urlscan.io logo urlscan.io
SecurityTrails logo

banking.acu.ca Open in urlscan Pro
209.202.9.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://banking.acu.ca/
Submission: On November 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 39 HTTP transactions. The main IP is 209.202.9.165, located in Winnipeg, Canada and belongs to MTS-ASN, CA. The main domain is banking.acu.ca.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 13th 2020. Valid for: a year.
This is the only time banking.acu.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 209.202.9.165 7122 (MTS-ASN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
39 4
Domain Requested by
33 banking.acu.ca banking.acu.ca
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.acu.ca banking.acu.ca
1 www.googletagmanager.com banking.acu.ca
39 4

This site contains links to these domains. Also see Links.

Domain
www.acu.ca
Subject Issuer Validity Valid
www.acu.ca
Sectigo RSA Organization Validation Secure Server CA		 2020-10-13 -
2021-10-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://banking.acu.ca/
Frame ID: 52BD2FF54C7BDCAA9961FB862D0BA794
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

39
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1127 kB
Transfer

1770 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
banking.acu.ca/ 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
d26fd3ffc4b6ee27cbe46b4920fa3decf51ee6942398e25b360f056a374d188c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
banking.acu.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private,public
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
__AntiXsrfToken=50543b4e07f94ff481097ab5042086cc; path=/; secure; HttpOnly TS013f5d22=01b462c925ab88ca8e8d6f4b93cfd2b4f017518b6382853a9aff489edecd55dfab8027a1858fc616a62c01541d82132f772b1e037898da25a6ef549a2dac358a5c860d5e88; Path=/; Secure; HTTPOnly
X-Frame-Options
sameorigin
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Length
19119
bootstrap.min.css
banking.acu.ca/Content/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/bootstrap.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
c154d0d482ede516ae2d5359428446dc3ec409ae45eac05f178df203aa4e4c58
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
19960
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
styles.min.css
banking.acu.ca/Content/themes/ACU/ 		243 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
1687b8cffd28c3d8c234990c9eaf6fc20b3a5c59520283fbf22e6ccf34b3588e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 13:05:02 GMT
X-Frame-Options
sameorigin
ETag
"0d3dd11790d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
58995
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ebankit-smoothDivScroll.min.css
banking.acu.ca/Content/themes/ACU/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/ebankit-smoothDivScroll.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
28eae3fd1215ce8c9adcb61fe5d7ad6782520fce7671ec69e9c63a93751265ad
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 May 2020 13:26:42 GMT
X-Frame-Options
sameorigin
ETag
"0d5c1209832d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
1064
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ieblocker.min.js
banking.acu.ca/Scripts/ 		242 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/ieblocker.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
bc2485c7e3ee0c80f543ad03d3a78e885af26fae60f49b5fb74eae4417803b0f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:52 GMT
X-Frame-Options
sameorigin
ETag
"0d22f1e27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
260
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
jquery-3.4.1.min.js
banking.acu.ca/Scripts/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/jquery-3.4.1.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 May 2020 13:26:44 GMT
X-Frame-Options
sameorigin
ETag
"02f3219832d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
39426
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
cufon-yui.min.js
banking.acu.ca/Scripts/megamenu/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/megamenu/cufon-yui.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
480b45c1771f183faa67d4d09e35b02207f74ea5780e2d814fced90e2e443564
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:52 GMT
X-Frame-Options
sameorigin
ETag
"0d22f1e27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
8439
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
bootstrap.min.js
banking.acu.ca/Scripts/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/bootstrap.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
f90c0f144ccddc7abe417fac233e3dc32334aa358cd9414c15ebbd50f1ce6f3b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
14444
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
jquery.blockUI.min.js
