indexo.dev

ourfirstfed.com

.com crawl

First seen 2026-04-17 · Last seen 2026-05-15 · ok HTTP/1.1 200 2435 ms crawled 2026-05-12

US · 12.167.4.251 · AS27482 American Eagle Computer Products, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Community Banking | First Fed
Description
First Fed is your local community bank. Contact us for personal banking, business banking, credit cards, lending and more. Open an account today.
Language
en
Generator
Sitefinity 14.4.8147.0 DX
Canonical
https://www.ourfirstfed.com

Open Graph

url
https://www.ourfirstfed.com
title
Community Banking
site name
Default
description
First Fed is your local community bank. Contact us for personal banking, business banking, credit cards, lending and more. Open an account today.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager
Ads
  • Google Ads (DoubleClick)
Fonts
  • Google Fonts
Third-party hosts loaded (8)
  • www.googletagmanager.com×4
  • 10576294.fls.doubleclick.net×1
  • fonts.googleapis.com×1
  • js-na1.hs-scripts.com×1
  • ourfirstfed.my.site.com×1
  • tracker.mnixdata.com×1
  • www.facebook.com×1
  • www.glancecdn.net×1

Social

Contact

Phone
Address
st or stolen card:(800) 554-8969

Registration

Registrar
MarkMonitor Inc.
Created
2007-10-31
Expires
2027-10-31 530 days left
Updated
2025-09-29
Name servers
  • edns123.ultradns.biz
  • edns123.ultradns.com
  • edns123.ultradns.net
  • edns123.ultradns.org

DNS records live

NS
  • edns123.ultradns.biz
  • edns123.ultradns.com
  • edns123.ultradns.net
  • edns123.ultradns.org
MX
  • 10 ourfirstfed-com.mail.protection.outlook.com
TXT
Show 12 TXT records
  • apple-domain-verification=q4XYKWoDeb9SmltG
  • rippling-domain-verification=42ad9d1758e034eb
  • google-site-verification=JyNEfpk8T9-85diX64O6jaOVy6VbiRWPb-v3VkAZRI8
  • teamviewer-sso-verification=2a54565b75da4d0584c3c6e7a86ba858
  • hrzfc66w6yp57jlwx9ty649j5vmnrp08
  • google-site-verification=3JsiHM_QD3i7h-M7WzMDnyKO9iHYsF8baEYM1PFA0fU
  • MS=ms50120357
  • docusign=491c7718-37c3-4a1e-846a-b45e8c9343a3
  • docusign=eb7cbeb6-9cb0-42f6-81ab-e161d226e6ab
  • atlassian-sending-domain-verification=b3bf59b6-4ffe-4f05-a96d-5bb447b67b34
  • jCNWBJPgW4wHq/ka+KweB1+alx+rL5DNQJy4oPc21wFKBq6zcqLEVldW+2DCLIYD9ldimVx93Vo0AI3gsP/O+w==
  • cdp6mhn0db54inbj0uu157ggr4

