BzPIu5FF-6H_UsUzYGRtFffAWJ2AUVovtEndNZhFiQFxG-d4VIzdca_3fmzIBetJc1hrPFmdI6sZz0gZI02N4rnhEaW-9RO9Biqf1dqKEMSqFEF39ciTl-ZmGjqgmKcLL9aaDDdvTT8H96nT48DtcNmjGEj1ufg2IGPnPVx7RjYTM5txDtds6YHoQ9Urx0YAPzSNI-ZymrREnz8EYl2SzoJLsblkP8HXzyZbgr8rvxZtNdHTTii5Pwedvxq-Dyo5_0R_JD2Of59UDpif5RQx81q1NoDBCf6S8qoRFP5pbueS69n5HbH4ySjTHc_wjqF3Cwar3WhYMnSXGAetLAztdHUe0jhVz037aWv_CEZmvGHL9iGklYvpatIf6dPUAiWBfDJqVqoVe392yz3f6BMZh6cWg46rR5raA3-CkHa21dEFXjrEtmnm4ZfQKGiJIkZfNjRgSuLrISlprPX9If1aNq_uLHHWjZkwgANxUZSH8hrvq2XYGZSqzJBYG8cMFnEqaDszyZAmseYl-SErfVV7XlRstGFoA-U-BxADeyKu3aVdwd28HVMpyPuGyADZMwxLYxrbwbl2MPkvA2GAH42J6XuzyGQa7F7op2gWyMZaOXlkn1cmNSiJU1FsUW372DleBwDuK3z1znf_e1A_tld1MSBOrMt9XXA2ueCb5gzs_PXDHzeYKTnnrWUvsxUB1sHj6fHXlCtpeVM8EnrTkJJz1DXUs7l0JKZzpb90crVFFo4hwPHDRh3Te5QdXX3BmbgD_uZe-XYFr84F2sCdq7MegNOnr4dCOI9EKUNBtxQwPcjhKxis4dLHTF-sW0NzB2OIpue9xyR_7L4-lC9XcdwmccyHvpvhaPp4RxPDTD-uIJD7Earfcmv9yJDUdFaTGe5IJHd1wbr6qmG2hAYdFk8aBC3ZyWl9InfKdyk3ZeRpc-U6N36tRVJflZ2z1aSkR26vevco9Wfn9bhtf2u5iRM-wXl2MBil9qlmJqfBZw7WQIUafy8xDmFu6R3nsqwyG5T6KkBHbcmKyEPpQknrRxggUVmDdTCGwD6SEwRgBx0hulLnEUpNmpA1HIKAbW_xVBdaDk4Fxg_VNMqlxZFvWzyvOMYDyRhjjSU4BW7KiHAjuGGQC0sE8qAHhNGricFtkrx_5bZhFwF7Z644YkH_QyxsihHNBUwn-AVnoAVE5cyjYd3a-mLH2KzV8WhXKa69qKo-w7rETgDLH-7pw9hMtdPSkfHNJElsw8G-Z86U32osKYBC4s_hYDyXArRv_TH697-JcadIrFog9ynqeifm6w3bzAktlMhNJHU1z91nqipJQb0RQWEpzNvcPiD0x_lC8EVJqj6n4qUq24psadcDBVbFxD2_b7tRE2UTX4oCfcc4ANcKbBYQIxQQWtHXxlfdqbcFmgiiQS7EmZQ7a7FzkNxYF1OxC3gG5uy55ECzPtyd9AWaJDjCdz8oTyxw8-W_ggd179ki4OrqLwAqNz6uNm36b1EjYVqHCFtrl3ydt38cXcOcSKMYYpCuSH_tAuFcZxw2EAiS6Q1NisI5_Jjyz3SYhOpoRp3zkmtiX6-YWi3T_sPQJNobE3nWQjXC2PvFgfi_bJ4ok3TpI-4O52c3cwABHwACgtzIUpoYpLJS4TDoc1Gyx1qLq3meOSTvUpHdTYLTe2QbDg4ZhwkX0iLApPpumv2gYa8X2b3FchYaq6GOmLvxIpvw3SgZ1bySRI_whO9UCPLWCXEjh_7RdUTOzffY6WN8SXw9gfO-Oib-OU5klQa3Ez9ynR3JiSEjBNFLpsMFByayPbAZEizgBdR1B8niRpSB_yRnzl9BHkFPm-Z5zY9r6V18nVTcf4VDqJi1Q-nAf8bXJOClKcSGlHTQDpPDQkDuVuC2xuo0CSG0lJiiim_XaOhPMX6QN3BAWdYdif-FUWsThNMfSE_TxYg9ZhC-Fg HTTP 307
https://js.adsrvr.org/up_loader.1.1.0.js

