URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Submission: On January 04 via manual from US — Scanned from DE

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 33 HTTP transactions. The main IP is 67.227.180.62, located in United States and belongs to LIQUIDWEB, US. The main domain is partners1stcu.org. The Cisco Umbrella rank of the primary domain is 612899.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 13th 2023. Valid for: a year.
This is the only time partners1stcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 salemove.com
libs.salemove.com — Cisco Umbrella Rank: 36273
client-logger.salemove.com — Cisco Umbrella Rank: 24109
408 KB
5 partners1stcu.org
partners1stcu.org — Cisco Umbrella Rank: 612899
118 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 5839
29 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 6951
cdn.acsbapp.com — Cisco Umbrella Rank: 7547
90 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
89 KB
2 gstatic.com
fonts.gstatic.com
97 KB
2 glia.com
api.glia.com — Cisco Umbrella Rank: 26252
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
152 KB
1 siteimproveanalytics.io
84727.global.siteimproveanalytics.io
480 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
186 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 8778
9 KB
1 amazonaws.com
s3.us-east-1.amazonaws.com
195 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
3 KB
33 14
Domain Requested by
6 libs.salemove.com api.glia.com
libs.salemove.com
5 partners1stcu.org partners1stcu.org
3 static.addtoany.com partners1stcu.org
static.addtoany.com
2 www.google-analytics.com partners1stcu.org
www.google-analytics.com
2 connect.facebook.net partners1stcu.org
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 api.glia.com partners1stcu.org
api.glia.com
2 www.googletagmanager.com partners1stcu.org
1 client-logger.salemove.com libs.salemove.com
1 cdn.acsbapp.com acsbapp.com
1 84727.global.siteimproveanalytics.io partners1stcu.org
1 www.facebook.com partners1stcu.org
1 acsbapp.com partners1stcu.org
1 siteimproveanalytics.com partners1stcu.org
1 region1.google-analytics.com www.googletagmanager.com
1 s3.us-east-1.amazonaws.com partners1stcu.org
1 fonts.googleapis.com partners1stcu.org
33 17
Subject Issuer Validity Valid
partners1stcu.org
ZeroSSL RSA Domain Secure Site CA
2023-09-13 -
2024-09-12
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.glia.com
Amazon RSA 2048 M01
2023-06-18 -
2024-07-15
a year crt.sh
static.addtoany.com
E1
2023-12-27 -
2024-03-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-13 -
2024-01-11
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-10
9 months crt.sh
siteimproveanalytics.com
GTS CA 1P5
2023-12-27 -
2024-03-26
3 months crt.sh
acsbapp.com
GTS CA 1P5
2023-12-26 -
2024-03-25
3 months crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M03
2023-10-26 -
2024-11-23
a year crt.sh

This page contains 2 frames:

Primary Page: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Frame ID: CD6A3D64D286B4428D552318B2EBA7A0
Requests: 32 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: BDBC54FE2491583FFAD606C68337B2DF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Postcard Scam: Mortgage Notice | Partners 1st Federal Credit Unionmagnifying-glassshareGroupGroup

