stcu.mymortgage-online.com Open in urlscan Pro
143.204.215.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stcu.mymortgage-online.com/
Effective URL:
https://stcu.mymortgage-online.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 25 via api (June 25th 2022, 8:02:05 am UTC) from FI — Scanned from FI

Summary HTTP 39 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 143.204.215.21, located in United States and belongs to AMAZON-02, US. The main domain is stcu.mymortgage-online.com.
TLS certificate: Issued by Amazon on September 9th 2021. Valid for: a year.

This is the only time stcu.mymortgage-online.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	143.204.215.21 143.204.215.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	52.92.133.82 52.92.133.82	16509 (AMAZON-02) (AMAZON-02)
1	52.218.236.115 52.218.236.115	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
39	11

22 143.204.215.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-21.fra53.r.cloudfront.net

stcu.mymortgage-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.133.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

asset-service-bucket-prod.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.236.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

asset-service-bucket-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mymortgage-online.com 1 redirects stcu.mymortgage-online.com	218 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	amazonaws.com asset-service-bucket-prod.s3-us-west-2.amazonaws.com — Cisco Umbrella Rank: 767089 asset-service-bucket-prod.s3.amazonaws.com — Cisco Umbrella Rank: 281014	25 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
2	google.ru www.google.ru — Cisco Umbrella Rank: 8880	565 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 8	525 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	93 KB
1	gstatic.com fonts.gstatic.com	13 KB
39	10

	Domain	Requested by
22	stcu.mymortgage-online.com	1 redirects stcu.mymortgage-online.com
3	www.google-analytics.com	stcu.mymortgage-online.com www.google-analytics.com
3	fonts.googleapis.com	stcu.mymortgage-online.com
2	www.google.ru	stcu.mymortgage-online.com
2	www.google.com	1 redirects stcu.mymortgage-online.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.googletagmanager.com	stcu.mymortgage-online.com
2	asset-service-bucket-prod.s3-us-west-2.amazonaws.com	stcu.mymortgage-online.com
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	asset-service-bucket-prod.s3.amazonaws.com	stcu.mymortgage-online.com
39	12

This site contains links to these domains. Also see Links.

Domain
homeloanapp.stcu.org
www.stcu.org
stcu.org
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mymortgage-online.com Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stcu.mymortgage-online.com/
Frame ID: 895213844BA9A7EBFED05B7F8E973F2E
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STCU home loans - Home

Page URL History Show full URLs

http://stcu.mymortgage-online.com/ HTTP 301
https://stcu.mymortgage-online.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

390 kB
Transfer

914 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://homeloanapp.stcu.org/#/choose-loan-type
Title: Apply Now - New loan

Search URL Search Domain Scan URL

URL: https://www.stcu.org/media/Privacy_Policy.pdf
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://stcu.org/
Title: Visit stcu.org

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mySTCU

Search URL Search Domain Scan URL

URL: https://twitter.com/stcu

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mystcu/

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/stcu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/STCUOnlineMedia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stcu.mymortgage-online.com/ HTTP 301
https://stcu.mymortgage-online.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9MC2YvKFJMXtb-ian6gE&sscte=1&crd=&eitems=ChAI8OTalQYQyJXX4-uivrYaEh0AxQ-f13PbbmQT5kHAE9bRiPxZVXz8nZ6Ag7A5zg HTTP 302
https://www.google.com/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9MC2YvKFJMXtb-ian6gE&eitems=ChAI8OTalQYQyJXX4-uivrYaEh0AxQ-f11DkoIXUDTHeuhxLMim3awC7W3bxMfWYdw&random=3699042821&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ru/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9MC2YvKFJMXtb-ian6gE&eitems=ChAI8OTalQYQyJXX4-uivrYaEh0AxQ-f11DkoIXUDTHeuhxLMim3awC7W3bxMfWYdw&random=3699042821&resp=GooglemKTybQhCsO&ipr=y&prhg=0