Request Chain 72

https://protect-us.mimecast.com/s/Qz0CCW6jPAC09WD3tKi16V?domain=insight.adsrvr.org?adv=8a5b96v&ref=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&upid=kd8myp2&upv=1.1.0 HTTP 307
https://protect-us.mimecast.com/r/2JXuwd21Q77n6ziIyq_mwiEGv8Jof9fa6YZBmL2n9gXOmxdEcCDu4ZGhewwk6m1AcRAjTTEYwEOxouNvVH9CaJ8VUAqE52Z63j2RMd51U_9oYYBy33d1FDodCXCsRHlBYtu0NuUd-EsP8q6T531GNgOfOcn-hqAYr6yzk1U2pVKXrqE-g_ueIfC_Kg_2duxiUVLE1b7u80xb8dyK2vf8vam6SeTbQDOhZRmyyPc8rMVmpYzTEfE05P_3OpvmNttAxvnPzYXygAmq54rbea9nvZBBrnPjnw2Qr8eEEECkSBjqyAqvKv8M7wHhsgV4TsDIq4C9qUrWwYRHd0VR-dD9Po4X2RJEJf61xduT2IpCPN43sZNdwLqIGyEqO4XO_nTvfeZP9IzattCZCsutFxdXETXVQBpIyXJ94rvHns5tKEKVjcK16OB675rRJ9PYiPTH2XYhaXIWeWferWzlrI8DMEcjzaEAmoDS98sfbnpyXTi3cmfFvC99BYRpAOi1JFR6bldb1Uy1RsDkQ0ROJwDsVqKB1_pQ41EAZ7s9DPNHCboJoecf3X5R3yYyY1s_qXKMQbfXkFrZvJSb1rgk2j4hPbY_tSuxS_XVx8cmQNx9WNt_QY5ASlwE_Ee7G8gAwtxojjCQO64WUgQV16GuyG4AhA9J3HAxgHLWAadILhjhWL_38A_jKLU5iS_IXvqDxeAx6IdIDBqZ7YGQUThUvKsLkSzLf2TzSSCUj7ZJakHXgcR35VOzkEtpvFugbLm2h7MnV80KmQngwdEyuVhyo1vtw0rVB8naql05FXjQjKkm9MhX1HkUzCz6yIJ_jD9IvEhxUW-dvQhaUPRbTg821O0XYaapaIr3Ft8DkbppxOmG_e4XCyk1vKCYqoGcFTx9lApn1iw3n4DTvVYg4Q9FewUAyfSnRgyuPMbTfBCD9EiA6bTGdnpAPOSFPZNdBqpq5it4iuU9TnKgXRcVctC8xT0SDam5CmfnSVTM0w5-SCjqtvbYkkSCCzG8oKRGWntFyAoWdp_TpqAzfqEYVCuzkUej3RhW2e5-x_m0npqoHGjzOLmtbF0kzfUyditjQk1x6_2kpVKHeWIzeHldd77oGj3nqMryZp-nDi4hKtutBeXG3golH3ZvRavZDRXyuqyRo_KAD9BjMZ03G5lZHSMLqNTD689L4Qc2fA8HWHbKx0FCmrj4fO3YpeXvyzzqB6DXhXe2PbrhleR6WJ0SIImTNysffHy1iDURLzRi4SazhjrFEOwkMrAgeP5ZeNoeYalh7vmfIs15xwtNgVLhSGlGbqSowcvn94kVaONGEkqnJZMVSafhkyaDYwDviIaiH5P-6Xn0TC0-l90xCmuI11Dqqy-YjkiFQcBJwRhWpGnURaJBvt4Y3Urgq2MN8nahCJq2zKIS13S6C2whK5t71YmNQox0fUw0_a2P0q9lOWEVSSvW6X7M0CeHMdTfFoaHxwSkhiD9uOU10d4llFqJg1pQM1EM3KdKNEpKs_Ij3zWYIN-LPogXF7JfWU-f8XM-J9b6Hl31cWZlkE09uDgod-fPQqsjHFUVUQkR_oF7uyCSjcGiH3IbYm4OyP-rxJbB2V4PaBhFa0qOqoZDnROECztMwaSayF8DOSQLl1ve7ptgkLooh8hyZrOy5a7tMiDkFhi6wi9Ml550--lZfBGfm1DihLs_vvieN01cfvwL747K4pQVXKsSfNE_JKF9QDhDZ_G9qXgmaKfR9vXYUJ7j_yBE8B_YZ7k_yNJEnuhi-O6rYKw_L1dBQmyso0X5T75vd3te9VOpKZlwQtjP8myRI4FcoYlcriU2VzifqYqlGfclsDQwPcg2AhBxED6lmdtvD8CaFE1QA4gRL43GmCrKPt08Olj_6Sp4Jn-SPUoluigN4yWLRMwtH0fA002SlpOEgDA4bkDhjV2yvOscG4aNlPddiDwGyXs5Gb7-b4wxBb0Hk05XLk2blzF0oBZg_h-DP8svrdw1XIBwg28XtRh-YbmVqd9gt55jh9tLh6To7Qds5HEY3u4O5w5Wb1KKVr4K8tjI-EN_Ws0t7DDnXsOdkCVafeNnbQA-c7zhKzjLWekIvSbqm-Lnv9Ubo0Hz-flhbhl1Ij3dcOMHIpxhlKOaLkU4NUvX9dhahMLQVpd998btHFPOqUuNAJM6sMPhqtBMLdpXhgCi5q3EXQDz_2vdz3DCV73yi2-jSfm1a4Z3FVqPDx05kIkdFBJ-8rYvL5CHopANJUrY2hkjkZT_p6OJfy6SgATrKdtljqTgpsxfylpYsdmGUHOEOaKFEOk7RPX0vayQQYwK HTTP 307
https://insight.adsrvr.org/track/up

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mortgages Show response
www.1fsb.bank/personal/loans/
Redirect Chain

http://firststatebankloans.com/
https://www.1fsb.bank/personal/loans/mortgages

51 KB
14 KB

1452ms
1131ms

Document
text/html

216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

803e1c5d61c6af42bc737897d9a33e3a93d76f18a128eef81dc0e5b45d4185ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 14088
content-type: text/html; charset=UTF-8
date: Fri, 22 Sep 2023 20:30:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
pragma: no-cache
server
strict-transport-security: max-age=15552001; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 81
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Sep 2023 20:30:42 GMT
Location: https://www.1fsb.bank/personal/loans/mortgages
Server: ip-100-74-2-203.eu-west-2.compute.internal
X-Request-Id: 7712017d-9223-49ac-88f5-09470f199f7c

GET
H2 200 all.min.css
cdn.vgmforbin.com/resources/font-awesome/5.9.0/css/ 55 KB
13 KB 357ms
309ms Stylesheet
text/css 34.110.218.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vgmforbin.com/resources/font-awesome/5.9.0/css/all.min.css
Requested by: Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.218.24 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 24.218.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: br
x-guploader-uploadid: ADPycdut3yAEuJwULc_sgxjFCOV2x9sDrE3p5INAn--FyDfmsdKJBNRuE-0bcSDIA78vEcCNhiZYLrdQOQVlwk0wYgPvqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 06 Apr 2022 17:13:59 GMT
server: UploadServer
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
x-goog-generation: 1649265239536338
content-type: text/css
content-language: en
x-goog-hash: crc32c=/WcvJQ==, md5=2/nYIs7+hRum9m4a1X6Jhw==
access-control-expose-headers: Content-Type
access-control-allow-origin: *
cache-control: public,max-age=3600
x-goog-stored-content-length: 55967
accept-ranges: none

GET
H2 200 main.min.css
www.1fsb.bank/css/ 130 KB
23 KB 183ms
182ms Stylesheet
text/css 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/css/main.min.css?v=1666990582

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

95bee8d6aabb462321309b4dfeaec75a033eb66e976faa2221d52d2e0e393df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 23704
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Fri, 28 Oct 2022 20:56:22 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 style.min.css
www.1fsb.bank/css/modules/site-banner/ 2 KB
895 B 137ms
136ms Stylesheet
text/css 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/css/modules/site-banner/style.min.css?v=1624892872