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

100 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

17
IPs

2
Countries

1232 kB
Transfer

3566 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request postcard-scam-mortgage-notice
partners1stcu.org/report-fraud/recent-scams/
267 KB
81 KB
Document
General
Full URL
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.180.62 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
webhost2.avtecmedia.com
Software
Apache / Craft CMS
Resource Hash
2145ed662e3dd4fef471a0c650fb15bad6f8b434ea54ab40b899c5ff8e77c2b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=600
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 14:47:42 GMT
Expires
Thu, 04 Jan 2024 14:57:42 GMT
Keep-Alive
timeout=2, max=500
Link
<https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice>; rel='canonical'
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
X-Powered-By
Craft CMS
X-Robots-Tag
all
css2
fonts.googleapis.com/
46 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e5bc9e669b9bc6631d7c12bf04e76e30b8d9c772fccf54c045cd3ef25d9c4cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 14:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 13:44:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 14:47:42 GMT
app.css
partners1stcu.org/dist/css/
99 KB
15 KB
Stylesheet
General
Full URL
https://partners1stcu.org/dist/css/app.css?id=97fc6ee2cebf04545e53
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.180.62 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
webhost2.avtecmedia.com
Software
Apache /
Resource Hash
fbbe0608ed226a1e1800a7c56caaa3e46ff933e33994cca3ef342e30dc7ebee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:47:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 13:52:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
14506
Expires
Sat, 03 Feb 2024 14:47:42 GMT
js
www.googletagmanager.com/gtag/
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CJ92GHSQB0
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1eabbf3d035c35fd7cee3bcd799fee8b7896806aec6000c50bd90bd05b363dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93070
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 14:47:42 GMT
fontfaceobserver.js
partners1stcu.org/dist/js/
5 KB
2 KB
Script
General
Full URL
https://partners1stcu.org/dist/js/fontfaceobserver.js?id=db4885ca3ce0993415d6
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.180.62 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
webhost2.avtecmedia.com
Software
Apache /
Resource Hash
36a30fb5c65b7a386b45debbc89bd8b8c1dd7a87eda439acabeb0bfb621b14ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:47:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 13:52:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
1948
Expires
Sat, 03 Feb 2024 14:47:42 GMT
app.js
partners1stcu.org/dist/js/
58 KB
20 KB
Script
General
Full URL
https://partners1stcu.org/dist/js/app.js?id=0c1c26f5586aa32c297e
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.180.62 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
webhost2.avtecmedia.com
Software
Apache /
Resource Hash
c311236dc340eafeaf1e99934cf8705d37020bfc6287625af455977dea1825b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:47:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 13:52:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
19652
Expires
Sat, 03 Feb 2024 14:47:43 GMT
salemove_integration.js
api.glia.com/
9 KB
9 KB
Script
General
Full URL
https://api.glia.com/salemove_integration.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98c4f278eda9ece02de780ade87040aded5a31e7a4f62779e6b138ea75a1fab5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Thu, 04 Jan 2024 14:21:37 GMT
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 10:57:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
1570
x-amz-server-side-encryption
AES256
etag
"f8d4588f3f471377a4aa0e43effd9b27"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8885
x-amz-cf-id
8vgODGx9cEIh7IvkyRfOktcbEnSZYDZ59ybYjbwpQI1Qq8iu2ANSrg==
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14219
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1360f39ce298a46ab4d839930011f62c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W07ituBwQWt9jwjUcnl12oj3Zu39iVEJbQRwKpc5pf8bKi%2BWxHQqvBle%2FZW5iSPebFJ7cov5a1eo9%2BujRYyemU1s8V2DtIDfUy1w969M%2F6QtqebpnmnAChxRSVLVtQ7pQkcC%2FHx9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8404473d490465a3-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partners1stcu.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options
nosniff
age
31574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 06:01:29 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/
49 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partners1stcu.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:36:28 GMT
x-content-type-options
nosniff
age
29475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 06:36:28 GMT
gtm.js
www.googletagmanager.com/
169 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9CCKKQ
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d6341aca6d86243e78943b9b44cac19db8ce50d03aa0f440d17be2cc7bcf907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62296
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jan 2024 14:47:43 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jan 2024 14:47:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
wtWA8fxip80nNFxUYoKGVOsD5A8iuJFljM6ON3VzNEh1upzLEwdWV6BbprLHYyDVocB9euWIWj2AJ3i9x3zG/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 13:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5118
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 15:22:25 GMT
banner-squares.svg
partners1stcu.org/dist/svgs/
2 KB
772 B
Image
General
Full URL
https://partners1stcu.org/dist/svgs/banner-squares.svg
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/dist/css/app.css?id=97fc6ee2cebf04545e53
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.180.62 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
webhost2.avtecmedia.com
Software
Apache /
Resource Hash
dcb385c05d927d627aa1bea39a2505d6464e43d9cc809c12782e671d44f1e7e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/dist/css/app.css?id=97fc6ee2cebf04545e53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:47:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 13:52:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
397
Expires
Sat, 06 Jan 2024 14:47:43 GMT
Business-Account-Review.jpg
s3.us-east-1.amazonaws.com/assets.partners1stcu.org/uploads/Pages/Business/_2240xAUTO_crop_center-center_none/
195 KB
195 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/assets.partners1stcu.org/uploads/Pages/Business/_2240xAUTO_crop_center-center_none/Business-Account-Review.jpg
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.122.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0803da19b49452eea39d7d7286194f83aadcfdbe9a5e7d7908f1e6fa483ed664