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:spf.digitalinsight.com include:_spf.salesforce.com include:_spf1.fiserv.com include:_spf2.fiserv.com include:_spf3.fiserv.com include:gateways.firstdata.com include:21024375.spf10.hubspotemail.net ip4:208.86.168.7 ip4:208.84.65.109 ip4:208.86.201.107 ip4:135.84.68.123 ip4:135.84.79.54 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36 ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ip4:172.217.0.0/19 ip4:172.217.32.0/20 ip4:172.217.128.0/19 ip4:172.217.160.0/20 ip4:172.217.192.0/19 ip4:172.253.56.0/21 ip4:172.253.112.0/20 ip4:108.177.96.0/19 ip4:35.191.0.0/16 ip4:130.211.0.0/22 ip4:207.211.31.0/25 ip4:205.139.110.0/24 ip4:216.205.24.0/24 ip4:170.10.129.0/24 ip4:63.128.21.0/24 ip4:170.10.133.0/24 ip4:185.58.84.93 ip4:207.211.41.113 ip4:207.211.30.64/26 ip4:207.211.30.128/25 ip4:216.145.221.0/24 ip4:170.10.128.0/24 ip4:170.10.132.56/29 ip4:170.10.132.64/29 ip4:34.75.49.213 ip4:35.229.62.77 ip4:34.75.16.178 ip4:35.184.208.151 ip4:104.197.65.145 ip4:34.58.215.46 ip4:35.231.189.43 ip4:34.74.57.127 ip4:35.231.237.213 ip4:35.202.125.231 ip4:35.188.64.218 ip4:34.68.104.193 ip4:34.75.49.213 ip4:35.229.62.77 ip4:34.75.16.178 ip4:35.184.208.151 ip4:34.58.215.46 ip4:35.203.125.236 ip4:35.203.39.206 ip4:35.203.101.94 ip4:35.201.16.52 ip4:34.151.97.101 ip4:35.244.76.3 ip4:35.246.204.223 ip4:35.246.194.59 ip4:34.89.204.64 ip4:34.90.168.255 ip4:34.90.61.249 ip4:34.90.80.160 ip4:209.34.255.250 ip4:209.34.255.251 ip4:128.136.104.250 ip4:44.214.246.148 ip4:199.30.234.56/29 ip4:74.203.184.208/30 ip4:199.30.234.64/26 ip4:199.30.234.192/27 ip4:74.203.184.32/27 ip4:207.195.176.0/20 ip4:199.30.235.11 ip4:74.203.185.12 ip4:166.73.92.61 ip4:166.73.92.63 ip4:166.73.92.60 ip4:12.154.156.34 ip4:149.72.214.104 ip4:12.154.156.47 ip4:50.58.10.177 ip4:50.58.10.176 ip4:74.121.52.115 ip4:208.85.49.215 ip4:208.85.49.177 ip4:74.121.52.1 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18 ip4:69.169.224.0/20 ip4:23.249.208.0/20 ip4:23.251.224.0/19 ip4:76.223.176.0/20 ip4:54.240.64.0/19 ip4:54.240.96.0/19 ip4:76.223.128.0/19 ip4:216.221.160.0/19 ip4:206.55.144.0/20 ip4:139.60.152.0/22 ip4:98.97.248.0/21 ip4:64.69.212.0/24 ip4:52.222.73.120 ip4:52.222.73.83 ip4:52.222.62.51 ip4:52.222.75.85 ip4:52.222.89.228 ip4:160.1.62.192 ip4:52.61.91.9 ip4:15.200.21.50 ip4:15.200.201.185 ip4:15.200.44.248 ip4:216.116.80.0/24 ip4:216.116.81.88 ip4:216.116.87.0/24 ip4:74.200.60.0/24 ip4:74.200.63.0/24 ip4:216.116.95.0/24 ip4:52.128.98.34 ip4:52.128.98.35 ip4:52.128.98.36 ip4:205.220.177.135 ip4:205.220.166.201 ip4:52.128.103.21 ip4:52.128.103.23 ip4:52.128.103.24 ip4:66.159.240.191 ip4:66.159.238.164 ip4:208.200.250.84 -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc_rua@ourfirstfed.com; ruf=mailto:dmarc_ruf@ourfirstfed.com
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwci1TfOYuHYH1OKvxsm+g8fbIEqqi5fzOaqk9uYxUy2V7omHntqE57T5xNxWtdZZismR3sgZIOFMPQ…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOizRxircCNLOWHLPZ7ZWCTd+UqkYvXOZ5Rtia23NCqu/7b0ganBbJqjf5JhogBRcEq5ljIzbWJ19u…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-04-22 to 2026-11-07
Expires in 172 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.ourfirstfed.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
ALLOW-FROM https://ourfirstfed--dev1.my.salesforce.com/ https://ourfirstfed.my.salesforce.com/ https://app.smartsheet.com/
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' *.googletagmanager.com *.stats.g.doubleclick.net https://stats.g.doubleclick.net/j/ https://*.glancecdn.net wss://*.glance.net https://*.glance.net blob: 'wasm-unsafe-eval' *.hotjar.com *.hotjar.io wss://*.hotjar.com *.clarity.ms *.bing.com https://ffbpawa.banking.apiture.com/; script-src 'self' *.googleapis.com *.gstatic.com www.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://*.googletagmanager.com 'unsafe-inline' 'unsafe-eval' *.google-analytics.com cdn.ampproject.org https://www.instagram.com/ *.googletagmanager.com *.stats.g.doubleclick.net https://www.youtube.com/iframe_api https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net js-na1.hs-scripts.com js.hsforms.net *.en25.com
strict-transport-security
max-age=31536000; includeSubDomains

Links to (5)

Linked from (6)