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

cf90ceb2f147986a2050a6f473dd14a1825899e1144e92cff7d66fabb96e9416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 801
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Mon, 28 Jun 2021 15:07:52 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 styles.min.css
www.1fsb.bank/css/modules/marketing/ 4 KB
1 KB 138ms
137ms Stylesheet
text/css 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/css/modules/marketing/styles.min.css?v=1666990582

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

8f4856f41dfa0ba9270c898de5c60634d3256f164822be8c281c47dafe218707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 1180
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Fri, 28 Oct 2022 20:56:22 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 08:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 08:44:42 GMT

GET
H2 200 logo.png
www.1fsb.bank/images/ 3 KB
3 KB 284ms
281ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/logo.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

e86587f4a89287ec62cc2722878ced3967a03ab2b9909215597e73007db301d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3477
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-search.png
www.1fsb.bank/images/ 202 B
301 B 145ms
142ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-search.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

638128e8b539226108eb2bb58979082741791fbff01a0b652bc294e36736ade9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 202
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 img-house-construction.jpg
www.1fsb.bank/uploads/userfiles/files/images/page-images-780x480/ 70 KB
70 KB 281ms
278ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/uploads/userfiles/files/images/page-images-780x480/img-house-construction.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

f9f9bc68582648c0b04b6678f9c2f12acf42c648fc5437d7059e094390366a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Nov 2020 22:13:22 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 72045
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 Abby%20Watson%20square.png
www.1fsb.bank/uploads/userfiles/files/images/ 76 KB
76 KB 146ms
144ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/uploads/userfiles/files/images/Abby%20Watson%20square.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

538f782083bbdec21ae2688f54e5cfda86ed4e0642923a13fd68742415a17f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 19:13:39 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 77638
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 Melissa.jpg
www.1fsb.bank/uploads/userfiles/files/images/ 264 KB
265 KB 414ms
411ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/uploads/userfiles/files/images/Melissa.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

374e37b9679d4ff0d4e3da86dd4f8129528c90637ed993e5a9e519a538180238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 21:03:29 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 270574
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 Vonnie.jpg
www.1fsb.bank/uploads/userfiles/files/images/ 274 KB
274 KB 418ms
415ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/uploads/userfiles/files/images/Vonnie.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

f18553f0342e95b60a0b554ee3b45e5a3500479397fd76bd8228d4587140ea70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 21:03:39 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 280389
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 logo-equal-housing.png
www.1fsb.bank/images/ 1 KB
1 KB 563ms
561ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/logo-equal-housing.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

fcf97358f77504cc8084c9564aebca3d680a8c6f48755d5c14dddb094ab7091b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2019 19:51:09 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1255
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 logo-FDIC.png
www.1fsb.bank/images/ 2 KB
2 KB 564ms
562ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/logo-FDIC.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

05a22f97b20aff8efce5bfda307ab26ee572123553561013e3c0646c72998412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2019 19:51:09 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 2028
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 toTop.png
www.1fsb.bank/images/ 886 B
932 B 564ms
562ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/toTop.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

df8c97c76fa45a330104f071c524faefbb968de3c8867fd171f3ee74dbd513e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 886
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 nlk5fpv.css
use.typekit.net/ 3 KB
938 B 168ms
130ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nlk5fpv.css

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

cfa4c3ccc482698923181b079a6cb5f9f4cbebfa9f3d1d78ff620540bbb81ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 22 Sep 2023 20:30:43 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 715

GET
H2 200 chatbeacon.js Show response
cloud.chatbeacon.io/chatbeacon/scripts/ 102 KB
23 KB 310ms
92ms Script
application/javascript 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Requested by: Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b836671a65ee90c93971b736031bdc2c2eb1d5740f2bc1f8f89ea8dc10d1136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 22:42:29 GMT
server: Microsoft-IIS/10.0
etag: "8078aecd2a5d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 23746

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 12:00:01 GMT

GET
H2 200 stacktable.min.js Show response
www.1fsb.bank/scripts/ 3 KB
1 KB 565ms
563ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/scripts/stacktable.min.js?v=1543338600

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

0247059a9cfbe16a02b317d5963308d3c7d5e26b2f21b22da3e939f0fda91ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 1300
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 matchheight.min.js Show response
www.1fsb.bank/scripts/ 3 KB
2 KB 706ms
704ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/scripts/matchheight.min.js?v=1543338387

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

3cbf825fe3a79bb5133f012a9f52a8f3b1489f87d20ad49296e07216114cb98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 1652
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 27 Nov 2018 17:06:27 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 global.js Show response
www.1fsb.bank/scripts/ 11 KB
4 KB 706ms
704ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/scripts/global.js?v=1684936545

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

17daeb71dcedce2b8ca6b1f81d050bee1b58c5723a11681365c52aadfcb5a632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 4009
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Wed, 24 May 2023 13:55:45 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H/1.1 200
OK remoteLoginLoad.js Show response
retailonline.fiservapps.com/js/ 1 KB
2 KB 830ms
489ms Script
application/javascript 107.162.163.54
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://retailonline.fiservapps.com/js/remoteLoginLoad.js

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.163.54 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

027ede5bcdb80de3e2fa83802dfef1d8eb65195d61cb2f8e578328041f278ac0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'
Date: Fri, 22 Sep 2023 20:30:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 fra1-bit14013
Content-Length: 1087
X-Xss-Protection: 1
Pragma: no-cache
Last-Modified: Mon, 28 Aug 2023 05:57:08 GMT
Etag: "1d9d9747a92963f"
X-Frame-Options: sameorigin
Content-Type: application/javascript
X-Vcap-Request-Id: 5a986ebd-3243-466a-6704-bfb52655fcb5
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex

GET
H/1.1 200
OK RemoteLogon Show response
web13.secureinternetbank.com/EBC_EBC1151/js/ 58 KB
20 KB 519ms
276ms Script
application/javascript 66.6.26.16
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://web13.secureinternetbank.com/EBC_EBC1151/js/RemoteLogon

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.6.26.16 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

b367710439916328be40726fd26ca32e57c557cf9c1dc337cd67404d890e64fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src ; img-src 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=157680000
Content-Security-Policy: frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src *; img-src * 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *;
X-Content-Type-Options: nosniff
Date: Fri, 22 Sep 2023 20:30:44 GMT
Last-Modified: Fri, 22 Sep 2023 20:30:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: User-Agent
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, must-revalidate
Connection: keep-alive
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block
Expires: Sat, 21 Sep 2024 20:30:44 GMT