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:47:44 GMT
x-amz-version-id
hmRw6UP9FdDW.D7tkIA9NZKeCkp8mqOX
Last-Modified
Mon, 06 Mar 2023 13:01:42 GMT
Server
AmazonS3
x-amz-request-id
A52W61V51ZVQFFWT
ETag
"188895762bb71e2f3191bef52016ec91"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
max-age=31622400
Accept-Ranges
bytes
Content-Length
199437
x-amz-id-2
Bki5+V0zSmprZSzqLsHiIJtaQfagf/eupAEiAk0LCMJ6XAdZROYClMM9fbtTkoBivyBlJA6ONTg=
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CJ92GHSQB0&gtm=45je3bt0v9103668771z89103668817&_p=1704379663006&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1555817401.1704379663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704379663&sct=1&seg=0&dl=https%3A%2F%2Fpartners1stcu.org%2Freport-fraud%2Frecent-scams%2Fpostcard-scam-mortgage-notice&dt=Postcard%20Scam%3A%20Mortgage%20Notice%20%7C%20Partners%201st%20Federal%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1158
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CJ92GHSQB0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:47:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://partners1stcu.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=688119797&t=pageview&_s=1&dl=https%3A%2F%2Fpartners1stcu.org%2Freport-fraud%2Frecent-scams%2Fpostcard-scam-mortgage-notice&ul=en-us&de=UTF-8&dt=Postcard%20Scam%3A%20Mortgage%20Notice%20%7C%20Partners%201st%20Federal%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1460990691&gjid=822715806&cid=1555817401.1704379663&tid=G-CJ92GHSQB0&_gid=84435807.1704379663&_r=1&_slc=1&z=869695285
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:47:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://partners1stcu.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
469511686890868
connect.facebook.net/signals/config/
130 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/469511686890868?v=2.9.138&r=stable&domain=partners1stcu.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e36b67394224da1ca83124ddf67ee4cf2defd97f44b4f58fe1433f61316924a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jan 2024 14:47:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
F21hbT42REP+KqQsnNaz0RhYHMEAESYdnPfwBi6YK44KqoXM/3nWtnUT/zu6KpyLbXtguABjGJeBmeL1NqHSsg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
siteanalyze_84727.js
siteimproveanalytics.com/js/
26 KB
9 KB
Script
General
Full URL
https://siteimproveanalytics.com/js/siteanalyze_84727.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bad2126bc4327b3b21b982565564a990669164984eede02a97a7ec62df0dd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ARBPZW6RY5GVJXY6
age
5936
alt-svc
h3=":443"; ma=86400
content-length
8959
x-amz-id-2
eqO4zWhG1nb0dLNql3a5VvNuMDQbXIa1ygdC35jpYl5YvO6mRgboNJxQ8g24kaYZoWiWBaERDCY=
last-modified
Wed, 07 Jun 2023 19:16:52 GMT
server
cloudflare
etag
"012a5f70704daf3b232133ceeb3b05ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpKObbOsCwbzWcDlZRLqxqugtA3Z%2F8OpPaGy1P7ccyT9941L8vT4OYjaQrGnnZyIM5kOp8p3vkcmmzQ1%2BFge3H5v9WSlv5sJx%2FzLp3mPpms8l41URvpPezM15qGDM6F4Dc4HMEkSVNy9e6Kyujg4rDLQJFaTx0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
8404473ff93eb91a-AMS
app.js
acsbapp.com/apps/app/dist/js/
293 KB
89 KB
Script
General
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e1a2d665b18f3721a26080f2d15c7de8db3e71a8d802a0c88e0aee6a34862a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPoF3zMmYPxCAjlx0U606a0J5-7UlPNSZhVgcVVK8X2otMiT8e-PFzqeY5iV4Ddsk1iokoKFsVskwA
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 04 Jan 2024 13:53:03 GMT
server
cloudflare
etag
W/"9a4c40df3ed59b996f0ccab5bfb6cc27"
vary
Accept-Encoding
x-goog-hash
crc32c=ju+pfw==, md5=mkxA3z7Vm5lvDMq1v7bMJw==
x-goog-generation
1704376383106975
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
300129
cf-ray
840447400a7a367b-FRA
expires
Fri, 03 Jan 2025 14:47:43 GMT
sm.24.html
static.addtoany.com/menu/ Frame BDBC
677 B
736 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
14945
