www.firstunitedbank.com Open in urlscan Pro
3.232.45.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.em.firstunitedbank.com/?qs=2e22828222a1858772bfeb801e13952f6c0fb27812c7982f5b5b6e7f98a81833c9f0c7e6de76b300ca3094c0ced6...
Effective URL:
https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=F...
Submission Tags: falconsandbox
Submission: On September 27 via api (September 27th 2024, 6:00:22 pm UTC) from US — Scanned from IT

Summary HTTP 115 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 40 domains to perform 115 HTTP transactions. The main IP is 3.232.45.244, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.firstunitedbank.com. The Cisco Umbrella rank of the primary domain is 748088.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 9th 2024. Valid for: a year.

This is the only time www.firstunitedbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.180.242 13.111.180.242	14340 (SALESFORCE) (SALESFORCE)
15	3.232.45.244 3.232.45.244	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	192.0.54.4 192.0.54.4	62659 (Q2HOLDINGS) (Q2HOLDINGS)
6	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
6	52.216.207.19 52.216.207.19	16509 (AMAZON-02) (AMAZON-02)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	160.8.187.13 160.8.187.13	14340 (SALESFORCE) (SALESFORCE)
3	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1 3	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
5	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	184.24.77.20 184.24.77.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	169.150.247.38 169.150.247.38	60068 (CDN77 _) (CDN77 _)
5	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	142.251.168.154 142.251.168.154	15169 (GOOGLE) (GOOGLE)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18 24	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.27.108 13.32.27.108	16509 (AMAZON-02) (AMAZON-02)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.23.73.11 23.23.73.11	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.78.110.63 3.78.110.63	16509 (AMAZON-02) (AMAZON-02)
1 1	3.76.227.64 3.76.227.64	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.240.89 107.178.240.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.72.204.155 52.72.204.155	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.163.17 52.210.163.17	16509 (AMAZON-02) (AMAZON-02)
1	52.16.246.21 52.16.246.21	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.15 18.66.102.15	16509 (AMAZON-02) (AMAZON-02)
1	160.8.186.13 160.8.186.13	14340 (SALESFORCE) (SALESFORCE)
2	13.110.60.168 13.110.60.168	14340 (SALESFORCE) (SALESFORCE)
2	18.188.207.117 18.188.207.117	16509 (AMAZON-02) (AMAZON-02)
115	46

1 13.111.180.242 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.em.firstunitedbank.com

click.em.firstunitedbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.232.45.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-45-244.compute-1.amazonaws.com

www.firstunitedbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.54.4 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.216.207.19 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

trabian-canvas-prd-files.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 160.8.187.13 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg1-c3-ams3.eu50-am3.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-20.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-38.bunnyinfra.net

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

12906424.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.168.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.91.62.186 (Groningen, Netherlands) 18 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.73.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-73-11.compute-1.amazonaws.com

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.110.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-110-63.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.227.64 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-227-64.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.89 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.204.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-204-155.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.163.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-163-17.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.246.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-246-21.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-15.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 160.8.186.13 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg1-c3-ams3.eu50-am3.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.60.168 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

d.la3-c2-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.188.207.117 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-207-117.us-east-2.compute.amazonaws.com

d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	simpli.fi 18 redirects tag.simpli.fi — Cisco Umbrella Rank: 5530 i.simpli.fi — Cisco Umbrella Rank: 4725 um.simpli.fi — Cisco Umbrella Rank: 999	19 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 td.doubleclick.net — Cisco Umbrella Rank: 216 12906424.fls.doubleclick.net — Cisco Umbrella Rank: 992011 ad.doubleclick.net — Cisco Umbrella Rank: 155 stats.g.doubleclick.net — Cisco Umbrella Rank: 152 cm.g.doubleclick.net — Cisco Umbrella Rank: 297	12 KB
16	firstunitedbank.com 1 redirects click.em.firstunitedbank.com www.firstunitedbank.com — Cisco Umbrella Rank: 748088	2 MB
7	force.com service.force.com — Cisco Umbrella Rank: 4648	29 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 158 www.google.com — Cisco Umbrella Rank: 3	671 B
6	amazonaws.com trabian-canvas-prd-files.s3.amazonaws.com — Cisco Umbrella Rank: 256681	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	565 KB
5	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1647 insight.adsrvr.org — Cisco Umbrella Rank: 1140	6 KB
4	salesforceliveagent.com d.la3-c2-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 22056 d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com — Cisco Umbrella Rank: 9647	6 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	4 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 358	2 KB
3	survicate.com survey.survicate.com — Cisco Umbrella Rank: 5595 surveys-static.survicate.com — Cisco Umbrella Rank: 11851	116 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	83 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 292	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2165	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2006 ups.analytics.yahoo.com — Cisco Umbrella Rank: 531	568 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3062	812 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 601 d.agkn.com — Cisco Umbrella Rank: 816	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 477	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1614 pixel.quantserve.com — Cisco Umbrella Rank: 1273	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	22 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1636	3 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 569	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 446	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 99	694 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 487	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1128	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1159	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1400	444 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1622	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7382	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 459	140 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 537	99 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 648	238 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	6 KB
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 19913	170 KB
0	intentiq.com Failed sync.intentiq.com Failed
115	40

	Domain	Requested by
24	um.simpli.fi	18 redirects www.firstunitedbank.com
15	www.firstunitedbank.com	www.firstunitedbank.com
7	service.force.com	www.firstunitedbank.com service.force.com
6	trabian-canvas-prd-files.s3.amazonaws.com	www.firstunitedbank.com
6	www.googletagmanager.com	www.firstunitedbank.com www.googletagmanager.com
5	td.doubleclick.net	www.googletagmanager.com
4	www.facebook.com	www.firstunitedbank.com
4	12906424.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	insight.adsrvr.org	www.firstunitedbank.com js.adsrvr.org
4	tag.simpli.fi	www.googletagmanager.com
3	www.google.com	www.firstunitedbank.com
3	px.ads.linkedin.com	cds-sdkcfg.onlineaccess1.com www.firstunitedbank.com
3	analytics.google.com	cds-sdkcfg.onlineaccess1.com
3	connect.facebook.net	www.firstunitedbank.com connect.facebook.net
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com	service.force.com
2	d.la3-c2-ia4.salesforceliveagent.com	service.force.com
2	surveys-static.survicate.com	survey.survicate.com
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects www.firstunitedbank.com
2	loadm.exelator.com	1 redirects www.firstunitedbank.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects www.firstunitedbank.com
2	ad.doubleclick.net	www.firstunitedbank.com
2	www.google-analytics.com	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com
2	fonts.googleapis.com	www.firstunitedbank.com
1	pixel.quantserve.com	www.firstunitedbank.com
1	rules.quantcount.com	secure.quantserve.com
1	us-u.openx.net	www.firstunitedbank.com
1	pixel.rubiconproject.com	www.firstunitedbank.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	www.firstunitedbank.com
1	ce.lijit.com	www.firstunitedbank.com
1	bcp.crwdcntrl.net	www.firstunitedbank.com
1	stags.bluekai.com	www.firstunitedbank.com
1	sync.bfmio.com	www.firstunitedbank.com
1	ups.analytics.yahoo.com	www.firstunitedbank.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	www.firstunitedbank.com
1	eb2.3lift.com	www.firstunitedbank.com
1	sync.1rx.io	www.firstunitedbank.com
1	s.ad.smaato.net	www.firstunitedbank.com
1	i.simpli.fi	tag.simpli.fi
1	stats.g.doubleclick.net	www.googletagmanager.com
1	survey.survicate.com	www.firstunitedbank.com
1	js.adsrvr.org	www.googletagmanager.com
1	secure.quantserve.com	www.firstunitedbank.com
1	snap.licdn.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.firstunitedbank.com
1	cds-sdkcfg.onlineaccess1.com	www.firstunitedbank.com
1	click.em.firstunitedbank.com	1 redirects
0	sync.intentiq.com Failed	www.firstunitedbank.com
115	55

This site contains links to these domains. Also see Links.

Domain
www.idprotectme247.com
firstunitedbank.banzai.org
firstunitedteam.mymortgage-online.com
www.ordermychecks.com
online.firstunitedbank.com
itunes.apple.com
play.google.com
facebook.com
twitter.com
www.linkedin.com
www.reportfraud.ftc.gov
www.annualcreditreport.com
www.facebook.com
www.youtube.com
www.levelaccess.com

Subject Issuer	Validity	Valid
firstunitedbank.com Amazon RSA 2048 M03	`2024-06-09` - `2025-07-08`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
onlineaccess1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.eu50.force.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-24` - `2025-05-22`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
quantserve.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2024-08-19` - `2025-09-19`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
www.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
la3-c2-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2024-04-22` - `2025-04-20`	a year	crt.sh
la1-core1.sfdc-8tgtt5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-14` - `2025-08-14`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Frame ID: 7FE18EDC8221E88D67D723E8B27CE9BF
Requests: 106 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10907350128?random=1727460010700&cv=11&fst=1727460010700&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&fledge=1&data=event%3Dgtag.config
Frame ID: C7C3289E50D86C7093D98F733037A80E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-962206649?random=1727460011047&cv=11&fst=1727460011047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0z8845215761za201zb845215761&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 49A9A7805CF2EF6A066F24B6D7A42254
Requests: 1 HTTP requests in this frame

Frame: https://12906424.fls.doubleclick.net/activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758
Frame ID: 3EB43414C383F0322CBF07333E50886C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758
Frame ID: EE33F285E490C25C08F85A70520DBCA3
Requests: 1 HTTP requests in this frame