GET
H2 200 flexslider.min.js Show response
cdn.forbin.com/resources/js/flexslider/2.6.4/ 22 KB
7 KB 164ms
131ms Script
application/javascript 34.110.218.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forbin.com/resources/js/flexslider/2.6.4/flexslider.min.js
Requested by: Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.218.24 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 24.218.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 100487fdb907adbb4add4af653924ecea10fb1ee2b869d8b0d516ed0fbdfca11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: br
x-guploader-uploadid: ADPycdvTrBRYaSBMK5JP4gEvjgQOdWC-fSBoDDZ6uXoCvl5wdWZmBdTSzqwB1x5svMTTZygq37KLALLhIyykoaT2bUBiwA
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 06 Apr 2022 17:32:27 GMT
server: UploadServer
etag: W/"5317c8faf18ee06f231cb1961c127297"
vary: Accept-Encoding
x-goog-generation: 1649266347718353
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=iESypw==, md5=UxfI+vGO4G8jHLGWHBJylw==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, max-age=0
x-goog-stored-content-length: 22334
accept-ranges: none
expires: Fri, 22 Sep 2023 20:30:43 GMT

GET
H2 200 scalable.min.js Show response
cdn.forbin.com/resources/js/scalable/1.0.0/ 1 KB
2 KB 165ms
132ms Script
application/octet-stream 34.110.218.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forbin.com/resources/js/scalable/1.0.0/scalable.min.js
Requested by: Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.218.24 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 24.218.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5f84c7643167258455b58d6b4cb0fda1b474ce88ea106f70f7b6d34392e85532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
age: 1
x-guploader-uploadid: ADPycduuCny0ZvVcCH9pb08B_s6AHZWSA8XWChm6momLcEl2e0zZDZMG3RriAadEiJ0OotaEsTBzgyztO7AKNAMuTO_wlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
last-modified: Wed, 06 Apr 2022 17:32:28 GMT
server: UploadServer
etag: "ae40399e81f51d3f32ebd83ac3f6cc82"
x-goog-generation: 1649266348220164
x-goog-hash: crc32c=YAuU+w==, md5=rkA5noH1HT8y69g6w/bMgg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 1278
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 site-banner.js Show response
www.1fsb.bank/modules/site-banner/js/ 940 B
625 B 282ms
279ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/modules/site-banner/js/site-banner.js?v=1684936545

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

e3b9587244ad29b6bc241780a05c82e4cdb80cf42116ee557d91ebfdfd2f5e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 527
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Wed, 24 May 2023 13:55:45 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 olb-jquery.js Show response
www.1fsb.bank/scripts/ 3 KB
1 KB 283ms
280ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/scripts/olb-jquery.js?v=1615309259

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

57d34473cc61b567bfae6a0906de0d5efa24b81c69f42d706fd579e9975d8864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 1229
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 09 Mar 2021 17:00:59 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 marketing.js Show response
www.1fsb.bank/modules/marketing/js/ 688 B
509 B 284ms
281ms Script
application/javascript 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/modules/marketing/js/marketing.js?v=1666974022

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

dab201d548e10600aa859124426a36a52ce2b85113877b4478d9b689fa531ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 438
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Fri, 28 Oct 2022 16:20:22 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 print.css
www.1fsb.bank/css/ 3 KB
1 KB 707ms
705ms Stylesheet
text/css 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1fsb.bank/css/print.css?v=1585746710

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

12ad7391a8d3ecb11582c737d9c726e9ced6fc05f18130557ded791d4b18fb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version
x-powered-by
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
content-length: 1375
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Wed, 01 Apr 2020 13:11:50 GMT
server
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
74 KB 50ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6RXRZJ

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52254bb617eaa3bb00dd7701e38110fc3afbcf30870cceee5034822675a1021a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75768
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 19:46:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Sep 2023 20:30:43 GMT

GET
H2 200 vguard.php Show response
services.forbin.com/VGuard/ 437 B
423 B 482ms
188ms XHR
text/html 216.81.193.185
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services.forbin.com/VGuard/vguard.php?url=https://www.1fsb.bank

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.185 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

ip185.city.ames.ia.us

Software

Microsoft-IIS/10.0 / PHP/5.6.40

Resource Hash

594280d3fa84dbcf3ecc7a69fdb6f8d01535e0f060bc531bd3f6c950f01bbd16

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-length: 266

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 21ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nlk5fpv&ht=tk&f=26498.26499.26500.26503&a=769134&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlk5fpv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 icon-close.png
www.1fsb.bank/images/ 267 B
313 B 700ms
700ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-close.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

a8f6fb668d80690675e23c30f98ebe32c9aeed988c8aaf071019608ec2933070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 267
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 bkg-homemortgages.jpg
www.1fsb.bank/uploads/userfiles/files/images/header-images-1920x325/ 79 KB
79 KB 699ms
699ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/uploads/userfiles/files/images/header-images-1920x325/bkg-homemortgages.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

28c16a7e28719a778edf9c28162c9bb6b5aa27d5ca628d2a29ff154ccf01ca81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/personal/loans/mortgages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Nov 2020 22:13:16 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 81011
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-check.jpg
www.1fsb.bank/images/ 541 B
587 B 700ms
699ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-check.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

709c15f583b779b99856d9593c310220c9b897fa4c6ef681bf4a2e96f319db80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 541
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 bg-blog.jpg
www.1fsb.bank/images/ 80 KB
80 KB 700ms
699ms Image
image/jpeg 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/bg-blog.jpg

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

a1d4c364526cb58e1610f4e7d27e711ba4347e43e79aa004499b38992f91fa88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/jpeg
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 82325
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-phone.png
www.1fsb.bank/images/ 208 B
253 B 700ms
700ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-phone.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

a2af7f767038b578c043380054309f83dd25d589197e3ad2c60f3c9579bff2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 208
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-routing.png
www.1fsb.bank/images/ 204 B
249 B 699ms
698ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-routing.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