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8404473fdc0a65a3-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 14:47:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9xNXF8SKhq7dhdffqf0dZXqMpGZeX23uso0NGvN81CnT4DMbUSIz%2BdR4fpW3xr%2FAv8kSF4Q4ShiELSwS%2F7mF84nAhdiCKMRoRiIne1uSVkZz%2FPUIoTteKnTA0sbapQwcnzZS1Zs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.0lg1QMGN.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Origin
https://partners1stcu.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f7a2848ba5154bff921586a6e44f406d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVACvuA0FQ7TNpLuREwKaHJdldMjThChuhaeN5zKVAmJH8iZMQ1TGWPqikdH1I%2Bt%2Fo844biiKicJAW3yR4HiteXGzw1e4sBm2F6H7fvDdAllXdrFmaGf%2FjLQyFy9fMpYfrUaBWhy%2FETecsbHbCdbIsLK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8404473feccf3611-FRA
visitor_config
api.glia.com/
10 KB
11 KB
XHR
General
Full URL
https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fpartners1stcu.org%2Freport-fraud%2Frecent-scams%2Fpostcard-scam-mortgage-notice&
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3ef54c41e48246b2a15c692976e94539ec9f61f56bde8b8e6de6c3896579fcf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-length
10090
access-control-max-age
7200
access-control-allow-methods
["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
content-type
application/json
access-control-allow-origin
https://partners1stcu.org
access-control-expose-headers
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
vary
Origin
x-site-visitor-config
true
access-control-allow-headers
Content-Type, Accept, Authorization
x-amz-cf-id
lfdnQOhlPwSmuDrPwWVXt5RTZXw9esJOHqQEGj_cf_bTqr25trEZZg==
/
www.facebook.com/tr/
0
186 B
Image
General
Full URL
https://www.facebook.com/tr/?id=469511686890868&ev=PageView&dl=https%3A%2F%2Fpartners1stcu.org%2Freport-fraud%2Frecent-scams%2Fpostcard-scam-mortgage-notice&rl=&if=false&ts=1704379663334&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704379663333.1752133089&ler=empty&it=1704379663157&coo=false&rqm=GET
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jan 2024 14:47:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bootstrapper-9495c26fc.js
libs.salemove.com/visitor/
636 KB
167 KB
Script
General
Full URL
https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7a85dc6dd6ba5b2aa0aee70d383364a3dab49566a85838538dbefb84f8f0962
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:05:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
697329
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 27 Dec 2023 12:43:35 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:fbe646232516bdb40b2a762d6f6d091f
etag
W/"fbe646232516bdb40b2a762d6f6d091f"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
6Vos51D2OE1PnsMq-A7izVUgI9AIfrMFbACwTM2UZy0Y-pUOg9--jA==
image.aspx
84727.global.siteimproveanalytics.io/
34 B
480 B
Image
General
Full URL
https://84727.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fpartners1stcu.org%2Freport-fraud%2Frecent-scams%2Fpostcard-scam-mortgage-notice&title=Postcard%20Scam%3A%20Mortgage%20Notice%20%7C%20Partners%201st%20Federal%20Credit%20Union&res=1600x1200&accountid=84727&rt=1501&prev=a7e05609-b780-25ec-cc98-b904eec0b4be&luid=83bbe772-af0a-28cf-c16f-429c610dda03&rnd=48462
Requested by
Host: partners1stcu.org
URL: https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.68.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-68-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 04 Jan 2024 14:47:43 GMT
cache-control
max-age=0
content-length
34
expires
Thu, 04 Jan 2024 14:47:43 UTC
config.json
cdn.acsbapp.com/config/partners1stcu.org/
163 B
708 B
Fetch
General
Full URL
https://cdn.acsbapp.com/config/partners1stcu.org/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7132d24727a49b799457a63369ea663f132e8a73a387282e19bc61b99223fc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:47:43 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPrhYqLVa1IKvb5slrZ1Y3ohIzminHRb_k6EDUvrRF81usaNIAjatsnkpcdSe2OCNULqRSs4OPgXjA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 05 Dec 2023 13:39:17 GMT
server
cloudflare
etag
W/"c184fc5e704742fb7926d85444cb8fa6"
vary
Accept-Encoding
x-goog-hash
crc32c=MP04pQ==, md5=wYT8XnBHQvt5JthURMuPpg==
x-goog-generation
1701783557352748