Frame: https://12906424.fls.doubleclick.net/activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758
Frame ID: 085441E463B06115A06D9037B6840FE7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758
Frame ID: A2936D5BC2CC2FADED8320C061063037
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-TBD4M82JX2&gacid=315422016.1727460011&gtm=45je49p0v883639361z8845215761za200zb845215761&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=289307109
Frame ID: 70D79F9D381EAC45DACBCC8017C72526
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Frame ID: 15B3C8278C412D8599F4922CB09B8DB8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=49o1lfv&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=298gui4&upv=1.1.0&paapi=1
Frame ID: C8F0AD16C68BB721916F48293891C972
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hk1k1ls&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=766s9ny&upv=1.1.0&paapi=1
Frame ID: 25E05D3B9D9CBBB70172A0A1485412EA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4xn5pbi&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=78g6le4&upv=1.1.0&paapi=1
Frame ID: A701A15CF17297CE58100D9172F6491F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4 Ways Bank Imposters Try to Scam You | First United Bank

Page URL History Show full URLs

https://click.em.firstunitedbank.com/?qs=2e22828222a1858772bfeb801e13952f6c0fb27812c7982f5b5b6e7f98a81833c9f0c7e6... HTTP 302
https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=... Page URL

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

115
Requests

83 %
HTTPS

0 %
IPv6

40
Domains

55
Subdomains

46
IPs

6
Countries

3883 kB
Transfer

7507 kB
Size

34
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.idprotectme247.com/sec/
Title: Secure Checking Services

Search URL Search Domain Scan URL

URL: https://firstunitedbank.banzai.org/wellness
Title: Financial Literacy

Search URL Search Domain Scan URL

URL: https://firstunitedteam.mymortgage-online.com/
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://www.ordermychecks.com/login_a.jsp
Title: Order Checks

Search URL Search Domain Scan URL

URL: https://online.firstunitedbank.com/firstunitedbank/uux.aspx#/login/resetPasswordUsername
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://online.firstunitedbank.com/firstunitedbank/sdk/AutoEnrollmentE2E
Title: Enroll Personal

Search URL Search Domain Scan URL

URL: https://online.firstunitedbank.com/firstunitedbank_retailE2E/enroll.html
Title: Enroll Business

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/first-united-bank-mobile/id1096940973?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.firstunitedbank3715.mobile

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Search URL Search Domain Scan URL

URL: https://www.reportfraud.ftc.gov/
Title: ReportFraud.FTC.gov.

Search URL Search Domain Scan URL

URL: https://www.annualcreditreport.com/index.action
Title: AnnualCreditReport.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstunited1
Title: First United Bank Facebook Page

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/first-united-bank
Title: First United Bank LinkedIn Page

Search URL Search Domain Scan URL

URL: https://twitter.com/firstunitedbank
Title: First United Bank Twitter Page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOzUPOzm19BZq97V5jaB4Bw
Title: First United Bank YouTube Page

Search URL Search Domain Scan URL

URL: https://www.levelaccess.com/a/first-united-bank/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.em.firstunitedbank.com/?qs=2e22828222a1858772bfeb801e13952f6c0fb27812c7982f5b5b6e7f98a81833c9f0c7e6de76b300ca3094c0ced6f9eb9dcacfbfc5b82e87 HTTP 302
https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://12906424.fls.doubleclick.net/activityi;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758 HTTP 302
https://12906424.fls.doubleclick.net/activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758

Request Chain 56

https://12906424.fls.doubleclick.net/activityi;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758 HTTP 302
https://12906424.fls.doubleclick.net/activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758

Request Chain 69

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 70

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 71

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=52FA4B1C2F824A6C9E88D33E04F6F08F&dongle=yf3

Request Chain 72

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 73

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 74

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=52FA4B1C2F824A6C9E88D33E04F6F08F HTTP 302
https://d.agkn.com/pixel/10751/?che=1727460012884&ip=185.198.62.96&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216443105018003340935 HTTP 302
https://um.simpli.fi/aa_px?sk=216443105018003340935 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 75

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 78

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=52FA4B1C2F824A6C9E88D33E04F6F08F;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=52FA4B1C2F824A6C9E88D33E04F6F08F;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 79

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0&xl8blockcheck=1

Request Chain 81

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 82

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 83

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 84

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 85

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 86

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1727460011366&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI6vL4gtrjiAMVFuoRCB3i8iWhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5maXJzdHVuaXRlZGJhbmsuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI6vL4gtrjiAMVFuoRCB3i8iWhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5maXJzdHVuaXRlZGJhbmsuY29tLw&is_vtc=1&cid=CAQSKQDpaXnf7Dl0H1aeGFTLI5Cj7HOvujZlVPY3Qfc7qsMKQ8YdiZ-slRBR&random=2398082400

Request Chain 88

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=52FA4B1C2F824A6C9E88D33E04F6F08F HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 89

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=52FA4B1C2F824A6C9E88D33E04F6F08F&expires=365

Request Chain 90

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=52FA4B1C2F824A6C9E88D33E04F6F08F

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESECY8Ek4xoz2YX1a892hJ-4k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=52FA4B1C2F824A6C9E88D33E04F6F08F HTTP 302
https://um.simpli.fi/g_match?id=

115 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4-ways-bank-imposters-try-scam-you Show response
www.firstunitedbank.com/spendlifewisely/
Redirect Chain

https://click.em.firstunitedbank.com/?qs=2e22828222a1858772bfeb801e13952f6c0fb27812c7982f5b5b6e7f98a81833c9f0c7e6de76b300ca3094c0ced6f9eb9dcacfbfc5b82e87
https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

173 KB
42 KB

615ms
268ms

Document
text/html

3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0b01ad20d7cae4cd941a293067b944417236b15a02db2a392510bbb1f022c198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300, public
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 27 Sep 2024 18:00:07 GMT
etag: W/"1727459967"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 27 Sep 2024 17:59:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 336
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Sep 2024 18:00:05 GMT
Location: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

GET
H2 200 css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css
www.firstunitedbank.com/sites/default/files/css/ 549 KB
100 KB 162ms
158ms Stylesheet
text/css 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Requested by

Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a484c0dc79575c571bae9c0f9b5867f29c587b0cc498b774166b2b2b68637368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

content-encoding: gzip
etag: "66eaf056-18d1c"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
date: Fri, 27 Sep 2024 18:00:07 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 15:23:02 GMT
vary: Accept-Encoding
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101660
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 css_BXWPeZr_0KZmHPedK03n7H4Cijfu2O6nSHetNgmnKEU.css
www.firstunitedbank.com/sites/default/files/css/ 190 KB
25 KB 295ms
291ms Stylesheet
text/css 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/sites/default/files/css/css_BXWPeZr_0KZmHPedK03n7H4Cijfu2O6nSHetNgmnKEU.css?delta=1&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffdf2ce5f8acaadbcbec90a961229ed6c9a60eb3ebfd52aa1c8ca70000341b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

content-encoding: gzip
etag: "66e48d78-605d"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
date: Fri, 27 Sep 2024 18:00:07 GMT
content-type: text/css
last-modified: Fri, 13 Sep 2024 19:07:36 GMT
vary: Accept-Encoding
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24669
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 1957ms
1109ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 18:00:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:09 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 27 Sep 2024 17:06:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 fa-v5compatibility.min.css
www.firstunitedbank.com/themes/custom/q2_base/dist/css/ 936 B
691 B 208ms
205ms Stylesheet
text/css 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/themes/custom/q2_base/dist/css/fa-v5compatibility.min.css?sk0lbo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

15566adfced164c7c1d7154ce6ad18e310786dec9668cc7587e51faf48d880a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
content-encoding: gzip
etag: W/"66df527a-3a8"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:07 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Mon, 09 Sep 2024 19:54:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css_JsEAteI9tqii3sFbFLtljxInTF9i5KpXXXuLCXIs0YE.css
www.firstunitedbank.com/sites/default/files/css/ 434 KB
44 KB 163ms
160ms Stylesheet
text/css 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/sites/default/files/css/css_JsEAteI9tqii3sFbFLtljxInTF9i5KpXXXuLCXIs0YE.css?delta=4&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3723bd93d1a16f34bd1da6d5b2820d6b9fb14c8d89fe1724c677944770245c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

content-encoding: gzip
etag: "66eaf003-ace6"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
date: Fri, 27 Sep 2024 18:00:07 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 15:21:39 GMT
vary: Accept-Encoding
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44262
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
907 B 1955ms
1108ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

ca55cfcd029a1e2251ea30d5c85b60103dd6bedadeb35981daaf29c2391bb7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 18:00:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:09 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 27 Sep 2024 17:40:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 302 KB
170 KB 716ms
311ms Script
application/javascript 192.0.54.4
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a54f4583e67e45276d95c38e79b2f2caf31f95f27ea80379bb0e1bed1c5c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
x-ion-hop: prod
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
via: 1.1 google
cf-ray: 8c9d6439b8270e1a-MXP
expires: 0
date: Fri, 27 Sep 2024 18:00:08 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 630ms
56ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26361158-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9b1dd16c3373312df32be6f76d555a2310453c438ce5b47cdeb0f68c1efc7eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74113
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 674ms
101ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10907350128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8cd0256eb5b895cac5284e6f46e70e0780fe5cb408d7fc32e51e785044940941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85898
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 logo-white.svg
www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/ 18 KB
7 KB 294ms
292ms Image
image/svg+xml 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/logo-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