970f49c5ae8569986335ed825abbf697c7d29544c3d5ff4fc3d898769bcc156a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 204
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-locations.png
www.1fsb.bank/images/ 211 B
256 B 699ms
699ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-locations.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

b24b6535c748201e37b40a2ed2d26327d594d5ce98dfa124ab672abbf628764a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 211
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 icon-facebook.png
www.1fsb.bank/images/ 200 B
245 B 700ms
699ms Image
image/png 216.81.193.101
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1fsb.bank/images/icon-facebook.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/css/main.min.css?v=1666990582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.101 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

amesnotes.city.ames.ia.us

Software

Resource Hash

208d5e00d65a12298731d4da461b4f79674f2b61c2288d1416726de35322a2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/css/main.min.css?v=1666990582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 17:10:00 GMT
server
x-aspnet-version
x-powered-by
x-frame-options: sameorigin
content-type: image/png
p3p: Our site does not have a P3P Policy, please see our privacy policy for more information.
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 l
use.typekit.net/af/d280e6/00000000000000003b9acd69/27/ 60 KB
60 KB 28ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d280e6/00000000000000003b9acd69/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlk5fpv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1fae6b19f959c6e6dce3f9c2701a3517118f2f603472e47556407047abdda908

Request headers

Referer: https://use.typekit.net/nlk5fpv.css
Origin: https://www.1fsb.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
server: nginx
etag: "0b0edd5955c39c3588ad26922c8b1fe2fbf73b59"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 61564

GET
H2 200 l
use.typekit.net/af/583f09/00000000000000003b9acd68/27/ 60 KB
61 KB 33ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/583f09/00000000000000003b9acd68/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlk5fpv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6dda924f92051fe6f10623333d18b56328b40889ae2e18be78fa317bbe664d9d

Request headers

Referer: https://use.typekit.net/nlk5fpv.css
Origin: https://www.1fsb.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
server: nginx
etag: "2af30f3bf928fd2d0bb899fe065b1bd1d9283571"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 61780

GET
H2 200 l
use.typekit.net/af/b101af/00000000000000003b9acd67/27/ 60 KB
60 KB 33ms
19ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b101af/00000000000000003b9acd67/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlk5fpv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dc942b319e4d9c382910ede82526d4bcb6e95b1b3cc66458330b782a7d7798f3

Request headers

Referer: https://use.typekit.net/nlk5fpv.css
Origin: https://www.1fsb.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
server: nginx
etag: "8f4f5374d234f660352c079eabdc4e252412cb5d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 60944

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6RXRZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 19:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2783
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Sep 2023 21:44:21 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 85ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:23 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: V0BKNX8HG44V3MPT
age: 22
x-amz-server-side-encryption: AES256
x-amz-id-2: PY5zZP/spv9kP+zJbc5xIZ5u1tCCILf3qcpEnV5GukTadqgOSojm91KBUw+d5pOlIRyod+V3RU8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 20:30:44 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53243
x-xss-protection: 0
pragma: public
x-fb-debug: DCcq1CvW1FbIeH4OXFSiVyWnhXI7bng7k93ZimvL02yo77WfPELFL9B/bRjPDM3iyXJvc3iVfxyOCEfHykUEKg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 59ms
14ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6RXRZJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 02:39:17 GMT
Content-Encoding: gzip
Via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 64288
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BeHPl9eOcc-zpbIFRgfLpAXe5iWLi7IeABsoMe5NUVI_Nd7Yb5GsyA==

GET
H/1.1

200
OK

up_loader.1.1.0.js Show response
js.adsrvr.org/
Redirect Chain

https://protect-us.mimecast.com/s/sieSCVO0vztMwRgBiztR6c?domain=js.adsrvr.org
https://protect-us.mimecast.com/r/H7_gZf-zmIkidRas_EUZlWkKpjIU8SX_Yq2EI1BhNlhcJf9RDRvAJrFnGFjxrpEU5Ie3tSA1P5wLYnT4RcXkjeDWXVL6D1uFBFfl_XvoqS_aG4Ez7PLDsEOV084U7SzzUNm0X0Quw8-YiSMh9V18BtHHqhDzR86iIzi...
https://js.adsrvr.org/up_loader.1.1.0.js

5 KB
3 KB

16ms
13ms

Script
application/x-javascript

108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages
Protocol: HTTP/1.1
Server: 108.138.40.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 02:39:17 GMT
Content-Encoding: gzip
Via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 64288
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: -7F58QeAT0JyqnDSIWBexorP92GNqCLabGxRTjS8Z3sVJIY_5ubneQ==

Redirect headers

Pragma: no-cache
Date: Fri, 22 Sep 2023 20:30:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://js.adsrvr.org/up_loader.1.1.0.js
Cache-control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MXJJCNLGX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6RXRZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebb2d2e2e65be2c3acf50c1e3de49b58a9e9bc2f6f3ee3c084c100db3cfcd161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 20:30:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1863972204&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&ul=en-us&de=UTF-8&dt=Home%20Loans%20and%20Real%20Estate%20Loans%20%7C%20First%20State%20Bank%20Nebraska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=1901590796&gjid=248009009&cid=1695976109.1695414644&tid=UA-115815384-1&_gid=1011540518.1695414644&_slc=1&gtm=45He39k0n81M6RXRZJ&z=94125664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 52ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115815384-1&cid=1695976109.1695414644&jid=1901590796&gjid=248009009&_gid=1011540518.1695414644&_u=YGBAgAABAAAAAG~&z=792371361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Sep 2023 20:30:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 203138880289738 Show response
connect.facebook.net/signals/config/ 136 KB
36 KB 105ms
104ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/203138880289738?v=2.9.128&r=stable&domain=www.1fsb.bank

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3df8b006e11cf1e7b6491ffab632dfdd42130fa71d609ff9b85d0ac45105979

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Sep 2023 20:30:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GaYRE7LNe/dMwJqbYNkmJ02JNeP1Z2nBe1NybucqHuoC+1wDOEFWb7e2G264dnE+GggvNz9lyIHcCV5kGY0/2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 65ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MXJJCNLGX&gtm=45je39k0&_p=1863972204&cid=1695976109.1695414644&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695414644&sct=1&seg=0&dl=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&dt=Home%20Loans%20and%20Real%20Estate%20Loans%20%7C%20First%20State%20Bank%20Nebraska&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MXJJCNLGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10047227.json Show response
s.yimg.com/wi/config/ 2 B
484 B 161ms
120ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10047227.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 94ND4XM12YH4DAHJ
age: 1
content-length: 22
x-amz-id-2: ANyr6GpiEzgBbqOZ9WpVm/cm7SMh1Y4lsY76pOxl8MrXCLkPV6SR6If/xlprVEmxGxQcw5ye3Vo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=203138880289738&ev=PageView&dl=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&rl=&if=false&ts=1695414644180&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695414644179.564375033&it=1695414644055&coo=false&rqm=GET

