ffbkc.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 12333 ms crawled 2026-05-13

US · 146.88.111.104 · AS33070 Rackspace Hosting

Reputation 100/100

sector finance type homepage

HTML metadata

Title: First Federal Bank of Kansas City: Mortgage, Checking, Savings and more
Description: At First Federal Bank of Kansas City, you'll find the help you need to move down the path to prosperity – from free checking to smart mortgage solutions. Welcome to Wellbeingville.
Language: en

Technology

Server: nginx
CMS: Gatsby

Third-party hosts loaded (2)

gmpg.org×1
translate.google.com×1

Social

Contact

Phone

8162417800

Registration

Registrar

GoDaddy.com, LLC

Created

2002-03-07

Expires

2029-02-19 1007 days left

Updated

2026-03-13

Name servers

pdns01.domaincontrol.com
pdns02.domaincontrol.com

DNS records live

NS

pdns01.domaincontrol.com
pdns02.domaincontrol.com

MX

0 mxa-00115102.gslb.pphosted.com
0 mxb-00115102.gslb.pphosted.com

TXT

Show 6 TXT records

cisco-ci-domain-verification=28c2fe26ee7e144fed4fff04f57a232c544144bc23f15f940a19890b2e597803
apple-domain-verification=J_KiAaZF6QtxoL7NpTLD2-MG36EYc5Uq86-6NtHwDAg
3f7b563c-d8b0-4c44-a3f8-21de2b287ac7
google-site-verification=LRqbpqBXAysbHzz5ZOePhZSMbWcsB110Z6V_CNaalIo
MS=BECBE8ED0B9515D6EAB6F2E92476ED64085703F3
apple-domain-verification=IcUwa1h4vacYKVRbOyFMEI99fy3OFbABXF6PsmkdS20

Email authentication strong

SPF

v=spf1 include:hm3lvhht3n.powerspf.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:m06r8icn2k@rua.powerdmarc.com; ruf=mailto:m06r8icn2k@ruf.powerdmarc.com; pct=100; fo=1;

policy: reject (enforced)

DKIM

selector1: v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8ES2w6mTIhXJn+4qTqdnpTyNNo6XJPErEkRsv3zwyDwAylY+QIHtKW/fmZGjcmznEVsZzrb41h9l8pf2Mmf/n…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

GlobalSign GCC R3 DV TLS CA 2020

from 2025-07-21 to 2026-08-22

Expires in 96 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.ffbkc.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: geolocation=(self "https://locatorsearch.net" "https://ffbkc.locatorsearch.net"), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: style-src 'self' https://fonts.googleapis.com https://*.banzai.org https://googletagmanager.com https://tagmanager.google.com https://*.stackadapt.com https://www.googletagmanager.com 'unsafe-inline'; form-action 'self' bank.ffbkc.com https://www.yourmortgageonline.com https://*.hsforms.com https://*.bankingbridge.com; report-to csp-endpoint; img-src *; base-uri 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://*.banzai.org data:; media-src 'self'; manifest-src 'self'; frame-src 'self' https://youtube.com https://*.youtube.com https://googletagmanager.com https://ffbkc.locatorsearch.net https://facebook.com https://www.google.com https://bankingbridge.com https://*.bankingbridge.com https://banzai.org/ https://www.googletagmanager.com http://insight.adsrvr.org http://*.brandcdn.com https://*.cloudfront.net https://*.fls.doubleclick.net https://forms.hsforms.com; default-src 'self'; script-src 'self' 'nonce-5H+R/FgrR+nd/ZP/wI13Mg==' https: 'strict-dy
strict-transport-security: max-age=86400
cross-origin-opener-policy: same-origin

Links to (8)

Linked from (2)

kchba.org×2
lschamber.com×1