89ace1c634255ac3450d36bbc5d3a9af94e27a8b9f8e5856fe077a7a5c2c117e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
content-encoding: gzip
etag: W/"66e480d5-4693"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:07 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Fri, 13 Sep 2024 18:13:41 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 apple-app.png
www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/images/ 9 KB
10 KB 366ms
366ms Image
image/png 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/images/apple-app.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

27d296196c5be4c49d809a39ed854b835f72ad0c0318bc65195b37a0180efe31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66e480e8-255b"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9563
date: Fri, 27 Sep 2024 18:00:07 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Fri, 13 Sep 2024 18:14:00 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 google-app.png
www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/images/ 11 KB
11 KB 175ms
175ms Image
image/png 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/images/google-app.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

60863d879854e15778cf0e1267b2f7fb143e1c24d3d793c8cd3f43fa0a368347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66e480d5-2a61"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:08 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10849
date: Fri, 27 Sep 2024 18:00:08 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Fri, 13 Sep 2024 18:13:41 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 logo.svg
www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/ 17 KB
7 KB 172ms
171ms Image
image/svg+xml 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstunitedbank.com/sites/default/themes/firstunitedbank-com/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

390b18f03a71ac3d7ecfccb02a1f4a88afc714d7b2183144fc17f623bb295c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
content-encoding: gzip
etag: W/"66e480e8-4501"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:08 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:08 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Fri, 13 Sep 2024 18:14:00 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK imposterscam_1500x753_1.jpeg
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/ 123 KB
124 KB 1509ms
176ms Image
image/jpeg 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/imposterscam_1500x753_1.jpeg?VersionId=w8q44.yL4IDw4qPa5FP0mLRdNeNeqx_y
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 580969e325665913f5d65cbbcce729b653401e86f13a64ac61c19ff45a3eaab0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-amz-id-2: 44swd2Rdo4OC+1g9uiVtoxJxjwZnD5dXYfTjOSzzfC5sQM0+Z4KK1ryIk5dpZbZFd9CL6RIrfKU=
ETag: "ad7491ec17e1e46e010ed9c1cf1345a9"
x-amz-version-id: w8q44.yL4IDw4qPa5FP0mLRdNeNeqx_y
x-amz-request-id: ZWFQ244SZPKYKASY
Accept-Ranges: bytes
Content-Length: 126021
Date: Fri, 27 Sep 2024 18:00:10 GMT
Last-Modified: Tue, 16 Jan 2024 17:56:54 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK bank_imposters.jpg
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/ 705 KB
705 KB 436ms
146ms Image
image/jpeg 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/bank_imposters.jpg
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e20829319849243a2659d155340d3756afc0f76fcf00f0e24176cd85632317c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-amz-id-2: vN6IeEIPa3JuIwFdDMAUqYLzXbIQCLHgm1HENr/9zJWtMvIO76ekClnZUye4QJEIazTcTWiec4Y=
ETag: "9c1876e6219be68b11b8b741de74a630"
x-amz-version-id: uhBjsZovP6uPsmXfF4ywlkt6RU6IlzQN
x-amz-request-id: ZWFZHT7EVYZPHHP6
Accept-Ranges: bytes
Content-Length: 721904
Date: Fri, 27 Sep 2024 18:00:10 GMT
Last-Modified: Thu, 08 Feb 2024 20:47:55 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK blog_onlinesecurity.jpg
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/ 83 KB
83 KB 597ms
256ms Image
image/jpeg 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/blog_onlinesecurity.jpg?VersionId=rYos7kW2H6yczrIt25g5iQI7Ad_ERpGi
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3bbd4e17a1b48e3ed1d5302d26167cb81a3351a1a4e208a0e4ffca1297d68882

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-amz-id-2: +HwkeSivFgUpf8dlLHaiATksPcWHlpsbHngTJeOW7qpnN3sOoxMPJh8cjBrCf9TM4PFLiwyga5s=
ETag: "4cf32d34d898eb2b03bb7f00697d57d3"
x-amz-version-id: rYos7kW2H6yczrIt25g5iQI7Ad_ERpGi
x-amz-request-id: ZWFY9AGHAA26H3F9
Accept-Ranges: bytes
Content-Length: 84725
Date: Fri, 27 Sep 2024 18:00:10 GMT
Last-Modified: Tue, 12 Sep 2023 16:17:20 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK emailcomp_headerimage.jpg
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/ 100 KB
100 KB 643ms
276ms Image
image/jpeg 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/emailcomp_headerimage.jpg?VersionId=kigsTvlf8LqLksaAHqzsKDIgfU7Ea1b.
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d6f80adba63456e27945985d3b56cbaa9f5d49f37b3e53876df86d838f60556d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-amz-id-2: glI706yTqPOuXOQ8HKiV6LmlpR5H5ViH3ZfrMFZDEkgd+8Sz5Ygzt7EtKLYuMpK74TfMY/ctnKw=
ETag: "8954603e511c24bfe6f6efe2fc82f3ca"
x-amz-version-id: kigsTvlf8LqLksaAHqzsKDIgfU7Ea1b.
x-amz-request-id: ZWFT9JPG34J3H0W7
Accept-Ranges: bytes
Content-Length: 102267
Date: Fri, 27 Sep 2024 18:00:10 GMT
Last-Modified: Thu, 14 Sep 2023 18:30:58 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK checkscams_headerimage.jpg
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/ 89 KB
90 KB 782ms
142ms Image
image/jpeg 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/image/checkscams_headerimage.jpg?VersionId=_u5ECkxWQzl8U4JPh43QbCOdMwH.gg2K
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a087828957bed0908386b14329fa2695c40889b152db6f20db02f7ea7c9fb75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-amz-id-2: 07W2Zlgt7pUNhpQ6mWMtHHp/Z+lh1fvDmqH+/A+tCtwji9qw2YB2Ixg1dCogdnnnHp4XAf8MLSY=
ETag: "420af3c905a0eab9962879218f1848ae"
x-amz-version-id: _u5ECkxWQzl8U4JPh43QbCOdMwH.gg2K
x-amz-request-id: EGD6FPRSFERZQBZ1
Accept-Ranges: bytes
Content-Length: 91597
Date: Fri, 27 Sep 2024 18:00:11 GMT
Last-Modified: Mon, 06 Mar 2023 19:38:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js_7C7pta37zFyCWifGhK2vgY_8-Fa5hYX0-7e157atIqU.js Show response
www.firstunitedbank.com/sites/default/files/js/ 327 KB
78 KB 153ms
153ms Script
application/javascript 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/sites/default/files/js/js_7C7pta37zFyCWifGhK2vgY_8-Fa5hYX0-7e157atIqU.js?scope=footer&delta=0&language=en&theme=firstunitedbank&include=eJyFj00SwyAIhS9Ux5leyCFKElrFREinvX3VukoWXQHfe_ztdwchEbv8wlIooNj9gm4VyQobuoAzsmD1mA7MAM0xQRWWmCeIRnyhTeU2UxE9mBTDBPz8J8_54ABKmY1U-FucoKgThOJXe6oveiRR9-h9EAK1SRBdzAvxeOwE--E1tSO2OnwYEnnnMyuy2itqLnwrlj6I6uVn0BwJ-bAjfgEJqor0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1c46141521593364805720dde2d493876012878b7824cae4a12c6d6e80923d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

content-encoding: gzip
etag: "66eaefff-13669"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:08 GMT
date: Fri, 27 Sep 2024 18:00:08 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 15:21:35 GMT
vary: Accept-Encoding
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79465
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 list.min.js Show response
cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/ 18 KB
6 KB 1553ms
75ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed2-46b5"
age: 629654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5CJGkGuA0LyW1k7R2QBurS7yk3pCjUsVnTAFU8G9azJE%2F9ok3pqez4rr4sjRCSPmjRt4vn7hqDcxMpfFYS%2Fxju9LQtNWp8wpMbGFKSxkS6Q9TVwL%2Bor6CpW18ng4OIVCQ4HoqYk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 18:00:09 GMT
date: Fri, 27 Sep 2024 18:00:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c9d64456fcabaf4-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5556
server: cloudflare

GET
H2 200 js_fKbLlpKtlCcZ9IIJKkwWR8eDTkZXjS86NUtk7J_l9qI.js Show response
www.firstunitedbank.com/sites/default/files/js/ 17 KB
4 KB 143ms
141ms Script
application/javascript 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/sites/default/files/js/js_fKbLlpKtlCcZ9IIJKkwWR8eDTkZXjS86NUtk7J_l9qI.js?scope=footer&delta=2&language=en&theme=firstunitedbank&include=eJyFj00SwyAIhS9Ux5leyCFKElrFREinvX3VukoWXQHfe_ztdwchEbv8wlIooNj9gm4VyQobuoAzsmD1mA7MAM0xQRWWmCeIRnyhTeU2UxE9mBTDBPz8J8_54ABKmY1U-FucoKgThOJXe6oveiRR9-h9EAK1SRBdzAvxeOwE--E1tSO2OnwYEnnnMyuy2itqLnwrlj6I6uVn0BwJ-bAjfgEJqor0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fb5951d5aac41adb6fb09f7ad1836b405489d109fc6bd9bdcaaf2b38f2ecba7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Response headers

content-encoding: gzip
etag: "66eaf001-f90"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
date: Fri, 27 Sep 2024 18:00:09 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 15:21:37 GMT
vary: Accept-Encoding
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With
strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3984
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 303ms
85ms Script
application/x-javascript 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:09 GMT
last-modified: Tue, 04 Jul 2023 00:26:54 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 605 KB
138 KB 864ms
291ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