banking.acu.ca/Scripts/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/jquery.blockUI.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
66e11f4437840cd7567b78dd80576ab456d6704ed193ff8a1d4df6f9918cfcf4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:52 GMT
X-Frame-Options
sameorigin
ETag
"0d22f1e27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
4305
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
jquery.validate.min.js
banking.acu.ca/Scripts/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/jquery.validate.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
e45fe38fe9318f6a4dca0bfa89e2528ddb7af90b6cdb990612935bf62b65cb25
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:52 GMT
X-Frame-Options
sameorigin
ETag
"0d22f1e27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
8051
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
jquery.mousewheel.min.js
banking.acu.ca/Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/jquery.mousewheel.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
80a68e9b3bd96440facbae5d874cbcd4ad00587884a17da3ef1ed148e68721c6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:52 GMT
X-Frame-Options
sameorigin
ETag
"0d22f1e27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:18 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
1121
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
WebResource.axd
banking.acu.ca/ 		0
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZPl54LDvtNsl70aZWH11iBXk-GMp0MIahz_chUX6TSVWu_em_nsY0X0CmrQnKyp9bw2&t=637346592242505677
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Nov 2019 04:37:24 GMT
Date
Sat, 07 Nov 2020 11:20:19 GMT
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
Cache-Control
public,public
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Content-Length
0
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Expires
Sun, 07 Nov 2021 09:02:23 GMT
ScriptResource.axd
banking.acu.ca/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvh6vWEHSbWrrcHJVMiTcRP9HdmZ__v4RleZaw4RJV7pwM_z4YEv7cqBu7gd6vRs3lTUermBjh15Loud7oz8h7tlBk-YvTg45hXU5gtJH8Bu-IPie9PpLqZ0FiuqBbWZUKU7gdTwRudCJF-ROMGK4LTo1&t=ffffffffb4e3605f
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Nov 2020 09:00:47 GMT
Date
Sat, 07 Nov 2020 11:20:18 GMT
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
Cache-Control
public,public
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Content-Length
25609
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Expires
Sun, 07 Nov 2021 09:00:47 GMT
ScriptResource.axd
banking.acu.ca/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OHjoeO9TsPAs1GSDBtcYGTmhHPjt-gwGaCsYE__CsZq2k72Wqbx1xO70i_rErkjgvzkNoDe8hhqSkdDEilAlWWVdqDCXl7CcUfRo4pXmhVLe0CuFTIOqrhvsFLrq4M1Az3k_NZrU1posqbEgUASRcKY1&t=ffffffffb4e3605f
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Nov 2020 09:01:04 GMT
Date
Sat, 07 Nov 2020 11:20:19 GMT
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
Cache-Control
public,public
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Content-Length
9984
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Expires
Sun, 07 Nov 2021 09:01:04 GMT
date.min.js
banking.acu.ca/Scripts/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/date.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
8ce9bde234e7a09423014fb0b61a69592376704cf04b72be36bf86632ef79c6c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
1827
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
common-1.0.min.js
banking.acu.ca/Scripts/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/common-1.0.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
773ee037c456df6702023829b543030abebedffbfa533ac193036ca482edf70d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 13:05:02 GMT
X-Frame-Options
sameorigin
ETag
"0d3dd11790d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
9810
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
close_round.png
banking.acu.ca/Content/Themes/ACU/images/custom/assets/generic/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.acu.ca/Content/Themes/ACU/images/custom/assets/generic/close_round.png?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
c7535ed9a0cb8a5131af11751f428bb37be9aa16d948d7a612fe5c9cac907bf9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:08 GMT
ETag
"04665df15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:20 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
1627
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ClrSignIn.min.css
banking.acu.ca/Content/Themes/ACU/ 		980 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/Themes/ACU/ClrSignIn.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
4662e2f3637d35417282295aa38f4ddb8077502bcb1fc72d16255447787361a8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 May 2020 13:26:42 GMT
X-Frame-Options