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Sep 2023 20:30:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 136ms
43ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2022%20Sep%202023%2020%3A30%3A44%20GMT&n=-2d&b=Home%20Loans%20and%20Real%20Estate%20Loans%20%7C%20First%20State%20Bank%20Nebraska&.yp=10047227&f=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 22 Sep 2023 20:30:44 GMT

GET
H2 200 vguard-badge.png
services.forbin.com/VGuard/images/ 1 KB
1 KB 396ms
132ms Image
image/png 216.81.193.185
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://services.forbin.com/VGuard/images/vguard-badge.png

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.81.193.185 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

ip185.city.ames.ia.us

Software

Microsoft-IIS/10.0 /

Resource Hash

b07e63243e500b63d91a33d022a272235c5d5384f9ca85734aacf04d7debbb66

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:44 GMT
last-modified: Fri, 23 Sep 2016 16:24:33 GMT
server: Microsoft-IIS/10.0
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1364

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=203138880289738&ev=Microdata&dl=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&rl=&if=false&ts=1695414644683&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Loans%20and%20Real%20Estate%20Loans%20%7C%20First%20State%20Bank%20Nebraska%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%20Loans%20and%20Real%20Estate%20Loans%22%2C%22og%3Adescription%22%3A%22Trust%20First%20State%20Bank%20Nebraska%E2%80%99s%20mortgage%20loan%20officers%20to%20work%20with%20you%20to%20find%20the%20right%20mortgage%20or%20real%20estate%20loan%20to%20meet%20your%20family%E2%80%99s%20needs.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.1fsb.bank%2Fimages%2Flogo.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&ec=1&o=30&fbp=fb.1.1695414644179.564375033&it=1695414644055&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Sep 2023 20:30:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK remoteLoginPost.js Show response
retailonline.fiservapps.com/js/ 7 KB
8 KB 160ms
160ms Script
application/javascript 107.162.163.54
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://retailonline.fiservapps.com/js/remoteLoginPost.js?v=1.0

Requested by

Host: retailonline.fiservapps.com
URL: https://retailonline.fiservapps.com/js/remoteLoginLoad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.163.54 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

a04a4d0b6c9105a7136ac9b0d07e5c7f17a6a8a2f3599e4ac7db9f8a7772f7f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'
Date: Fri, 22 Sep 2023 20:30:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 28 Aug 2023 05:57:08 GMT
Via: 1.1 fra1-bit14013
Etag: "1d9d9747a928fe4"
X-Frame-Options: sameorigin
Content-Type: application/javascript
X-Vcap-Request-Id: 127da458-e26b-41c1-4eaa-3d4ae199d6a4
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 7652
X-Xss-Protection: 1

OPTIONS
H2 200 session
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/ Frame 0
0 280ms
93ms Preflight 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session?r=1695414644695
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-chatbeacon
Access-Control-Request-Method: POST
Origin: https://www.1fsb.bank
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-chatbeacon
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 0
date: Fri, 22 Sep 2023 20:30:44 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 chatbeacon.css
cloud.chatbeacon.io/chatbeacon/content/css/ 16 KB
3 KB 92ms
91ms Stylesheet
text/css 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/content/css/chatbeacon.css
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f72b35c14b5d6d98db4b44682e29540fa324f222816caef0d7852abc87db754e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:44 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 22:25:56 GMT
server: Microsoft-IIS/10.0
etag: "0b2ce7d0a5d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 2884

GET
H2 200 chatbeacon.css
cloud.chatbeacon.io/chatbeacon/content/themes/First_State_Bank_Nebraska_frame/css/ 11 KB
11 KB 93ms
93ms Stylesheet
text/css 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/content/themes/First_State_Bank_Nebraska_frame/css/chatbeacon.css
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2399461ba21ae9fa8b6d06641136ec21bd8a4deb418a2985fa61de7095067aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:44 GMT
last-modified: Wed, 08 Sep 2021 22:39:31 GMT
server: Microsoft-IIS/10.0
etag: "a325de632a5d71:0"
x-powered-by: ASP.NET
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 11467

GET
H2 200 custom.css
cloud.chatbeacon.io/chatbeacon/content/themes/First_State_Bank_Nebraska_frame/css/ 822 B
900 B 92ms
92ms Stylesheet
text/css 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/content/themes/First_State_Bank_Nebraska_frame/css/custom.css
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 080557b55c9d7e2471e441fadd15aa47bef1e4d8d5575bb351aa18f16cbd5105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:44 GMT
last-modified: Wed, 08 Sep 2021 22:39:31 GMT
server: Microsoft-IIS/10.0
etag: "788e0632a5d71:0"
x-powered-by: ASP.NET
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 822

POST
H2 201 session Show response
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/ 2 KB
2 KB 95ms
94ms XHR
application/json 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session?r=1695414644695
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa0fb0fcfa8d844b6d5875bb7870baeb7e097c554cf89b92ae19d0f9f2784768

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-chatbeacon: 00000000-0000-0000-0000-000000000000:00000000-0000-0000-0000-000000000000
Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:44 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
location: https://cloud.chatbeacon.io/ChatBeacon/api/v2/account/291/visitor/site/327/session
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 1560
expires: -1

GET
H3 200 jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 29 KB
7 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.min.css

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 16:55:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1006 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/content/css/chatbeacon.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.chatbeacon.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 20:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 18:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 20:30:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
544 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/content/themes/First_State_Bank_Nebraska_frame/css/chatbeacon.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ecab19181cc1d7980c6b9eb7a269182b3da33a563686e861322920e427d06e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.chatbeacon.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 20:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 19:58:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 20:30:44 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 126ms
36ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false

Requested by

Host: retailonline.fiservapps.com
URL: https://retailonline.fiservapps.com/js/remoteLoginPost.js?v=1.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1b2dcdecfedfb7d7c7214a26552a8f16baf6f0d9e8d0fd7b052b4c55f0a75742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Sep 2023 20:30:44 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 32ms
32ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f28c7cef5cbb6193acf5dfa8bf2039a8c095fb1f6fae5ce53681a0e3253a7bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.1fsb.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 20:30:45 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 21 Sep 2024 20:30:45 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 55ms
32ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.1812050143009447

Requested by

Host: www.1fsb.bank
URL: https://www.1fsb.bank/personal/loans/mortgages

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

99d190ef5558ee95834d8107d82d2da9aa375f6037dfdfeade7672227d101d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.1fsb.bank/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 22 Sep 2023 20:30:45 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 profile Show response
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/ 127 B
168 B 3508ms
3507ms XHR
application/json 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/profile?r=1695414645073
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 55833180924e0d00b450b9dd11c7c90ebac8b45937664f2a40126d4a9f9399e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-chatbeacon: 9bf36ad3-0b43-4a5f-a138-65c0895ae064:063221fb-fee0-4552-aab1-cad2d83dfb9c
Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:44 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 127
expires: -1