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stcu.mymortgage-online.com/
Redirect Chain

http://stcu.mymortgage-online.com/
https://stcu.mymortgage-online.com/

45 KB
9 KB

480ms
359ms

Document
text/html

143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

2dd7609c9b761ae081f58895b33605a446c146038dc4fb6be391f95801c9922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Sat, 25 Jun 2022 08:01:54 GMT
etag: W/"aa272eae9d89bafa014562a81a918476"
last-modified: Sun, 28 Feb 2021 20:45:30 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-id: r_hcVXMWWjuTH_6SBMiyk_CHQyh6FM-OwOdOZxXzDOvACGkGjm2YfQ==
x-amz-cf-pop: FRA53-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: iulZY_qLYL0TLO26IQEsSVRCniE6JKWO
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-debug-date: "Date=08-03-2021::14:02"
x-edge-config-name: ccapp-prod
x-edge-config-version: not-implemented
x-edge-custom1: notset
x-edge-custom2: notset
x-edge-custom3: notset
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Sat, 25 Jun 2022 08:01:54 GMT
Location: https://stcu.mymortgage-online.com/
Server: CloudFront
Via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
X-Amz-Cf-Id: seOfsjiIhI0Jc-lpTMNuBGoGMFHr0SU3AfHBjy0-qk_TNphZOlW2ww==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront

GET
H2 200 font-awesome.min.css
stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/css/ 30 KB
8 KB 499ms
497ms Stylesheet
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/css/font-awesome.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: .IMi01O4BmOkj5Je9f98Z5VXK.afRSE2
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: pbCM5u5iAWigHFf74pRZz1NjSxBk8oD_b4wRFXCGQmvNRP4eCKcmew==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 200ms
73ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38827882d820483e56bd787271664ae89afc285874838c4577896eda448fd60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 08:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 08:01:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 08:01:55 GMT

GET
H2 200 icon-font.min.css
stcu.mymortgage-online.com/runtime/vendors/ 7 KB
2 KB 497ms
496ms Stylesheet
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/icon-font.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

9b2ae8612116d9eef7d6e02d9b2b5ce4d0308153405605435340cbd178b3f370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"ab82e56fdc580ca308bc0fc59a599414"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: I2tJu3R2AmwP1N0JfhQDhy.xACaQXIiw
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: 8D6tHqB_iE-Z58jJB_Q4Cx3MBvhPfNWtdvpsWtJnp_b3JREES3-NhA==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 bootstrap.min.css
stcu.mymortgage-online.com/runtime/vendors/ 118 KB
20 KB 543ms
542ms Stylesheet
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/bootstrap.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

dd504c01e3e0fdec1abaeb547723a8a819a16f6f9d10c0a159ee971454343145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"9078d942e56acec0d4097e2a7ee5e336"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: usieFMkDT73fnllvJYw.9Qu6e518qEDO
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: GW4hTSfTmwaXND9yz8l8Mx93a8VjYzGHU-Gezdcdnnw56E2-JI1iLg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 common.min.css
stcu.mymortgage-online.com/runtime/ 20 KB
5 KB 505ms
504ms Stylesheet
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/common.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

5b5e0fa10dde02102bc341c91aa82c038b9c47a6cbeaa18fff99aa034797e058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"20faf51b1b366537f48852397a9d5e69"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: n4AudaK70StrCJpVuzhfXlzT7vGkk1Kt
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: ghOSlb1LqyImdop0CQa9hnGlq4yrdPPhqPZL_199F2wNp302An4RUw==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 theme1B.min.css
stcu.mymortgage-online.com/themes/theme1B/ 7 KB
2 KB 495ms
495ms Stylesheet
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/themes/theme1B/theme1B.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

ac1d6fdfd1b00da08c110532d7e71e754ba9cdf4bd72ff7cfd687389b0eda488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:18 GMT
cache-control: max-age=604800
x-frame-options: DENY
etag: W/"7fb2189904c840ff490cc160952e6172"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: RJR87KVviidmeqlnCTTZYRnS..jAJQvx
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: AfAoPvEgMN-eG0eZZ6_IjMkxPmBa9XdVR0EKEWXbQKxUvf4aIyiKjA==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 select2-3.4.5.min.css
stcu.mymortgage-online.com/runtime/vendors/ 0
3 KB 507ms
504ms Other
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/select2-3.4.5.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"3e6c433afea8ccc5aab30582320d9f0d"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: ebEKt0motmZyPN94RzjZ.f2pxmOFdJ7h
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: WPNbO8ayAA8zaAj9ku7HCc8521f2FnyNZK-tRID0oYW-h0pqCPC3cg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 rzslider-5.8.0.min.css
stcu.mymortgage-online.com/runtime/vendors/ 0
2 KB 328ms
325ms Other
text/css 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/rzslider-5.8.0.min.css