sameorigin
ETag
"0d5c1209832d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
617
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
acu-onlinebankinglogin1920x1080-compressed.png
www.acu.ca//media/1071/ 		501 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acu.ca//media/1071/acu-onlinebankinglogin1920x1080-compressed.png
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
2bd0984999d02dd5a2e943f3f160a8c484da435c437d4e119ad993440aa0d5cb
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.gstatic.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com; img-src * data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
font-src 'self' *.gstatic.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com; img-src * data:;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Oct 2019 22:28:02 GMT
ETag
"085d0a3de82d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private,public,max-age=604800,public
Date
Sat, 07 Nov 2020 11:20:21 GMT
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
513490
X-XSS-Protection
1;mode=block
login.png
banking.acu.ca/Content/themes/ACU/images/custom/cu/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.acu.ca/Content/themes/ACU/images/custom/cu/logos/login.png?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
649260970000a605a19df752fe19a753ac8bba8a0eb308ba8e1134021ef5eb83
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:08 GMT
ETag
"04665df15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
9720
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
acu-open-account.png
www.acu.ca//media/1070/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acu.ca//media/1070/acu-open-account.png
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
8d75965f599b0d661adfd4cac9a0f36ca159a00dea10c83cf5e54f59d05268a4
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.gstatic.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com; img-src * data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
font-src 'self' *.gstatic.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com; img-src * data:;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Oct 2019 22:28:02 GMT
ETag
"085d0a3de82d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private,public,max-age=604800,public
Date
Sat, 07 Nov 2020 11:20:20 GMT
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
14668
X-XSS-Protection
1;mode=block
fingerprint2.min.js
banking.acu.ca/Scripts/services/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/services/fingerprint2.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
12a9f1bab08f7651b4dcb9dbc09cbc852419fa0915140a9c77e769ab4e11c859
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
12822
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ua-parser.min.js
banking.acu.ca/Scripts/services/ 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/services/ua-parser.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
4caa1b25cbc89a4f5c82dd50995257be502642d67e80fc41732f931749f2b637
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
7313
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
login.min.js
banking.acu.ca/Scripts/CLR/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/CLR/login.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
85aafa044ac3858cdf2ab985d8f69a2d8dd0965a4b2d284d6e952056fefcb763
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 Apr 2020 13:12:04 GMT
X-Frame-Options
sameorigin
ETag
"0aadc71951cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
2304
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
loginBackground-1.0.min.js
banking.acu.ca/Scripts/Services/ 		995 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Scripts/Services/loginBackground-1.0.min.js?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
957b1f8724335634c0eab1b489826892004bf311b4c016c357530789bbd9f1d2
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Feb 2020 15:28:50 GMT
X-Frame-Options
sameorigin
ETag
"0a5fe1c27ebd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
598
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
LoginBackground.min.css
banking.acu.ca/Content/Themes/ACU/Components/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
788e98cb33ddf34f5bf1c433e79d6d5cbf8d4c267a2d86f2b7772d39594e87be
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Sep 2020 13:04:24 GMT
X-Frame-Options
sameorigin
ETag
"0bc893e085d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
1687
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ebankit-tablet.min.css
banking.acu.ca/Content/themes/ACU/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/ebankit-tablet.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
95f45b8ba9a7529fb5d1b72e80f9419bb0192beb0ad6c30a278ad46c56daa766
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Sep 2020 13:04:24 GMT
X-Frame-Options