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
163
cf-ray
84044741ec765d65-FRA
expires
Fri, 03 Jan 2025 14:47:43 GMT
webcomponents_es5-9495c26fc.js
libs.salemove.com/visitor/
936 B
1 KB
Script
General
Full URL
https://libs.salemove.com/visitor/webcomponents_es5-9495c26fc.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:05:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
697328
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
936
last-modified
Wed, 27 Dec 2023 12:43:36 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f86098c5208655efb405300993461936
etag
"f86098c5208655efb405300993461936"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wx7STyrj44a0Tcqb0BSqTxXQgonZTitG7li-_XrBlc6MHwsmPGmrUw==
visitor-app.4ba6d1fb-0bd64a96.min.js
libs.salemove.com/
686 KB
198 KB
Script
General
Full URL
https://libs.salemove.com/visitor-app.4ba6d1fb-0bd64a96.min.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ccac5450892818feaeb8574c8e20bc6813decc9dad15b647f9881f259c747e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 09:20:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
19637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 08:46:18 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e4ef4c31b3325738f65135fbb8b276cb
etag
W/"e4ef4c31b3325738f65135fbb8b276cb"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
oMoCeLxC0FFUJSuWqN21Z_L3xHicIMynGczQNvx_53SPx9M_HtUdPA==
visitor-app.4ba6d1fb-0bd64a96.default.css
libs.salemove.com/
206 KB
31 KB
Stylesheet
General
Full URL
https://libs.salemove.com/visitor-app.4ba6d1fb-0bd64a96.default.css
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54a36ace3d2d860fd3e4f5e0d59f43b6653c4c2ba6fd87ce73e2d3fc22b61a52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 09:20:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
19636
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 08:46:18 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:593e94f08cd3472f4bd4420fc198b2a7
etag
W/"593e94f08cd3472f4bd4420fc198b2a7"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
Y8GdOGnnCCUtxg6Nxlb-AR_v0VDJUSavjIJIjjlYYuFw7TXwklM4bQ==
gva-custom-chat-renderer.1944c65.js
libs.salemove.com/
23 KB
8 KB
Script
General
Full URL
https://libs.salemove.com/gva-custom-chat-renderer.1944c65.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4de1e4e94729ce929801e7c715eda145616022bf710725fedd75341575963d9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:53:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
665668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 27 Dec 2023 20:22:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:204546f89ba38129ede1d80f35aace1c
etag
W/"204546f89ba38129ede1d80f35aace1c"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
ooWv7FJsixRIv9QD717scSNtLdSAzBV-MUowZG3OT_eOpkdJqM8oVw==
gva-custom-chat-renderer.1944c65.css
libs.salemove.com/
8 KB
2 KB
Stylesheet
General
Full URL
https://libs.salemove.com/gva-custom-chat-renderer.1944c65.css
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209b30289a4367d767e9e4bc98c4a1ad08a00e9b1e665f00dbad5741802b5e11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:53:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
665668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 27 Dec 2023 20:22:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:91913bc6898ba7a92c9a2edee76e2042
etag
W/"91913bc6898ba7a92c9a2edee76e2042"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
c5HNM6xdLxlUs5dgTFXja80lT2ShW1b_mNTzTgSC2o5kEZAAVmIXLA==
/
client-logger.salemove.com/
0
0
Fetch
General
Full URL
https://client-logger.salemove.com/
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-9495c26fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.7.4.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-4-58.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://partners1stcu.org/report-fraud/recent-scams/postcard-scam-mortgage-notice
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 14:47:46 GMT
server
envoy
vary
Origin
access-control-max-age
7200
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-envoy-upstream-service-time
2