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"65e8ce8cb0624df3bc97db9a26609f7a"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: VSGROVSpP8UaD7wBhXsy945QHeSWFryL
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: text/css
x-amz-cf-id: OBa2b3PPFbcgysVFK042618jOOXBEGd-DNbArWlidH5-Fr1uUz7HFg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 polyfiller-1.14.5.js
stcu.mymortgage-online.com/runtime/vendors/ 0
7 KB 309ms
306ms Other
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/polyfiller-1.14.5.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"5e46cf7fedec7efaf6624c2b17df2418"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: V1WnaYR4kU6rXevmljSD398G3kEpxoap
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: _lTiFrIho9b1vk90VZPBobZcQsyrx1Vz9-e2H6iTn-VqkILigInE1Q==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 css
fonts.googleapis.com/ 0
478 B 72ms
70ms Other
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900,400italic

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 08:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 08:01:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 08:01:55 GMT

GET
H2 200 icon
fonts.googleapis.com/ 0
416 B 72ms
70ms Other
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 08:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 08:01:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 08:01:55 GMT

GET
H2 200 navMenu.min.js Show response
stcu.mymortgage-online.com/runtime/ 2 KB
1 KB 320ms
320ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/navMenu.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

94ae96e57f94678d735a9fb7d04b7106c8f965bdd23870a7a26155f81ed3c33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"b11d7393b5333e6dbab2bc60edc0ca2b"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: tDqisDJ9_OWCZ1MXoNz4TzWNtewbo_T2
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: vVUn5cFQzjR5NZWQOY3RvOD7NU9bpSO_zGweqt2y411gIhwPsUCuMg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 iframeResizer.min.js Show response
stcu.mymortgage-online.com/runtime/vendors/ 13 KB
6 KB 311ms
311ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/iframeResizer.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

2a763683449b92dfc8f49261fa14062451c362bd247d4643301d1c16680639d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"1e02f32c9a4a3fcbc9b3ceb2ccefdf42"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: Z2iFB5jANHsLLTAn.QbGlGL1RqmOXnqQ
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: 0v-cMZNLuXR-r-Mv2CX1XgVj6Ns9Iinvd4ztCfC1COWU5RtaGBeTgA==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 appLauncher.min.js Show response
stcu.mymortgage-online.com/runtime/ 16 KB
5 KB 504ms
500ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/appLauncher.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

dca24e0522d36df6000d7a49924cf4f9240f3a7c32b131d2918a9de6e2125052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"220901ebea6a6f61252ac89c570955ba"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: S.Upw48E_fIjR_XZN5bDYJcIK9QDMlYL
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: VIvtgG8Ot8RsRs0Ip4DZdvc9puRqB3lwcfEephxv5jUJz87nCHk_oQ==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 jquery-3.1.0.min.js Show response
stcu.mymortgage-online.com/runtime/vendors/ 84 KB
30 KB 524ms
520ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/jquery-3.1.0.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

fbeb65db0c9d95ea4f0adc3f6c521fa735e8f7ecd5d72e06f49850958cfac3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"71d079c1c3490d73207af88cf14119c6"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: d6KbHA5emTCss6gF2fUNI5NIc9eQ1QX3
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: jHurjQKqk3JpybCpp1MYz2phQisBsx6xoLVjGy_1hkfisvI_LGQwkQ==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 velocify.min.js Show response
stcu.mymortgage-online.com/runtime/ 15 KB
7 KB 482ms
479ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/velocify.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