sameorigin
ETag
"0bc893e085d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
2035
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ebankit-phone.min.css
banking.acu.ca/Content/themes/ACU/ 		27 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/ebankit-phone.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
e6b8e91f208a0b5a2e8fe21c987ecb84daab6edd2804d011b8bf04e9e7423add
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jun 2020 13:29:04 GMT
X-Frame-Options
sameorigin
ETag
"090da41194ed61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
8448
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
ebankit-print.min.css
banking.acu.ca/Content/themes/ACU/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/ebankit-print.min.css?ver=91
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
16b9f689743e85403022a9b18e41ecd83276ab549c053c8ada81bc96f6d392e8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2020 13:04:24 GMT
X-Frame-Options
sameorigin
ETag
"07c232c1538d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
578
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
gtm.js
www.googletagmanager.com/ 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FQVMVS
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5246ed57ba2b6f27ac5313b1014a8c624430525014d1e46e5f973c399483da6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 11:20:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29700
x-xss-protection
0
last-modified
Sat, 07 Nov 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 07 Nov 2020 11:20:19 GMT
OpenSans-Regular.woff2
banking.acu.ca/Content/themes/ACU/fonts/OpenSans/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/fonts/OpenSans/OpenSans-Regular.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
44648
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
OpenSans-Bold.woff2
banking.acu.ca/Content/themes/ACU/fonts/OpenSans/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/fonts/OpenSans/OpenSans-Bold.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
46460
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
OpenSans-Semibold.woff2
banking.acu.ca/Content/themes/ACU/fonts/OpenSans/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/themes/ACU/fonts/OpenSans/OpenSans-Semibold.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/themes/ACU/styles.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:20 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
46576
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQVMVS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5455
date
Sat, 07 Nov 2020 09:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 07 Nov 2020 11:49:25 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1286758316&t=pageview&_s=1&dl=https%3A%2F%2Fbanking.acu.ca%2F&ul=en-us&de=UTF-8&dt=ACU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=479692141&gjid=1956596297&cid=1927764365.1604748020&tid=UA-156360112-5&_gid=1745275833.1604748020&_r=1&gtm=2wgas15FQVMVS&z=1723345199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 Nov 2020 11:20:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://banking.acu.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpenSans-Regular.woff2
banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/OpenSans-Regular.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:20 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
44648
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
OpenSans-Bold.woff2
banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/OpenSans-Bold.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:20 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
46460
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
OpenSans-Semibold.woff2
banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.acu.ca/Content/Themes/ACU/fonts/OpenSans/OpenSans-Semibold.woff2
Requested by
Host: banking.acu.ca
URL: https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.165 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-165.dedicated.bellmts.net
Software
/
Resource Hash
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://banking.acu.ca
Referer
https://banking.acu.ca/Content/Themes/ACU/Components/LoginBackground.min.css?ver=91
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Mar 2020 13:23:06 GMT
ETag
"01934de15f6d51:0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Cache-Control
public
Date
Sat, 07 Nov 2020 11:20:19 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Accept-Ranges
bytes
Content-Length
46576
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1286758316&t=timing&_s=2&dl=https%3A%2F%2Fbanking.acu.ca%2F&ul=en-us&de=UTF-8&dt=ACU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5064&pdt=4&dns=451&rrt=0&srt=338&tcp=592&dit=2672&clt=2672&_gst=2519&_gbt=2531&_cst=2454&_cbt=2514&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1927764365.1604748020&tid=UA-156360112-5&_gid=1745275833.1604748020&gtm=2wgas15FQVMVS&z=944058291