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| script function| FontFaceObserver function| gtag object| dataLayer function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| allowedExternalUrls object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData boolean| isIE10 boolean| isIE11 boolean| isEdge object| htmlStyles number| widthREMs number| breakpointToDesktopNav boolean| dragging string| clientY function| isElementInViewport object| calculators function| Calculator object| a2a object| a2a_config function| a2a_init object| sm object| _sz function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb number| uidEvent object| webpackJsonpSalemoveVisitorApp function| pure_addEventListener function| pure_removeEventListener

9 Cookies

Domain/Path Name / Value
.partners1stcu.org/ Name: _ga_CJ92GHSQB0
Value: GS1.1.1704379663.1.0.1704379663.0.0.0
.partners1stcu.org/ Name: _ga
Value: GA1.2.1555817401.1704379663
.partners1stcu.org/ Name: _gid
Value: GA1.2.84435807.1704379663
.partners1stcu.org/ Name: _gat
Value: 1
partners1stcu.org/ Name: fontsLoaded
Value: true
.partners1stcu.org/ Name: _fbp
Value: fb.1.1704379663333.1752133089
api.glia.com/ Name: visitor_session
Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MDQzNzk2NjMsInZpc2l0b3JfaWQiOiI0N2UzYTcyOC0wOTljLTRjNWItYTlkNC1jNTMwOWY5MjEzOWQiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI5MzE3Y2FmYi1kM2I1LTRiZTUtYjhiZC1lZDdiOGExZTZkZTgifQ.tJZ0StMuStiPoq7OSAYziQgtRjUCa8O1EDbP1sJu9f38a9wM-R-n6QDNmL5SBuGZvZT3cII5d9hYnTmpnp9TaQ
.partners1stcu.org/ Name: nmstat
Value: a7e05609-b780-25ec-cc98-b904eec0b4be
84727.global.siteimproveanalytics.io/ Name: AWSALBCORS
Value: tI6H34V9jL6b11L+GQeCc2mYEX3lqW/bH9vFuXVte3d3BvCAkKrCRSLfs4DBj7o8NWVVnmnqHzJLCXBByHTwP0+ab15Ln5Y8IbVTjnkPsCAwj32flalM/+qdwPbo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

84727.global.siteimproveanalytics.io
acsbapp.com
api.glia.com
cdn.acsbapp.com
client-logger.salemove.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
libs.salemove.com
partners1stcu.org
region1.google-analytics.com
s3.us-east-1.amazonaws.com
siteimproveanalytics.com
static.addtoany.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
18.159.68.202
2001:4860:4802:34::36
2001:4860:4802:38::178
2600:9000:206f:c400:0:99b9:cd80:93a1
2600:9000:2646:600:17:4c3f:1b80:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700:10::ac43:2794
2606:4700:e6::ac40:c01b
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.217.122.168
52.7.4.58
67.227.180.62
0803da19b49452eea39d7d7286194f83aadcfdbe9a5e7d7908f1e6fa483ed664
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0e5bc9e669b9bc6631d7c12bf04e76e30b8d9c772fccf54c045cd3ef25d9c4cd
1ccac5450892818feaeb8574c8e20bc6813decc9dad15b647f9881f259c747e5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d6341aca6d86243e78943b9b44cac19db8ce50d03aa0f440d17be2cc7bcf907
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
209b30289a4367d767e9e4bc98c4a1ad08a00e9b1e665f00dbad5741802b5e11
2145ed662e3dd4fef471a0c650fb15bad6f8b434ea54ab40b899c5ff8e77c2b2
36a30fb5c65b7a386b45debbc89bd8b8c1dd7a87eda439acabeb0bfb621b14ed
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ef54c41e48246b2a15c692976e94539ec9f61f56bde8b8e6de6c3896579fcf9
4de1e4e94729ce929801e7c715eda145616022bf710725fedd75341575963d9f
54a36ace3d2d860fd3e4f5e0d59f43b6653c4c2ba6fd87ce73e2d3fc22b61a52
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
7132d24727a49b799457a63369ea663f132e8a73a387282e19bc61b99223fc11
72bad2126bc4327b3b21b982565564a990669164984eede02a97a7ec62df0dd6
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
98c4f278eda9ece02de780ade87040aded5a31e7a4f62779e6b138ea75a1fab5
a9e1a2d665b18f3721a26080f2d15c7de8db3e71a8d802a0c88e0aee6a34862a
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
c311236dc340eafeaf1e99934cf8705d37020bfc6287625af455977dea1825b5
c7a85dc6dd6ba5b2aa0aee70d383364a3dab49566a85838538dbefb84f8f0962
dcb385c05d927d627aa1bea39a2505d6464e43d9cc809c12782e671d44f1e7e0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1eabbf3d035c35fd7cee3bcd799fee8b7896806aec6000c50bd90bd05b363dd
e36b67394224da1ca83124ddf67ee4cf2defd97f44b4f58fe1433f61316924a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbbe0608ed226a1e1800a7c56caaa3e46ff933e33994cca3ef342e30dc7ebee8