96819cf55867255cbaeef9a6f88777ce2e338525bc40c26ea9000c4595ce7d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140929
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 550ms
44ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 101754
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 13:44:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 13:44:16 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H2 200 fa-light-300.woff2
www.firstunitedbank.com/libraries/fontawesome/webfonts/ 447 KB
448 KB 162ms
159ms Font
font/woff2 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/libraries/fontawesome/webfonts/fa-light-300.woff2

Requested by

Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66df5278-6fd48"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 458056
date: Fri, 27 Sep 2024 18:00:09 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Mon, 09 Sep 2024 19:54:32 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 fa-solid-900.woff2
www.firstunitedbank.com/libraries/fontawesome/webfonts/ 340 KB
341 KB 272ms
269ms Font
font/woff2 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/libraries/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66df5278-54f84"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 348036
date: Fri, 27 Sep 2024 18:00:09 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Mon, 09 Sep 2024 19:54:32 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 607ms
102ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 116709
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 09:35:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 09:35:01 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 587ms
82ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 101124
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 13:54:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 13:54:46 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 fa-brands-400.woff2
www.firstunitedbank.com/libraries/fontawesome/webfonts/ 115 KB
116 KB 216ms
213ms Font
font/woff2 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/libraries/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66df5278-1cd84"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 118148
date: Fri, 27 Sep 2024 18:00:09 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Mon, 09 Sep 2024 19:54:32 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 fa-regular-400.woff2
www.firstunitedbank.com/libraries/fontawesome/webfonts/ 409 KB
410 KB 188ms
186ms Font
font/woff2 3.232.45.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstunitedbank.com/libraries/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-244.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://www.firstunitedbank.com/sites/default/files/css/css_u6I6N9mDeGMo9BbrT_aBd88-7B2rjeRsWos4ZZ0lSEI.css?delta=0&language=en&theme=firstunitedbank&include=eJxlkOsOgyAMhV_I2WTJnocUKa6Ri6OdzrefuFvC_nDar-HAqc9JcSXJkcD_6n4lW1vpbmeDLnIyeaFS2JHAP-pkE6UIFoXqjaowhmwxnES3wGn8YnoolbQPvv4H9nhaLkOOMypbDqxb57mI3hMrOYtpag3bcWMcyTGC57DTfsBZOaf6WsQZXmIGkW5hWgWOs4_Z3cMRQCIWNUJYhis0_WsljqshBhPyyOm9lAYe4fYS3lr7zy_NnmGCFjwB1aSaKg

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
cache-control: max-age=86400
etag: "66df5278-66488"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 418952
date: Fri, 27 Sep 2024 18:00:09 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Mon, 09 Sep 2024 19:54:32 GMT
server: nginx
access-control-allow-headers: Cache-Control, Content-Type, DNT, If-Modified-Since, Range, User-Agent, X-Requested-With

GET
H2 200 common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
2 KB 80ms
79ms Script
application/x-javascript 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:09 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:09 GMT
last-modified: Thu, 17 Feb 2022 23:57:30 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
4 KB 102ms
102ms Stylesheet
text/css 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:10 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:10 GMT
last-modified: Fri, 27 Aug 2021 14:11:56 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 111ms
111ms Script
application/x-javascript 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:10 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:10 GMT
last-modified: Wed, 17 Aug 2022 20:11:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aec7b1b801dff0d7070ff919a98798a8d0e0ea3c2f2cdeee08ca9b65b83fa327

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET d2f6a127-f3ec-48a5-a10c-ba564f4a9896
https://www.firstunitedbank.com/ Frame 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 592ms
88ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26361158-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
age: 1803
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 19:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 17:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10907350128/ 5 KB
3 KB 768ms
126ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10907350128/?random=1727460010700&cv=11&fst=1727460010700&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10907350128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ce4447320389dddcf46cf1d1a993c3a8f18b3ed08e547c6e020c3aee19716772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2440
date: Fri, 27 Sep 2024 18:00:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10907350128
td.doubleclick.net/td/rul/ Frame C7C3 0
0 750ms
75ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10907350128?random=1727460010700&cv=11&fst=1727460010700&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10907350128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 343 KB
108 KB 185ms
184ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TBD4M82JX2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

745603ad4f206c0c3ec796dadfa0f167dd4ff3e85e86227af7acc38d732aab89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110524
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 492ms
42ms Script
application/javascript 184.24.77.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-24-77-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: max-age=55143
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 27 Sep 2024 18:00:11 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 119ms
119ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12906424&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9eec8df2c57f52e00ee51fa75efc882d530b6a9dca6006327bae70e9b6ebae81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79800
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 58ms
58ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-962206649&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

27eabba51edeff3d318c7df0f21952429174f368ec02a4a6f94716424717adce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 27 Sep 2024 18:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85909
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 1328ms
244ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "HP/dXILNCv8vRT01LqWQOg=="
expires: Fri, 04 Oct 2024 18:00:11 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 14 KB
6 KB 497ms
125ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: W/"0a898f6edf2d77595f7378557dd8fb96"
Age: 56696
Connection: keep-alive
Via: 1.1 725f43139b6c583d9defb7c5029a8928.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 5lbENVdIkcs3tCsQxZ07tFJzB2A_aYAnd97aJkmubt9Mdr3Z0qUsUw==
Date: Fri, 27 Sep 2024 02:15:16 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 11 Sep 2024 19:27:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
60 KB 668ms
96ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1288, tbw=2895, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: GZrl6DvmCvDcOTXUjHsBCP9dRjIPG3K8Ql6j/bcVbhsSkec8CSp36sAfLKE5Scm49ltRKX3ZIzQuNH9GCTR1VQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59070
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/3b6be23514a93339fc167d1d8a63bacb/ 7 KB
4 KB 841ms
128ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.survicate.com/workspaces/3b6be23514a93339fc167d1d8a63bacb/web_surveys.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

5cf465f51e6b90458da94aced8782b072c0369fdd0808178b02d094dc37ba3cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "9ab9cf5e8ae5631a9799ac15f8915400"
x-amz-version-id: UE_6uQxspTk9pX7vdtaxw2_53VpcY_8r
report-to: { "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] }
x-content-type-options: nosniff
last-modified: Wed, 25 Sep 2024 09:44:06 GMT
content-type: application/javascript; charset=utf-8
cdn-cachedat: 09/25/2024 12:06:29
cdn-cache: REVALIDATED
cache-control: max-age=30
cdn-requestpullsuccess: True
cdn-pullzone: 1158558
cdn-proxyver: 1.04
x-amz-request-id: FSRHB81YF9P39G0J
referrer-policy: strict-origin-when-cross-origin
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: IT
date: Fri, 27 Sep 2024 18:00:11 GMT
vary: Accept-Encoding
x-amz-id-2: gQnXce1h2noENlil9/6BKbEl7X4j4i56elUuVSvHmjcmUp1L/ayDJqDstOILSRdU4uwwlf/wJ9Q=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-requestpullcode: 200
content-security-policy: default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
cdn-requesttime: 0
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
cdn-requestid: 69be17fb8a4d885089565a0a9a35ae5f
access-control-allow-origin: *

GET
H2 200 0cd07963-aee8-45ae-924e-8d8851c51b48 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 263ms
67ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/0cd07963-aee8-45ae-924e-8d8851c51b48
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 71913e22ca91ca33787b20a91b1e2ffa155f83db0e8f2ae0e59a9f73c865d6d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-request-id: F_kruj_3YHQ9_YMwM_rB
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 d8655690-88a8-4a08-b9b7-ec329d8d5da7 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 282ms
86ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/d8655690-88a8-4a08-b9b7-ec329d8d5da7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: c1ff9b93e93946e681b6a16e30ea63c8c4e10feee49dfce980d27e46b6c6e280

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-request-id: F_kruj_4KLoDyOkvEf0B
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 6ce25548-3650-4c12-bb34-9e0cfd1389a8 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 262ms
67ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/6ce25548-3650-4c12-bb34-9e0cfd1389a8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: f37e73acf947790e5e96aee6a6f9b3243906e70ac83613a1c2a8e434e620fa61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-request-id: F_kruj_3VXUOKUqHVvlC
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 1816922f-6423-415a-b56a-8270dfa34261 Show response
tag.simpli.fi/sifitag/ 3 KB
1 KB 48ms
47ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/1816922f-6423-415a-b56a-8270dfa34261
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T65FC2B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 71913e22ca91ca33787b20a91b1e2ffa155f83db0e8f2ae0e59a9f73c865d6d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

x-request-id: F_krukLsxaZVLOAvEf4B
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 360ms
96ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=49o1lfv&ct=0:aai7s6n&fmt=3
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-length: 70
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-962206649/ 5 KB
3 KB 447ms
149ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-962206649/?random=1727460011047&cv=11&fst=1727460011047&bg=ffffff&guid=ON&async=1&gtm=45be49p0z8845215761za201zb845215761&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-962206649&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0846ac03d659516b3473d0335401ef5374484de5e8f08aacadfa657f8099db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2461
date: Fri, 27 Sep 2024 18:00:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 AW-962206649
td.doubleclick.net/td/rul/ Frame 49A9 0
0 380ms
64ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/AW-962206649?random=1727460011047&cv=11&fst=1727460011047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0z8845215761za201zb845215761&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-962206649&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
12906424.fls.doubleclick.net/ Frame 3EB4
Redirect Chain

https://12906424.fls.doubleclick.net/activityi;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://12906424.fls.doubleclick.net/activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;u...

0
0

51ms
50ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12906424.fls.doubleclick.net/activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12906424&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 27 Sep 2024 18:00:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12906424.fls.doubleclick.net/activityi;dc_pre=CJ-r24La44gDFXWP_Qcdk5kGYw;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame EE33 0
0 371ms
105ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12906424&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
12906424.fls.doubleclick.net/ Frame 0854
Redirect Chain

https://12906424.fls.doubleclick.net/activityi;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://12906424.fls.doubleclick.net/activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;u...