OPTIONS
H2 200 profile
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/ Frame 0
0 92ms
92ms Preflight 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/profile?r=1695414645073
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-chatbeacon
Access-Control-Request-Method: GET
Origin: https://www.1fsb.bank
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-chatbeacon
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 0
date: Fri, 22 Sep 2023 20:30:44 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame D48D 0
60 B 116ms
32ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8fqcbxf&ref=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&upid=ircm8we&upv=1.1.0
Requested by: Host: protect-us.mimecast.com
URL: https://protect-us.mimecast.com/s/sieSCVO0vztMwRgBiztR6c?domain=js.adsrvr.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1fsb.bank/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Fri, 22 Sep 2023 20:30:45 GMT
server: Kestrel

GET
H2

200

up Show response
insight.adsrvr.org/track/ Frame 4C10
Redirect Chain

https://protect-us.mimecast.com/s/Qz0CCW6jPAC09WD3tKi16V?domain=insight.adsrvr.org?adv=8a5b96v&ref=https%3A%2F%2Fwww.1fsb.bank%2Fpersonal%2Floans%2Fmortgages&upid=kd8myp2&upv=1.1.0
https://protect-us.mimecast.com/r/2JXuwd21Q77n6ziIyq_mwiEGv8Jof9fa6YZBmL2n9gXOmxdEcCDu4ZGhewwk6m1AcRAjTTEYwEOxouNvVH9CaJ8VUAqE52Z63j2RMd51U_9oYYBy33d1FDodCXCsRHlBYtu0NuUd-EsP8q6T531GNgOfOcn-hqAYr6y...
https://insight.adsrvr.org/track/up

0
59 B

33ms
33ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up
Requested by: Host: protect-us.mimecast.com
URL: https://protect-us.mimecast.com/s/sieSCVO0vztMwRgBiztR6c?domain=js.adsrvr.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1fsb.bank/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Fri, 22 Sep 2023 20:30:49 GMT
server: Kestrel

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 22 Sep 2023 20:30:49 GMT
Location: https://insight.adsrvr.org/track/up
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

POST
H2 204 page Show response
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/ 0
27 B 94ms
94ms XHR
text/plain 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/page?r=1695414648676
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-chatbeacon: 9bf36ad3-0b43-4a5f-a138-65c0895ae064:063221fb-fee0-4552-aab1-cad2d83dfb9c
Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:48 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
expires: -1

OPTIONS
H2 200 page
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/ Frame 0
0 274ms
92ms Preflight 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/page?r=1695414648676
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-chatbeacon
Access-Control-Request-Method: POST
Origin: https://www.1fsb.bank
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-chatbeacon
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 0
date: Fri, 22 Sep 2023 20:30:48 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 marquee Show response
cloud.chatbeacon.io/chatbeacon/api/v1/template/First_State_Bank_Nebraska_frame/ 538 B
603 B 92ms
92ms XHR
application/json 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v1/template/First_State_Bank_Nebraska_frame/marquee?r=1695414649070
Requested by: Host: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/scripts/chatbeacon.js?accountId=291&siteId=327&queueId=441&m=1&i=1&b=1&c=1&theme=First_State_Bank_Nebraska_frame
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff5c6ad9fdfc198e66af0c3ce30afa4581d390921522d1a90b1440cf595c72b2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-chatbeacon: 9bf36ad3-0b43-4a5f-a138-65c0895ae064:063221fb-fee0-4552-aab1-cad2d83dfb9c
Referer: https://www.1fsb.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 20:30:48 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 538
expires: -1

OPTIONS
H2 200 marquee
cloud.chatbeacon.io/chatbeacon/api/v1/template/First_State_Bank_Nebraska_frame/ Frame 0
0 92ms
92ms Preflight 20.51.209.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.chatbeacon.io/chatbeacon/api/v1/template/First_State_Bank_Nebraska_frame/marquee?r=1695414649070
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.51.209.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-chatbeacon
Access-Control-Request-Method: GET
Origin: https://www.1fsb.bank
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-chatbeacon
access-control-allow-origin: https://www.1fsb.bank
cache-control: no-cache
content-length: 0
date: Fri, 22 Sep 2023 20:30:48 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

OPTIONS sync
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/ Frame 0
0

GET sync
cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/sync?r=1695414649257

Domain: cloud.chatbeacon.io
URL: https://cloud.chatbeacon.io/chatbeacon/api/v2/account/291/visitor/site/327/session/sync?r=1695414649257