2753d918cf112eb4f53995b89021a75f2418ddcc97c861e9b60e32b3ee5d9498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"4720145014e0e1e3276b5f949a28bcf7"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: zxL0an3.m_exw53ly6dUZvCt4Jwvq3X6
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: RJAvI6f6f5bRD-sTdiM4mIzaYkmBG72xiP1Hbx8O0o1Jqg_I_pophQ==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H/1.1 200
OK f529f7bc-3aa6-411a-ae5a-460fb0819065
asset-service-bucket-prod.s3-us-west-2.amazonaws.com/ 2 KB
2 KB 827ms
251ms Image
binary/octet-stream 52.92.133.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset-service-bucket-prod.s3-us-west-2.amazonaws.com/f529f7bc-3aa6-411a-ae5a-460fb0819065
Requested by: Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.133.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9be5d47eba1077caa3ad1654f5e9c6115abd9a639e9a731bb991019319578abf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 08:01:57 GMT
Last-Modified: Fri, 20 Oct 2017 17:43:37 GMT
Server: AmazonS3
x-amz-request-id: DWS3B0G8D8HV0YSS
ETag: "ec33479ddd446712cdf0ac1c7a503ca2"
x-amz-version-id: null
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 2053
x-amz-id-2: oeNvdPnzOyiA5gJlhwUZ8BFT8gIN4hoYCO6rYIrb4iVGx4opTlplMuDzqEI5z+PHAJT5qMvXW5Q=

GET
H/1.1 200
OK 3903d294-5db7-4776-a1f5-44eabb8cb779
asset-service-bucket-prod.s3-us-west-2.amazonaws.com/ 16 KB
16 KB 830ms
245ms Image
binary/octet-stream 52.92.133.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset-service-bucket-prod.s3-us-west-2.amazonaws.com/3903d294-5db7-4776-a1f5-44eabb8cb779
Requested by: Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.133.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 82d566677503fc4904744c3b7942f13f7188d9482e3510f4cce19a1ab84e2155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 08:01:57 GMT
Last-Modified: Fri, 27 Oct 2017 16:00:39 GMT
Server: AmazonS3
x-amz-request-id: DWSCN55JBEVV12H7
ETag: "c05ec9050da722a3ca0ca581389d0360"
x-amz-version-id: null
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 16003
x-amz-id-2: 56K2z1z/6Z6ZdHDzETGFPBq+HWcMoe4UvdgwP0MrlM7poI4E0H0JT1WGAumzpyPXIZT/L+UFx6A=

GET
H/1.1 200
OK 92f08dc6-86cf-4396-bc20-76d26155e94c
asset-service-bucket-prod.s3.amazonaws.com/ 6 KB
7 KB 779ms
210ms Image
binary/octet-stream 52.218.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset-service-bucket-prod.s3.amazonaws.com/92f08dc6-86cf-4396-bc20-76d26155e94c
Requested by: Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.236.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c6e70c949afd5b1189dcb04aaad98427012057ebbc7ff4fba4fd7adf5d8fe637

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 08:01:57 GMT
Last-Modified: Fri, 10 Feb 2017 21:31:41 GMT
Server: AmazonS3
x-amz-request-id: DWSDDK24PF3MW14W
ETag: "2a4209aabcc893a6d4e282ee7bad33d0"
x-amz-version-id: null
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 6605
x-amz-id-2: +ewRaO87UjoEfMfmHL8gIDPx5/iFTfxtLrWKMgVVxR4STuKdB3WX8kEVpgyN55P6ykU/WKda1HY=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 217ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-667589-20

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c37198087c3c071a88f55ef4b706cee889e799df00415b08ac2ddb9e14bf3549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39795
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Jun 2022 08:01:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
54 KB 260ms
153ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSF7BPD

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e50bd814ebcf5bfb018320602d527537f7a8fa78b34e8a5bca2ec74c5ff13b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54775
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Jun 2022 08:01:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 107ms
30ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2528
date: Sat, 25 Jun 2022 07:19:47 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 25 Jun 2022 09:19:47 GMT

GET
H2 200 ICE_MT-powered-by.svg
stcu.mymortgage-online.com/runtime/ 7 KB
3 KB 477ms
477ms Image
image/svg+xml 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stcu.mymortgage-online.com/runtime/ICE_MT-powered-by.svg