0
0

54ms
51ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12906424.fls.doubleclick.net/activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12906424&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 470
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 27 Sep 2024 18:00:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12906424.fls.doubleclick.net/activityi;dc_pre=CM6o24La44gDFVcDdQEdU3I8_w;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame A293 0
0 336ms
82ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12906424&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activity;register_conversion=1;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
2 KB 334ms
75ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12906424;type=siter0;cat=sitev0;ord=7090537418055;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=2057327960;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 27 Sep 2024 18:00:11 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2079455699722007120"}],"aggregatable_trigger_data":[{"filters":[{"14":["13736878"]}],"key_piece":"0x47af5afec6a666dc","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xe03c842e7a5b9a02","not_filters":{"14":["13736878"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5284731728354765145","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2079455699722007120","filters":[{"14":["13736878"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2079455699722007120","filters":[{"14":["13736878"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2079455699722007120","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2079455699722007120","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12906424"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 activity;register_conversion=1;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
1 KB 203ms
77ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12906424;type=siter0;cat=conv_0;ord=1201339272764;npa=0;auiddc=1863777251.1727460011;ps=1;pcor=1035995282;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49p0v9190274021z8845215761za201zb845215761;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 27 Sep 2024 18:00:11 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"16115449458212542921"}],"aggregatable_trigger_data":[{"filters":[{"14":["16427055"]}],"key_piece":"0x93d5f65417a5e0b9","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xfaaea923db909681","not_filters":{"14":["16427055"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13695134082733239227","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16115449458212542921","filters":[{"14":["16427055"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16115449458212542921","filters":[{"14":["16427055"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16115449458212542921","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16115449458212542921","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12906424"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 525ms
50ms Fetch
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TBD4M82JX2&gtm=45je49p0v883639361z8845215761za200zb845215761&_p=1727460009552&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&cid=315422016.1727460011&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=Eg&_s=1&sid=1727460011&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&dt=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5340
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstunitedbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 668ms
95ms Ping
text/plain 142.251.168.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TBD4M82JX2&cid=315422016.1727460011&gtm=45je49p0v883639361z8845215761za200zb845215761&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBD4M82JX2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.168.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wh-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstunitedbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 70D7 0
0 179ms
62ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-TBD4M82JX2&gacid=315422016.1727460011&gtm=45je49p0v883639361z8845215761za200zb845215761&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=289307109

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBD4M82JX2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 18:00:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 473ms
51ms Fetch
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TBD4M82JX2&gtm=45je49p0v883639361za200zb845215761&_p=1727460009552&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&cid=315422016.1727460011&ul=it-it&sr=1600x1200&ir=1&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pae=1&_eu=AAg&_s=2&sid=1727460011&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&dt=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&en=slw_blog_01&_et=43&tfd=5393
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstunitedbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 p Show response
i.simpli.fi/ 798 B
760 B 59ms
49ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=482295&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/0cd07963-aee8-45ae-924e-8d8851c51b48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 174dc57615110879a892f955bc95bf0ec3e3c49025d5319080ee257b9592f557

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
624 B 797ms
231ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstunitedbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2E44B962BF12439E88C0B45B8EA6F3EB Ref B: MRS20EDGE0220 Ref C: 2024-09-27T18:00:11Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYjHaBhaKEEQwP9PxYClA==
x-li-proto: http/2
access-control-allow-origin: https://www.firstunitedbank.com
x-cache: CONFIG_NOCACHE
date: Fri, 27 Sep 2024 18:00:11 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 691ms
225ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4311498&time=1727460011330&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&tm=gtmv2
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://www.firstunitedbank.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 0006231da05f74323b3f3c0b89fdeb0e
x-msedge-ref: Ref A: 82F7B3C2D11A4F0399BA02707A78B28B Ref B: MRS20EDGE0215 Ref C: 2024-09-27T18:00:11Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYjHaBfdDI7PzwLif3rDg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 collect
px.ads.linkedin.com/ 0
668 B 738ms
232ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4311498&time=1727460011330&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&tm=gtmv2
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AA42F431738149FB9AC4B904C15794EA Ref B: MRS20EDGE0220 Ref C: 2024-09-27T18:00:11Z
x-li-fabric: prod-lva1
x-li-uuid: AAYjHaBhE6xd5pIOoX7Vbg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
425 B 99ms
98ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=231633884&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&ul=it-it&de=UTF-8&dt=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=728270760&gjid=2138950835&cid=315422016.1727460011&tid=UA-26361158-1&_gid=1915990318.1727460011&_r=1&gtm=457e49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&jsscut=1&z=602742212

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.firstunitedbank.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:11 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.firstunitedbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=52FA4B1C2F824A6C9E88D33E04F6F08F

0
238 B

1135ms
175ms

Image
text/plain

13.32.27.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 13.32.27.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-108.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: cnMZ-lNxWUoG0SMB0BA950ThO62jxtUzzrJkqfRFUAkCG7KWPQw_GQ==
date: Fri, 27 Sep 2024 18:00:12 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

52FA4B1C2F824A6C9E88D33E04F6F08F
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/52FA4B1C2F824A6C9E88D33E04F6F08F

0
99 B

832ms
197ms

Image
text/plain

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/simplifi/52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
date: Fri, 27 Sep 2024 18:00:12 GMT
pragma: no-cache

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.1rx.io/usersync/simplifi/52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=52FA4B1C2F824A6C9E88D33E04F6F08F&dongle=yf3

37 B
140 B

584ms
175ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=52FA4B1C2F824A6C9E88D33E04F6F08F&dongle=yf3
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=52FA4B1C2F824A6C9E88D33E04F6F08F&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=52FA4B1C2F824A6C9E88D33E04F6F08F

43 B
175 B

1327ms
296ms

Image
image/gif

23.23.73.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 23.23.73.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-73-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F

95 B
427 B

100ms
98ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=52FA4B1C2F824A6C9E88D33E04F6F08F
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Fri, 27 Sep 2024 18:00:12 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=52FA4B1C2F824A6C9E88D33E04F6F08F
https://d.agkn.com/pixel/10751/?che=1727460012884&ip=185.198.62.96&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216443105018003340935
https://um.simpli.fi/aa_px?sk=216443105018003340935
https://um.simpli.fi/empty.gif

43 B
361 B

117ms
100ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Fri, 27 Sep 2024 18:00:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=52FA4B1C2F824A6C9E88D33E04F6F08F

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 130ms
127ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 130ms
128ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=52FA4B1C2F824A6C9E88D33E04F6F08F;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=52FA4B1C2F824A6C9E88D33E04F6F08F;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
88 B

373ms
349ms

Image
text/html

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Requested by

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.137 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Fri, 27 Sep 2024 18:00:13 GMT
age: 0
content-type: text/html
server: ATS/9.1.10.137

Redirect headers

cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
content-length: 344
date: Fri, 27 Sep 2024 18:00:13 GMT
content-type: text/html
content-language: en
server: ATS/9.1.10.137

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0&xl8blockcheck=1

0
775 B

116ms
111ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0&xl8blockcheck=1
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Fri, 27 Sep 2024 18:00:12 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=52FA4B1C2F824A6C9E88D33E04F6F08F&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 131ms
128ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=52FA4B1C2F824A6C9E88D33E04F6F08F

0
421 B

965ms
186ms

Image
text/plain

52.72.204.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Server: 52.72.204.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-204-155.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

Date: Fri, 27 Sep 2024 18:00:12 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=52FA4B1C2F824A6C9E88D33E04F6F08F

62 B
444 B

636ms
215ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=52FA4B1C2F824A6C9E88D33E04F6F08F
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=52FA4B1C2F824A6C9E88D33E04F6F08F

49 B
266 B

837ms
203ms

Image
image/gif

52.210.163.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 52.210.163.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-163-17.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif
x-server: 10.45.17.106
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=52FA4B1C2F824A6C9E88D33E04F6F08F

0
223 B

930ms
231ms

Image
text/plain

52.16.246.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 52.16.246.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 27 Sep 2024 18:00:12 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=52FA4B1C2F824A6C9E88D33E04F6F08F

0
98 B

199ms
60ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 27 Sep 2024 18:00:12 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1727460011366&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...