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.1fsb.bank/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9dsuq5sgv742g142ffhgrs3m11
.1fsb.bank/	1970-01-20 14:58:21	Name: _gid Value: GA1.2.1011540518.1695414644
.1fsb.bank/	1970-01-20 14:56:54	Name: _dc_gtm_UA-115815384-1 Value: 1
.1fsb.bank/	1970-01-21 00:32:54	Name: _ga_8MXJJCNLGX Value: GS1.1.1695414644.1.0.1695414644.0.0.0
.1fsb.bank/	1970-01-21 00:32:54	Name: _ga Value: GA1.1.1695976109.1695414644
.1fsb.bank/	1970-01-20 17:06:30	Name: _fbp Value: fb.1.1695414644179.564375033
.yahoo.com/	1970-01-20 23:42:52	Name: A3 Value: d=AQABBHT5DWUCEO9qAb0jbRqztC8-rICWLkgFEgEBAQFKD2UXZeAQyiMA_eMAAA&S=AQAAAkt9eszpUTuBaP3H2gTjLwo
mpsnare.iesnare.com/	1970-01-20 23:42:30	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: PgFm/v0qbf10wZ/lBxzEKzrdIeJcCehus0fvw6t1l6w=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.forbin.com
cdn.vgmforbin.com
cloud.chatbeacon.io
connect.facebook.net
firststatebankloans.com
fonts.googleapis.com
insight.adsrvr.org
js.adsrvr.org
mpsnare.iesnare.com
p.typekit.net
protect-us.mimecast.com
region1.google-analytics.com
retailonline.fiservapps.com
s.yimg.com
services.forbin.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
use.typekit.net
web13.secureinternetbank.com
www.1fsb.bank
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
cloud.chatbeacon.io
107.162.163.54
108.138.40.116
15.197.193.217
20.51.209.4
2001:4860:4802:34::36
205.139.111.12
212.82.100.181
216.81.193.101
216.81.193.185
2a00:1288:80:807::2
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c0b::9a
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.33.152.147
34.110.218.24
54.228.71.178
66.6.26.16
0247059a9cfbe16a02b317d5963308d3c7d5e26b2f21b22da3e939f0fda91ad2
027ede5bcdb80de3e2fa83802dfef1d8eb65195d61cb2f8e578328041f278ac0
05a22f97b20aff8efce5bfda307ab26ee572123553561013e3c0646c72998412
080557b55c9d7e2471e441fadd15aa47bef1e4d8d5575bb351aa18f16cbd5105
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
100487fdb907adbb4add4af653924ecea10fb1ee2b869d8b0d516ed0fbdfca11
12ad7391a8d3ecb11582c737d9c726e9ced6fc05f18130557ded791d4b18fb61
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17daeb71dcedce2b8ca6b1f81d050bee1b58c5723a11681365c52aadfcb5a632
1b2dcdecfedfb7d7c7214a26552a8f16baf6f0d9e8d0fd7b052b4c55f0a75742
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fae6b19f959c6e6dce3f9c2701a3517118f2f603472e47556407047abdda908
208d5e00d65a12298731d4da461b4f79674f2b61c2288d1416726de35322a2fd
2399461ba21ae9fa8b6d06641136ec21bd8a4deb418a2985fa61de7095067aaf
28c16a7e28719a778edf9c28162c9bb6b5aa27d5ca628d2a29ff154ccf01ca81
2b836671a65ee90c93971b736031bdc2c2eb1d5740f2bc1f8f89ea8dc10d1136
374e37b9679d4ff0d4e3da86dd4f8129528c90637ed993e5a9e519a538180238
3cbf825fe3a79bb5133f012a9f52a8f3b1489f87d20ad49296e07216114cb98e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
52254bb617eaa3bb00dd7701e38110fc3afbcf30870cceee5034822675a1021a
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
538f782083bbdec21ae2688f54e5cfda86ed4e0642923a13fd68742415a17f0a
55833180924e0d00b450b9dd11c7c90ebac8b45937664f2a40126d4a9f9399e4
57d34473cc61b567bfae6a0906de0d5efa24b81c69f42d706fd579e9975d8864
594280d3fa84dbcf3ecc7a69fdb6f8d01535e0f060bc531bd3f6c950f01bbd16
5f84c7643167258455b58d6b4cb0fda1b474ce88ea106f70f7b6d34392e85532
638128e8b539226108eb2bb58979082741791fbff01a0b652bc294e36736ade9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dda924f92051fe6f10623333d18b56328b40889ae2e18be78fa317bbe664d9d
6ecab19181cc1d7980c6b9eb7a269182b3da33a563686e861322920e427d06e9
709c15f583b779b99856d9593c310220c9b897fa4c6ef681bf4a2e96f319db80
803e1c5d61c6af42bc737897d9a33e3a93d76f18a128eef81dc0e5b45d4185ea
8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
8f4856f41dfa0ba9270c898de5c60634d3256f164822be8c281c47dafe218707
95bee8d6aabb462321309b4dfeaec75a033eb66e976faa2221d52d2e0e393df5
970f49c5ae8569986335ed825abbf697c7d29544c3d5ff4fc3d898769bcc156a
99d190ef5558ee95834d8107d82d2da9aa375f6037dfdfeade7672227d101d2b
a04a4d0b6c9105a7136ac9b0d07e5c7f17a6a8a2f3599e4ac7db9f8a7772f7f9
a1d4c364526cb58e1610f4e7d27e711ba4347e43e79aa004499b38992f91fa88
a2af7f767038b578c043380054309f83dd25d589197e3ad2c60f3c9579bff2fe
a8f6fb668d80690675e23c30f98ebe32c9aeed988c8aaf071019608ec2933070
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b07e63243e500b63d91a33d022a272235c5d5384f9ca85734aacf04d7debbb66
b24b6535c748201e37b40a2ed2d26327d594d5ce98dfa124ab672abbf628764a
b367710439916328be40726fd26ca32e57c557cf9c1dc337cd67404d890e64fb
c3df8b006e11cf1e7b6491ffab632dfdd42130fa71d609ff9b85d0ac45105979
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
cf90ceb2f147986a2050a6f473dd14a1825899e1144e92cff7d66fabb96e9416
cfa4c3ccc482698923181b079a6cb5f9f4cbebfa9f3d1d78ff620540bbb81ea0
dab201d548e10600aa859124426a36a52ce2b85113877b4478d9b689fa531ba8
dc942b319e4d9c382910ede82526d4bcb6e95b1b3cc66458330b782a7d7798f3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8c97c76fa45a330104f071c524faefbb968de3c8867fd171f3ee74dbd513e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9587244ad29b6bc241780a05c82e4cdb80cf42116ee557d91ebfdfd2f5e47
e86587f4a89287ec62cc2722878ced3967a03ab2b9909215597e73007db301d9
ebb2d2e2e65be2c3acf50c1e3de49b58a9e9bc2f6f3ee3c084c100db3cfcd161
f18553f0342e95b60a0b554ee3b45e5a3500479397fd76bd8228d4587140ea70
f28c7cef5cbb6193acf5dfa8bf2039a8c095fb1f6fae5ce53681a0e3253a7bdf
f72b35c14b5d6d98db4b44682e29540fa324f222816caef0d7852abc87db754e
f9f9bc68582648c0b04b6678f9c2f12acf42c648fc5437d7059e094390366a60
fa0fb0fcfa8d844b6d5875bb7870baeb7e097c554cf89b92ae19d0f9f2784768
fcf97358f77504cc8084c9564aebca3d680a8c6f48755d5c14dddb094ab7091b
ff5c6ad9fdfc198e66af0c3ce30afa4581d390921522d1a90b1440cf595c72b2

www.1fsb.bank Open in urlscan Pro 216.81.193.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

45 %IPv6

19 Domains

24 Subdomains

21 IPs

7 Countries

1589 kBTransfer

2804 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.1fsb.bank Open in urlscan Pro
216.81.193.101 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

45 %
IPv6

19
Domains

24
Subdomains

21
IPs

7
Countries

1589 kB
Transfer

2804 kB
Size

8
Cookies

80 HTTP transactions
0 data transactions