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/runtime/common.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

4e594596748f5425e52dd024ed437a72ba14af1f963d9891aaa0d0c7e70ba808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/runtime/common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:15 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"34d7ea984def21527f6a90206957becf"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: hQfxgiQjxrFbfM1NXtAYTR5_fKsJN5vx
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: image/svg+xml
x-amz-cf-id: F48lJeFMu5SKLw3mnleVXd14Mrw9ERV7CTJ7uIL1OGDJ9Dr2QdFI5Q==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 fontawesome-webfont.woff2
stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/fonts/ 75 KB
76 KB 301ms
301ms Font
binary/octet-stream 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stcu.mymortgage-online.com/runtime/vendors/fontawesome-4.7.0/css/font-awesome.min.css
Origin: https://stcu.mymortgage-online.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-name: ccapp-prod
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
x-edge-custom1: notset
vary: Origin
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
x-frame-options: DENY
etag: "af7ae505a9eed503f8b8e6982036873e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
x-amz-version-id: l89W2tYj07B0FjtzVEtfBKLB3X0CQcrD
access-control-allow-origin: *
cache-control: max-age=28800
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: lJ0Vv4XLtUAMypAJRZawOOjy2bfjLbhOZePnBZgMyv0IocK1--ChFQ==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
13 KB 202ms
59ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stcu.mymortgage-online.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 312808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:08:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 94ms
33ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=891151839&t=pageview&_s=1&dl=https%3A%2F%2Fstcu.mymortgage-online.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=STCU%20home%20loans%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=310367773&gjid=1409979622&cid=2131203895.1656144121&tid=UA-91417866-3&_gid=634980185.1656144121&_r=1&_slc=1&z=1263548837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stcu.mymortgage-online.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stcu.mymortgage-online.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 208ms
64ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91417866-3&cid=2131203895.1656144121&jid=310367773&gjid=1409979622&_gid=634980185.1656144121&_u=IEBAAAAAAAAAAC~&z=125688194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0cb3ad59518a9b556a3900b3f67c8312cf1f2db88f77cbadad1e6e4f7b425e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stcu.mymortgage-online.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 25 Jun 2022 08:01:56 GMT
content-type: text/plain
access-control-allow-origin: https://stcu.mymortgage-online.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
32ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=891151839&t=pageview&_s=1&dl=https%3A%2F%2Fstcu.mymortgage-online.com%2F&ul=en-us&de=UTF-8&dt=STCU%20home%20loans%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1366864257&gjid=142001444&cid=2131203895.1656144121&tid=UA-667589-20&_gid=634980185.1656144121&_r=1&gtm=2ou6m0&z=2078660507

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stcu.mymortgage-online.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stcu.mymortgage-online.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 229ms
80ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSF7BPD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 08:01:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 230ms
87ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91417866-3&cid=2131203895.1656144121&jid=310367773&_u=IEBAAAAAAAAAAC~&z=309707906

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ru/ads/ 42 B
501 B 228ms
84ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91417866-3&cid=2131203895.1656144121&jid=310367773&_u=IEBAAAAAAAAAAC~&z=309707906

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/825103504/ 2 KB
1 KB 228ms
100ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/825103504/?random=1656144120971&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

12d826d3cb14f22b13226fd50df1aad188a35dbc605d71ddc4decfb3410bd45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ru/pagead/1p-conversion/825103504/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.ru/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

202ms
79ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9MC2YvKFJMXtb-ian6gE&eitems=ChAI8OTalQYQyJXX4-uivrYaEh0AxQ-f11DkoIXUDTHeuhxLMim3awC7W3bxMfWYdw&random=3699042821&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Jun 2022 08:01:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ru/pagead/1p-conversion/825103504/?random=1396244653&cv=9&fst=1656144120971&num=1&value=0&label=e0HZCJOr4IIBEJCpulkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstcu.mymortgage-online.com%2F&tiba=STCU%20home%20loans%20-%20Home&auid=483741972.1656144121&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9MC2YvKFJMXtb-ian6gE&eitems=ChAI8OTalQYQyJXX4-uivrYaEh0AxQ-f11DkoIXUDTHeuhxLMim3awC7W3bxMfWYdw&random=3699042821&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utils.min.js Show response
stcu.mymortgage-online.com/runtime/ 1 KB
1 KB 316ms
312ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/utils.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