42 B
108 B

623ms
94ms

Image
image/gif

172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI6vL4gtrjiAMVFuoRCB3i8iWhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5maXJzdHVuaXRlZGJhbmsuY29tLw&is_vtc=1&cid=CAQSKQDpaXnf7Dl0H1aeGFTLI5Cj7HOvujZlVPY3Qfc7qsMKQ8YdiZ-slRBR&random=2398082400

Requested by

Protocol

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=1664034064&cv=7&fst=1727460011366&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI6vL4gtrjiAMVFuoRCB3i8iWhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5maXJzdHVuaXRlZGJhbmsuY29tLw&is_vtc=1&cid=CAQSKQDpaXnf7Dl0H1aeGFTLI5Cj7HOvujZlVPY3Qfc7qsMKQ8YdiZ-slRBR&random=2398082400
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Fri, 27 Sep 2024 18:00:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 137ms
136ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:11 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=52FA4B1C2F824A6C9E88D33E04F6F08F
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D52FA4B1C2F824A6C9E88D33E04F6F08F

43 B
1 KB

85ms
84ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D52FA4B1C2F824A6C9E88D33E04F6F08F

Requested by

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.96; 185.198.62.96; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: d8e41779-7c7b-4232-b974-fac5fa41b10a
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D52FA4B1C2F824A6C9E88D33E04F6F08F
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 185.198.62.96; 185.198.62.96; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: aa36f80b-a6f2-4c99-afa1-30d907e9c3c7
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=52FA4B1C2F824A6C9E88D33E04F6F08F&expires=365

0
239 B

418ms
79ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=52FA4B1C2F824A6C9E88D33E04F6F08F&expires=365
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=52FA4B1C2F824A6C9E88D33E04F6F08F&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=52FA4B1C2F824A6C9E88D33E04F6F08F

43 B
264 B

176ms
61ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=52FA4B1C2F824A6C9E88D33E04F6F08F
Requested by: Host: www.firstunitedbank.com
URL: https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=52FA4B1C2F824A6C9E88D33E04F6F08F
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Sep 2024 18:00:11 GMT
access-control-allow-origin: *
content-length: 142
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESECY8Ek4xoz2YX1a892hJ-4k&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=52FA4B1C2F824A6C9E88D33E04F6F08F
https://um.simpli.fi/g_match?id=

0
320 B

88ms
88ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 18:00:12 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:12 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control: no-cache, must-revalidate
location: https://um.simpli.fi/g_match?id=
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 229
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 /
www.google.com/pagead/1p-user-list/10907350128/ 42 B
455 B 450ms
95ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10907350128/?random=1727460010700&cv=11&fst=1727460000000&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686684~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfecSmOb-tovJVg83Sd2IhO7JGbhdEYA&random=4291613672&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-962206649/ 42 B
108 B 360ms
94ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-962206649/?random=1727460011047&cv=11&fst=1727460000000&bg=ffffff&guid=ON&async=1&gtm=45be49p0z8845215761za201zb845215761&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&hn=www.googleadservices.com&frm=0&tiba=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&npa=0&pscdl=noapi&auid=1863777251.1727460011&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfe5fg-czYQDt1ayv1BZ_pAc9t0Sbsow&random=2933873294&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 27 Sep 2024 18:00:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 8 KB
2 KB 80ms
47ms Stylesheet
text/css 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/fonts/fonts.css

Requested by

Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/3b6be23514a93339fc167d1d8a63bacb/web_surveys.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

789e8685a564e07274fec164118e89fa040ff2779c6efe3d781b94aeea6f06eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "c010d2df3fedabc7f87b52ab6c64fb45"
x-amz-version-id: DKfYFJEsnO6tE9_NLnsroT_BTwaFxnx2
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 14:03:49 GMT
content-type: text/css
cdn-cachedat: 09/24/2024 07:53:43
cdn-cache: HIT
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-pullzone: 1133799
cdn-proxyver: 1.04
x-amz-request-id: B3DMVX0F47C3YHRA
referrer-policy: strict-origin-when-cross-origin
x-xss-protection: 1; mode=block
cdn-edgestorageid: 756
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: IT
date: Fri, 27 Sep 2024 18:00:11 GMT
vary: Accept-Encoding
x-amz-id-2: QgyOJ367W4PAgmlGH55N9sWxpo3eJoqhaSLEqhYAwpD0c74sFOcOG5bhU4kd/iGsiho1Ww4GyAw=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-requestpullcode: 200
content-security-policy: default-src 'self'
cdn-requesttime: 1
x-frame-options: DENY
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
cdn-requestid: 716b6a22c688327554556e6493a5fafd
access-control-allow-origin: *

GET
H2 200 widget_core-24.14.0.js Show response
surveys-static.survicate.com/ 466 KB
110 KB 512ms
60ms Script
application/x-javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/widget_core-24.14.0.js

Requested by

Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/3b6be23514a93339fc167d1d8a63bacb/web_surveys.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

6ad10166c7d8f54484999e43aff6c5d450d8e22b2991ce8ebd5182f5c5fa1c22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://www.firstunitedbank.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "dacd12a127316c81d952a0e517acad15"
x-amz-version-id: szWH7lKYX8Tbh9hZJddGGpJrszp_ncfU
x-content-type-options: nosniff
last-modified: Wed, 25 Sep 2024 08:49:43 GMT
content-type: application/x-javascript
cdn-cachedat: 09/25/2024 08:58:12
cdn-cache: HIT
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-pullzone: 1133799
cdn-proxyver: 1.04
x-amz-request-id: MRBPRE9ZXYWW20RK
referrer-policy: strict-origin-when-cross-origin
x-xss-protection: 1; mode=block
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: IT
x-amz-meta-codebuild-content-sha256: 3e584a34f537d514f8d44d1643fd9b394b9ccfbe338eeb1c6ac58d795f5bacb8
access-control-max-age: 3600
x-amz-meta-codebuild-content-md5: 9db8de691c73ba875743921690fa2ecf
access-control-allow-methods: GET
date: Fri, 27 Sep 2024 18:00:12 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/prd-static:034dc0db-a15c-4bc2-b8e7-536f73c5c3cd
vary: Accept-Encoding
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: MEWJcB66KQ6g7ogostlW+zt0YCGFnZIq3XLEXQz6PswJ6BwUAuWBQ8cxhyPXPtH478o79AobYag=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-requestpullcode: 200
content-security-policy: default-src 'self'
x-frame-options: DENY
cdn-requesttime: 0
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
cdn-requestid: 4a755d9f900b652a4f870422418969de
access-control-allow-origin: *

GET
H2 200 1663959163880490 Show response
connect.facebook.net/signals/config/ 83 KB
17 KB 161ms
160ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663959163880490?v=2.9.168&r=stable&domain=www.firstunitedbank.com&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c6d399faaf700841d3d861d7348d747c1737574ccc7bf910fe1230d0791ab01a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 27 Sep 2024 18:00:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=67, mss=1288, tbw=64704, tp=-1, tpl=-1, uplat=74, ullat=0
pragma: public
x-fb-debug: ZEWhVuGm/iwxkuu4q9a7mzi2i1a2b8s7QrykVr6tJrdkX//aTq3d9XqOb19ipdoGUShHVG1ITvb/cbXsSUq+uw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 580311030325467 Show response
connect.facebook.net/signals/config/ 35 KB
6 KB 202ms
202ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580311030325467?v=2.9.168&r=stable&domain=www.firstunitedbank.com&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111%2C132%2C161%2C193%2C195%2C120%2C143%2C149%2C187%2C188%2C127%2C230%2C114%2C194%2C124%2C125%2C144%2C171%2C157%2C116%2C231%2C163%2C117%2C233%2C164%2C134%2C121%2C152%2C146%2C126

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

0e367b997f6515393bcd3992ccb008bcee7d7691f3022b8b0b6e6287f3da86ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=83, mss=1288, tbw=82537, tp=-1, tpl=-1, uplat=111, ullat=0
pragma: public
x-fb-debug: 6F+BbyDqaP0fS9+vJXv48vN2E7MbIVDZAD6/wCf5HCwr7ToYf6bohwGUnhL/a8aiEI77eWUXuJlRm6UO/KJGqg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 632ms
81ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663959163880490&ev=PageView&dl=https%3A%2F%2Fwww.firstunitedbank.com&rl=&if=false&ts=1727460011872&sw=1600&sh=1200&v=2.9.168&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1727460011867.705707031124086163&cs_est=true&pm=1&hrl=a24951&ler=empty&cdl=API_unavailable&it=1727460011687&coo=false&cs_cc=1&cas=25932484153009249%2C7837471929677975%2C7657498827665732&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1288, tbw=2798, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
856 B 730ms
373ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1663959163880490&ev=PageView&dl=https%3A%2F%2Fwww.firstunitedbank.com&rl=&if=false&ts=1727460011872&sw=1600&sh=1200&v=2.9.168&r=stable&a=tmgoogletagmanager&ec=0&o=12316&fbp=fb.1.1727460011867.705707031124086163&cs_est=true&pm=1&hrl=a24951&ler=empty&cdl=API_unavailable&it=1727460011687&coo=false&cs_cc=1&cas=25932484153009249%2C7837471929677975%2C7657498827665732&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419384257081212199"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Sep 2024 18:00:13 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: H7jfXDmIcmTxhaRkliajJ5gByoiPztMhPtRiP0fjx+JEWOGyY7NbQv8krYftWbBPh2tSmj2CcR7opAR5WJgpQw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419384257081212199", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1288, tbw=5986, tp=-1, tpl=-1, uplat=301, ullat=1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 435ms
81ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580311030325467&ev=PageView&dl=https%3A%2F%2Fwww.firstunitedbank.com&rl=&if=false&ts=1727460012086&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=12316&fbp=fb.1.1727460011867.705707031124086163&pm=1&hrl=f7b92b&ler=empty&cdl=API_unavailable&it=1727460011687&coo=false&cs_cc=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1288, tbw=2798, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Sep 2024 18:00:12 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 641ms
287ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=580311030325467&ev=PageView&dl=https%3A%2F%2Fwww.firstunitedbank.com&rl=&if=false&ts=1727460012086&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=12316&fbp=fb.1.1727460011867.705707031124086163&pm=1&hrl=f7b92b&ler=empty&cdl=API_unavailable&it=1727460011687&coo=false&cs_cc=1&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419384257907328807"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Sep 2024 18:00:13 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: SnLbRc9V6uUZvM4+nyb5o1j79IWn/T9La2khHw77qi3X4NaP21WViWZtCCIAP5kw/BoUJr2kNLEAUBLGcIdYJA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419384257907328807", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1288, tbw=3148, tp=-1, tpl=-1, uplat=216, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 rules-p-zhKMhSTYbqxy5.js Show response
rules.quantcount.com/ 10 KB
3 KB 2306ms
1041ms Script
application/javascript 18.66.102.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-zhKMhSTYbqxy5.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d207da54b72e891889fdc866ceb2946793e700dff7bbb0a0db48c4552c2faf14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