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://banking.acu.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Nov 2020 16:06:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69241
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| baseUrl boolean| IE6 boolean| IE7 boolean| IE8 function| $ function| jQuery function| Cufon string| dateJSFormat string| mstr_expsemess string| mstr_logt string| CUTheme object| dataLayer object| theForm function| __doPostBack object| Resources object| MONTH_NAMES object| DAY_NAMES function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| eBankit function| pageLoad_ProcessValidation function| CurrencyTextBoxEvents function| isNumber function| isTextSelected function| FormatAmmount2 function| FormatAmmountCulture function| FormatAmmountCulture2 function| FormatAmmount function| padLeft function| padRight function| parseFormattedNumber function| parseFormattedNumberWithSymbol function| parseCurrency function| parseCurrencyWithSymbol function| __originaldoPostBack function| createCookie object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Fingerprint2 function| UAParser object| TextBoxLogin object| LabelBoxLogin object| hdnInputTextField object| TextBoxPassword object| TextBoxHardToken object| TextBox2ndAccessCode string| showKeyboardTitle string| hideKeyboardTitle function| fingerprintReport function| selectImage function| unselectAllImages function| getLocation function| showPosition function| ToogleArrowIcon function| ToogleArrowLeftDownIcon function| GoToRecoverPassword

5 Cookies

Domain/Path Name / Value
.acu.ca/ Name: _ga
Value: GA1.2.1927764365.1604748020
banking.acu.ca/ Name: TS013f5d22
Value: 01b462c925ab88ca8e8d6f4b93cfd2b4f017518b6382853a9aff489edecd55dfab8027a1858fc616a62c01541d82132f772b1e037898da25a6ef549a2dac358a5c860d5e88
.acu.ca/ Name: _gat_UA-156360112-5
Value: 1
.acu.ca/ Name: _gid
Value: GA1.2.1745275833.1604748020
banking.acu.ca/ Name: __AntiXsrfToken
Value: 50543b4e07f94ff481097ab5042086cc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net www.googletagmanager.com www.google-analytics.com *.googleapis.com tagmanager.google.com *.google.com; object-src 'self' h.online-metrix.net; frame-src 'self' h.online-metrix.net;
Public-Key-Pins pin-sha256="EIe9Thz7/pqgeO6AgQ4YXl2AhulP6TF8MGV2PR9wMZg="; pin-sha256="oetf0W9+BwLvYTWa8x+o3v8/xItw1AfweZQZYJjtpLg="; max-age=5184000; includeSubDomains;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.acu.ca
www.acu.ca
www.google-analytics.com
www.googletagmanager.com
209.202.9.165
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:814::200e
12a9f1bab08f7651b4dcb9dbc09cbc852419fa0915140a9c77e769ab4e11c859
1687b8cffd28c3d8c234990c9eaf6fc20b3a5c59520283fbf22e6ccf34b3588e
16b9f689743e85403022a9b18e41ecd83276ab549c053c8ada81bc96f6d392e8
28eae3fd1215ce8c9adcb61fe5d7ad6782520fce7671ec69e9c63a93751265ad
2bd0984999d02dd5a2e943f3f160a8c484da435c437d4e119ad993440aa0d5cb
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4662e2f3637d35417282295aa38f4ddb8077502bcb1fc72d16255447787361a8
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
480b45c1771f183faa67d4d09e35b02207f74ea5780e2d814fced90e2e443564
4caa1b25cbc89a4f5c82dd50995257be502642d67e80fc41732f931749f2b637
5246ed57ba2b6f27ac5313b1014a8c624430525014d1e46e5f973c399483da6b
649260970000a605a19df752fe19a753ac8bba8a0eb308ba8e1134021ef5eb83
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
66e11f4437840cd7567b78dd80576ab456d6704ed193ff8a1d4df6f9918cfcf4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
773ee037c456df6702023829b543030abebedffbfa533ac193036ca482edf70d
788e98cb33ddf34f5bf1c433e79d6d5cbf8d4c267a2d86f2b7772d39594e87be
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a
80a68e9b3bd96440facbae5d874cbcd4ad00587884a17da3ef1ed148e68721c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85aafa044ac3858cdf2ab985d8f69a2d8dd0965a4b2d284d6e952056fefcb763
8ce9bde234e7a09423014fb0b61a69592376704cf04b72be36bf86632ef79c6c
8d75965f599b0d661adfd4cac9a0f36ca159a00dea10c83cf5e54f59d05268a4
957b1f8724335634c0eab1b489826892004bf311b4c016c357530789bbd9f1d2
95f45b8ba9a7529fb5d1b72e80f9419bb0192beb0ad6c30a278ad46c56daa766
bc2485c7e3ee0c80f543ad03d3a78e885af26fae60f49b5fb74eae4417803b0f
c154d0d482ede516ae2d5359428446dc3ec409ae45eac05f178df203aa4e4c58
c7535ed9a0cb8a5131af11751f428bb37be9aa16d948d7a612fe5c9cac907bf9
d26fd3ffc4b6ee27cbe46b4920fa3decf51ee6942398e25b360f056a374d188c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e45fe38fe9318f6a4dca0bfa89e2528ddb7af90b6cdb990612935bf62b65cb25
e6b8e91f208a0b5a2e8fe21c987ecb84daab6edd2804d011b8bf04e9e7423add
f90c0f144ccddc7abe417fac233e3dc32334aa358cd9414c15ebbd50f1ce6f3b