7d47b5895d3211f50b70bde686b4b2f0b793e794d5662f2ad9a9f5bcd354f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:57 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"a28b4ab5e4bfebd25a4d9e9e3259c6fd"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: WgrehBDQPqfXmPfnVexflPD3pNw23vT7
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: hsZAS42oiXryk2O3j_YNy2tnHwGIJ1B2cpMFGamgB2SrRmqDyDqmfg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 countyList.min.js Show response
stcu.mymortgage-online.com/runtime/ 34 KB
13 KB 306ms
302ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/countyList.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

a8de9c26b557a6a325fbd704030cea30378f3d1dcefcc6477453a5648ef88028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:57 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"33d6fc670a4db3490b7dad70b13a1d34"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: GoGl2duQncSzZgVgq.XXEtdbUtSZZbRx
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: CmwBWR7WJbZcQcTVkVUONHMl9akoMbVIiFlq4HPXgbZI5J7X6pfCAw==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 theme.min.js Show response
stcu.mymortgage-online.com/runtime/ 2 KB
1 KB 302ms
299ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/theme.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

ef00d3d290ed904ae7045b7898d41db384ed0b19a0b731d65c0bdccac2ba5c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:57 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"b68ce3940050fdaf22d0c8168f7adae8"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: DJgues_mKVGV9ydktH.odLGGCDCe3EyF
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: wOrLZuSdC9UH57f2RCCmvdWruwH2VfNZAeD4o9hJ63kjLGFSDqREAg==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 calculators.min.js Show response
stcu.mymortgage-online.com/runtime/ 46 KB
14 KB 303ms
301ms Script
application/javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/calculators.min.js

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

6846541e584f725354929fe96c1b524bbde3b5d2987186222503f96b1869c7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://stcu.mymortgage-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:57 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"dd1169af58cb723b8becb402213538b0"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: MLw2ur4.Fi9VkIEIJqUArh6L_W9J8n3w
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/javascript
x-amz-cf-id: Qaz1tC3o4njhaNOk-B0uROYayU46Bl6wYvlfynHhzs_buQHjjcKC7A==
x-content-type-options: nosniff
x-edge-custom2: notset

GET
H2 200 ratesFieldMapping.json Show response
stcu.mymortgage-online.com/runtime/ 3 KB
2 KB 302ms
299ms XHR
application/json 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stcu.mymortgage-online.com/runtime/ratesFieldMapping.json

Requested by

Host: stcu.mymortgage-online.com
URL: https://stcu.mymortgage-online.com/runtime/vendors/jquery-3.1.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-21.fra53.r.cloudfront.net

Software

Resource Hash

46d0997aeb294f2fb79f7999439612a93787ac334bcc1173bf3eb433c19e78fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://stcu.mymortgage-online.com/
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:01:57 GMT
content-encoding: gzip
x-edge-custom3: notset
x-amz-cf-pop: FRA53-C1
x-edge-config-version: not-implemented
x-cache: Miss from cloudfront
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
x-debug-date: "Date=08-03-2021::14:02"
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 05:52:14 GMT
cache-control: max-age=28800
x-frame-options: DENY
etag: W/"6354fad6f0dbc018b7f12fdb2a8ea755"
vary: Accept-Encoding
x-edge-config-name: ccapp-prod
x-amz-version-id: BhQ_j96EDZPsXUCopvIJYvQr9QBhsGzj
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-edge-custom1: notset
content-type: application/json
x-amz-cf-id: l5nFb8-WCc3AWe7fAPTGZLOPaKctYL9Cmqgz_MSocsOZTaPIC5qRRQ==
x-content-type-options: nosniff
x-edge-custom2: notset