content-encoding: gzip
etag: W/"51f51d73c853a484fbebb010e3e76293"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ZG_W1TEx32QO69dKQICP93-AEE8GWXNLb_RIcPfu4dmBtBjlZsxykg==
date: Fri, 27 Sep 2024 18:00:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 21 Nov 2023 22:51:48 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pixel;r=114863582;labels=_fp.event.Default;rf=0;a=p-zhKMhSTYbqxy5;url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3De...
pixel.quantserve.com/ 35 B
516 B 502ms
487ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=114863582;labels=_fp.event.Default;rf=0;a=p-zhKMhSTYbqxy5;url=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=firstunitedbank.com;dst=1;et=1727460014908;tzo=-120;ogl=;ses=04ef4195-a82a-4c5b-bf46-30ffd6401eb2;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1808650063-1727460012252;pbc=;cm=undefined;gdpr=0;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Fri, 27 Sep 2024 18:00:15 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-zhKMhSTYbqxy5"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 esw.html
service.force.com/embeddedservice/5.0/ Frame 15B3 0
0 290ms
101ms Document
text/html 160.8.186.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.firstunitedbank.com/spendlifewisely/4-ways-bank-imposters-try-scam-you?utm_source=mc&utm_medium=email&utm_campaign=Fraud_Journey_Email_6&utm_term=more_info&utm_id=757229&sfmc_id=511492758

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.186.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public,max-age=86400
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 27 Sep 2024 18:00:15 GMT
expires: Sat, 28 Sep 2024 18:00:15 GMT
last-modified: Thu, 14 Sep 2023 00:07:46 GMT
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: none

GET
H2 200 up
insight.adsrvr.org/track/ Frame C8F0 0
0 261ms
81ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=49o1lfv&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=298gui4&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 27 Sep 2024 18:00:15 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame 25E0 0
0 249ms
76ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hk1k1ls&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=766s9ny&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 27 Sep 2024 18:00:15 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame A701 0
0 261ms
90ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=4xn5pbi&ref=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&upid=78g6le4&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.firstunitedbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 27 Sep 2024 18:00:15 GMT
server: Kestrel

GET
H/1.1 200
OK fub-shield-500x500.gif
trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/ 4 KB
5 KB 191ms
191ms Other
image/gif 52.216.207.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trabian-canvas-prd-files.s3.amazonaws.com/firstunitedbank-com/files/fub-shield-500x500.gif?VersionId=J4UtF3aO5ikZUUki1v0zOwvV9y5eU2Gr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.207.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a326bb87c7d659695d73a3007b02ffaaca6a8e73e4e3f1dd60ead2aa5c66aa83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

ETag: "3aa09e21a3650bebd405c8c469ca6276"
x-amz-version-id: UZrRlVVUtYpfgUv18R0MTNpQEvKxWDOy
x-amz-request-id: PE0MPJVZ4NJXW201
Accept-Ranges: bytes
Content-Length: 4455
Date: Fri, 27 Sep 2024 18:00:16 GMT
Last-Modified: Tue, 16 Aug 2022 21:35:55 GMT
Content-Type: image/gif
Server: AmazonS3
x-amz-id-2: tDDptqJgUMvxrtinsvQbC4G+TS4sbsWAvn4/GDYVkYwFrhBzPUi9ZJMGPrkkx2vpDiGXI10UY10=

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la3-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 174 B
567 B 815ms
133ms Script
text/javascript 13.110.60.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D6g000003tgem&EmbeddedServiceConfig.configName=Customer_Care_Chat_Users&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.60.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

Software

Resource Hash

39c52c23fa18e8c01e32a22b881333f4d9a8a065145e3e174bfc6799592c7775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: -1
Access-Control-Allow-Origin: *
Content-Type: text/javascript

GET
H2 200 invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 101ms
100ms Script
application/x-javascript 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:15 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:15 GMT
last-modified: Fri, 24 Sep 2021 16:25:36 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.firstunitedbank.com
Referer: https://service.force.com/

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK Settings.jsonp Show response
d.la3-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/ 177 B
567 B 711ms
135ms Script
text/javascript 13.110.60.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5736g0000005h5j]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5726g0000005fSP&org_id=00D6g000003tgem&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.60.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

Software

Resource Hash

fb3f33c6d09a3fba24f73985f7cb1e621953a41bcf10e411b1783842ec7699be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: -1
Access-Control-Allow-Origin: *
Content-Type: text/javascript

GET
H2 200 inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 97ms
97ms Script
application/x-javascript 160.8.187.13
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.8.187.13 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c3-ams3.eu50-am3.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
cache-control: public,max-age=86400
content-encoding: gzip
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:00:16 GMT
accept-ranges: bytes
date: Fri, 27 Sep 2024 18:00:16 GMT
last-modified: Tue, 18 Aug 2020 17:12:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding

POST
H2 204 collect
analytics.google.com/g/ 0
0 50ms
49ms Fetch
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TBD4M82JX2&gtm=45je49p0v883639361z8845215761za200zb845215761&_p=1727460009552&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&cid=315422016.1727460011&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=3&sid=1727460011&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstunitedbank.com%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DFraud_Journey_Email_6%26utm_term%3Dmore_info%26utm_id%3D757229%26sfmc_id%3D511492758&dt=4%20Ways%20Bank%20Imposters%20Try%20to%20Scam%20You%20%7C%20First%20United%20Bank&en=SLW_Content&ep.Page%20Path=%2Fspendlifewisely%2F4-ways-bank-imposters-try-scam-you&_et=1&tfd=10401
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstunitedbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:00:16 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/EmbeddedService/ 18 KB
4 KB 606ms
201ms Script
text/javascript 18.188.207.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D6g000003tgem&EmbeddedServiceConfig.configName=Customer_Care_Chat_Users&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.188.207.117 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-188-207-117.us-east-2.compute.amazonaws.com

Software

envoy /

Resource Hash

26ebffed1887da94dc9992f9a8fd873cc6479c0596ed8d475c57b309d8270d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache
content-encoding: gzip
pragma: no-cache
x-envoy-upstream-service-time: 9
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: -1
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:16 GMT
content-type: text/javascript
server: envoy

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/Visitor/ 351 B
646 B 487ms
139ms Script
text/javascript 18.188.207.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5736g0000005h5j]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5726g0000005fSP&org_id=00D6g000003tgem&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.188.207.117 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-188-207-117.us-east-2.compute.amazonaws.com

Software

envoy /

Resource Hash

b575690c8d84ac0f7f95267fd10292273df335dc8006431e108d9a31d85d4b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.firstunitedbank.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache
content-encoding: gzip
pragma: no-cache
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: -1
access-control-allow-origin: *
date: Fri, 27 Sep 2024 18:00:16 GMT
content-type: text/javascript
server: envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.firstunitedbank.com
URL: blob:https://www.firstunitedbank.com/d2f6a127-f3ec-48a5-a10c-ba564f4a9896

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=52FA4B1C2F824A6C9E88D33E04F6F08F

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.force.com/	1970-01-21 08:36:36	Name: BrowserId Value: Vf99qnz6Ee-39leAVcDpcg
.firstunitedbank.com/	1970-01-21 02:00:36	Name: _gcl_au Value: 1.1.1863777251.1727460011
.simpli.fi/	1970-01-21 08:38:02	Name: suid Value: 52FA4B1C2F824A6C9E88D33E04F6F08F
.firstunitedbank.com/	1970-01-21 09:27:00	Name: _ga_TBD4M82JX2 Value: GS1.1.1727460011.1.0.1727460011.60.0.0
.firstunitedbank.com/	1970-01-21 09:27:00	Name: _ga Value: GA1.2.315422016.1727460011
.firstunitedbank.com/	1970-01-20 23:52:26	Name: _gid Value: GA1.2.1915990318.1727460011
.firstunitedbank.com/	1970-01-20 23:51:00	Name: _gat_gtag_UA_26361158_1 Value: 1
.simpli.fi/	1970-01-21 00:01:04	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-21 04:10:12	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 00:34:12	Name: ar_debug Value: 1
.firstunitedbank.com/	1970-01-21 02:00:36	Name: _fbp Value: fb.1.1727460011867.705707031124086163
.tapad.com/	1970-01-21 01:17:24	Name: TapAd_TS Value: 1727460012086
.tapad.com/	1970-01-21 01:17:24	Name: TapAd_DID Value: 2c538ab5-c72f-42d4-a3a4-b97f2f4ff0c6
.linkedin.com/	1970-01-21 08:36:36	Name: bcookie Value: "v=2&3a7cceaf-029c-4d3b-8b76-b34c9d871a83"
.linkedin.com/	1970-01-21 04:10:12	Name: li_gc Value: MTswOzE3Mjc0NjAwMTI7MjswMjHGx9Br/OeJcNH2bUfbZsN0xBYc0mX1TXDsTjiPrvJmpg==
.linkedin.com/	1970-01-20 23:52:26	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3503:u=1:x=1:i=1727460012:t=1727546412:v=2:sig=AQHwuEOqKIOInmK7kf8atNpGkIw_IIn1"
.tapad.com/	1970-01-21 01:17:24	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-21 02:43:48	Name: EE Value: "a213eb52be59127b074b58bb7968f151"
.adnxs.com/	1970-01-21 02:00:36	Name: XANDR_PANID Value: 73rm6us12dnXZSiTLYbHOfkjZmoTJKMNB_DwGHRV4nZ8Y32hDDYTChtcAtbE3GiyJSaS2fklVEZf_9YOBBgNPbALBdu9lAcHgY3QAC2zqlI.
.adnxs.com/	1970-01-21 09:27:00	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:00:36	Name: uuid2 Value: 8862669897189550341
.doubleclick.net/	1970-01-21 09:27:00	Name: IDE Value: AHWqTUlTTvhIQocsHNko9EDvMS-kH9EP438wWrI0_Fr2YcEkkjc2U_N-2woA7Swd_Uc
.adnxs.com/	1970-01-21 02:00:36	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?`jJw[!!]tbPl1N!7OnM$=BX0!h0fNSi.UPgdX=`Ggm>JudW]>Ik``iYh07KNdK.Jdje]4/X%W#.wL4W1Qw27sjMNp
.exelator.com/	1970-01-21 02:43:48	Name: ud Value: "eJxrXxzq6XKLQSHRyNA4NcnUKCnV1NLQyDzJwNwkydQiKcnc0swizdDUcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6Is%252BQxUUpaQyLSopPBZ%252BUCgIAhIUpgQ%253D%253D"
.bluekai.com/	1970-01-21 04:11:38	Name: bku Value: blx99vp02Zj+vbxh
.bluekai.com/	1970-01-21 04:11:38	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwED0HAW6xMae1ART1MHOBA18HEQTHe1pHE96HMjs1eCs9y9oXQrI
.pro-market.net/	1970-01-21 04:10:12	Name: anProfile Value: "-p3z51xpxc5a7+1+1f=1+1g=1+1j=45+rs=s+rt=B9C63E60+s2=(skhgoc)+vm=24-52FA4B1C2F824A6C9E88D33E04F6F08F"
.pro-market.net/	1970-01-21 00:34:12	Name: anHistory Value: "-p3z51xpxc5a7+2+!#7')%%!UI5"
.bfmio.com/	1970-01-21 08:36:36	Name: __141_cid Value: 52FA4B1C2F824A6C9E88D33E04F6F08F
.bfmio.com/	1970-01-21 08:36:36	Name: __io_cid Value: fb45ee5a8ba8d4e73adfe7379723f4ba68bb3b61
.agkn.com/	1970-01-21 08:36:36	Name: ab Value: 0001%3Aj3%2F2oTDeFZAYD8RzR%2BuVagQqVm5SnBDe
.agkn.com/	1970-01-21 08:36:36	Name: u Value: C\|0AAAAAAAALomvLgAAAAAA
.quantserve.com/	1970-01-21 09:21:14	Name: mc Value: 66f6f2af-32804-b03c7-493f2
.firstunitedbank.com/	1970-01-21 09:15:28	Name: __qca Value: P0-1808650063-1727460012252

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=52FA4B1C2F824A6C9E88D33E04F6F08F Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=52FA4B1C2F824A6C9E88D33E04F6F08F Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12906424.fls.doubleclick.net
aa.agkn.com
ad.doubleclick.net
analytics.google.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
cds-sdkcfg.onlineaccess1.com
ce.lijit.com
click.em.firstunitedbank.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
d.la1-core1.sfdc-8tgtt5.salesforceliveagent.com
d.la3-c2-ia4.salesforceliveagent.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
loadm.exelator.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
rules.quantcount.com
s.ad.smaato.net
secure.quantserve.com
service.force.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
td.doubleclick.net
trabian-canvas-prd-files.s3.amazonaws.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.firstunitedbank.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
sync.intentiq.com
www.firstunitedbank.com
104.17.24.14
107.178.240.89
13.107.42.14
13.110.60.168
13.111.180.242
13.32.27.108
142.250.181.238
142.250.185.230
142.250.185.99
142.250.186.130
142.250.186.170
142.250.186.70
142.251.168.154
15.197.193.217
157.240.252.13
157.240.252.35
160.8.186.13
160.8.187.13
169.150.247.38
172.217.16.206
172.217.18.4
172.217.18.8
172.217.18.98
172.217.23.98
18.172.103.101
18.188.207.117
18.66.102.15
184.24.77.20
185.89.210.212
192.0.54.4
216.58.206.66
23.23.73.11
3.232.45.244
3.71.149.231
3.76.227.64
3.78.110.63
34.111.113.62
34.254.143.3
34.91.62.186
35.204.89.238
35.244.159.8
35.244.174.68
46.228.174.117
52.16.246.21
52.210.163.17
52.216.207.19
52.72.204.155
69.173.144.139
69.192.160.219
76.223.111.18
91.228.74.166
0846ac03d659516b3473d0335401ef5374484de5e8f08aacadfa657f8099db12
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b01ad20d7cae4cd941a293067b944417236b15a02db2a392510bbb1f022c198
0e367b997f6515393bcd3992ccb008bcee7d7691f3022b8b0b6e6287f3da86ea
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
15566adfced164c7c1d7154ce6ad18e310786dec9668cc7587e51faf48d880a0
174dc57615110879a892f955bc95bf0ec3e3c49025d5319080ee257b9592f557
1a087828957bed0908386b14329fa2695c40889b152db6f20db02f7ea7c9fb75
1c46141521593364805720dde2d493876012878b7824cae4a12c6d6e80923d27
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
26ebffed1887da94dc9992f9a8fd873cc6479c0596ed8d475c57b309d8270d49
27d296196c5be4c49d809a39ed854b835f72ad0c0318bc65195b37a0180efe31
27eabba51edeff3d318c7df0f21952429174f368ec02a4a6f94716424717adce
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
3723bd93d1a16f34bd1da6d5b2820d6b9fb14c8d89fe1724c677944770245c19
390b18f03a71ac3d7ecfccb02a1f4a88afc714d7b2183144fc17f623bb295c1b
39c52c23fa18e8c01e32a22b881333f4d9a8a065145e3e174bfc6799592c7775
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336
3bbd4e17a1b48e3ed1d5302d26167cb81a3351a1a4e208a0e4ffca1297d68882
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2
580969e325665913f5d65cbbcce729b653401e86f13a64ac61c19ff45a3eaab0
58a54f4583e67e45276d95c38e79b2f2caf31f95f27ea80379bb0e1bed1c5c2e
5cf465f51e6b90458da94aced8782b072c0369fdd0808178b02d094dc37ba3cf
60863d879854e15778cf0e1267b2f7fb143e1c24d3d793c8cd3f43fa0a368347
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73
6ad10166c7d8f54484999e43aff6c5d450d8e22b2991ce8ebd5182f5c5fa1c22
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71913e22ca91ca33787b20a91b1e2ffa155f83db0e8f2ae0e59a9f73c865d6d6
71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
745603ad4f206c0c3ec796dadfa0f167dd4ff3e85e86227af7acc38d732aab89
789e8685a564e07274fec164118e89fa040ff2779c6efe3d781b94aeea6f06eb
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
89ace1c634255ac3450d36bbc5d3a9af94e27a8b9f8e5856fe077a7a5c2c117e
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8cd0256eb5b895cac5284e6f46e70e0780fe5cb408d7fc32e51e785044940941
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96819cf55867255cbaeef9a6f88777ce2e338525bc40c26ea9000c4595ce7d10
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249
9b1dd16c3373312df32be6f76d555a2310453c438ce5b47cdeb0f68c1efc7eef
9eec8df2c57f52e00ee51fa75efc882d530b6a9dca6006327bae70e9b6ebae81
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a326bb87c7d659695d73a3007b02ffaaca6a8e73e4e3f1dd60ead2aa5c66aa83
a484c0dc79575c571bae9c0f9b5867f29c587b0cc498b774166b2b2b68637368
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec7b1b801dff0d7070ff919a98798a8d0e0ea3c2f2cdeee08ca9b65b83fa327
b575690c8d84ac0f7f95267fd10292273df335dc8006431e108d9a31d85d4b98
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1ff9b93e93946e681b6a16e30ea63c8c4e10feee49dfce980d27e46b6c6e280
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6d399faaf700841d3d861d7348d747c1737574ccc7bf910fe1230d0791ab01a
ca55cfcd029a1e2251ea30d5c85b60103dd6bedadeb35981daaf29c2391bb7f7
ce4447320389dddcf46cf1d1a993c3a8f18b3ed08e547c6e020c3aee19716772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d207da54b72e891889fdc866ceb2946793e700dff7bbb0a0db48c4552c2faf14
d6f80adba63456e27945985d3b56cbaa9f5d49f37b3e53876df86d838f60556d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e20829319849243a2659d155340d3756afc0f76fcf00f0e24176cd85632317c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f37e73acf947790e5e96aee6a6f9b3243906e70ac83613a1c2a8e434e620fa61
fb3f33c6d09a3fba24f73985f7cb1e621953a41bcf10e411b1783842ec7699be
fb5951d5aac41adb6fb09f7ad1836b405489d109fc6bd9bdcaaf2b38f2ecba7a
ffdf2ce5f8acaadbcbec90a961229ed6c9a60eb3ebfd52aa1c8ca70000341b84

www.firstunitedbank.com Open in urlscan Pro 3.232.45.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

83 %HTTPS

0 %IPv6

40 Domains

55 Subdomains

46 IPs

6 Countries

3883 kBTransfer

7507 kBSize

34 Cookies

19 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.firstunitedbank.com Open in urlscan Pro
3.232.45.244 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

83 %
HTTPS

0 %
IPv6

40
Domains

55
Subdomains

46
IPs

6
Countries

3883 kB
Transfer

7507 kB
Size

34
Cookies

115 HTTP transactions
3 data transactions