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stcu.mymortgage-online.com/	1970-01-20 21:33:36	Name: _ga Value: GA1.3.2131203895.1656144121
.stcu.mymortgage-online.com/	1970-01-20 04:03:50	Name: _gid Value: GA1.3.634980185.1656144121
.stcu.mymortgage-online.com/	1970-01-20 04:02:24	Name: _gat Value: 1
.mymortgage-online.com/	1970-01-20 21:33:36	Name: _ga Value: GA1.2.2131203895.1656144121
.mymortgage-online.com/	1970-01-20 04:03:50	Name: _gid Value: GA1.2.634980185.1656144121
.mymortgage-online.com/	1970-01-20 04:02:24	Name: _gat_gtag_UA_667589_20 Value: 1
.mymortgage-online.com/	1970-01-20 06:12:00	Name: _gcl_au Value: 1.1.483741972.1656144121
stcu.mymortgage-online.com/	1978-01-11 21:31:40	Name: ENV Value: prod
.doubleclick.net/	1970-01-20 04:02:25	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset-service-bucket-prod.s3-us-west-2.amazonaws.com
asset-service-bucket-prod.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
stats.g.doubleclick.net
stcu.mymortgage-online.com
www.google-analytics.com
www.google.com
www.google.ru
www.googleadservices.com
www.googletagmanager.com
142.250.185.162
143.204.215.21
2001:4860:4802:36::178
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9b
52.218.236.115
52.92.133.82
0cb3ad59518a9b556a3900b3f67c8312cf1f2db88f77cbadad1e6e4f7b425e0c
12d826d3cb14f22b13226fd50df1aad188a35dbc605d71ddc4decfb3410bd45b
2753d918cf112eb4f53995b89021a75f2418ddcc97c861e9b60e32b3ee5d9498
2a763683449b92dfc8f49261fa14062451c362bd247d4643301d1c16680639d0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dd7609c9b761ae081f58895b33605a446c146038dc4fb6be391f95801c9922e
38827882d820483e56bd787271664ae89afc285874838c4577896eda448fd60b
46d0997aeb294f2fb79f7999439612a93787ac334bcc1173bf3eb433c19e78fb
4e594596748f5425e52dd024ed437a72ba14af1f963d9891aaa0d0c7e70ba808
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5b5e0fa10dde02102bc341c91aa82c038b9c47a6cbeaa18fff99aa034797e058
6846541e584f725354929fe96c1b524bbde3b5d2987186222503f96b1869c7f4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d47b5895d3211f50b70bde686b4b2f0b793e794d5662f2ad9a9f5bcd354f220
82d566677503fc4904744c3b7942f13f7188d9482e3510f4cce19a1ab84e2155
94ae96e57f94678d735a9fb7d04b7106c8f965bdd23870a7a26155f81ed3c33e
9b2ae8612116d9eef7d6e02d9b2b5ce4d0308153405605435340cbd178b3f370
9be5d47eba1077caa3ad1654f5e9c6115abd9a639e9a731bb991019319578abf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8de9c26b557a6a325fbd704030cea30378f3d1dcefcc6477453a5648ef88028
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
ac1d6fdfd1b00da08c110532d7e71e754ba9cdf4bd72ff7cfd687389b0eda488
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c37198087c3c071a88f55ef4b706cee889e799df00415b08ac2ddb9e14bf3549
c6e70c949afd5b1189dcb04aaad98427012057ebbc7ff4fba4fd7adf5d8fe637
dca24e0522d36df6000d7a49924cf4f9240f3a7c32b131d2918a9de6e2125052
dd504c01e3e0fdec1abaeb547723a8a819a16f6f9d10c0a159ee971454343145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50bd814ebcf5bfb018320602d527537f7a8fa78b34e8a5bca2ec74c5ff13b26
ef00d3d290ed904ae7045b7898d41db384ed0b19a0b731d65c0bdccac2ba5c30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbeb65db0c9d95ea4f0adc3f6c521fa735e8f7ecd5d72e06f49850958cfac3d1

stcu.mymortgage-online.com Open in urlscan Pro 143.204.215.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

67 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

390 kBTransfer

914 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stcu.mymortgage-online.com Open in urlscan Pro
143.204.215.21 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

390 kB
Transfer

914 kB
Size

9
Cookies

39 HTTP transactions
0 data transactions