www.heafcu.org Open in urlscan Pro
107.162.234.74  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.heafcu.org/	6 KB 7 KB	533ms 377ms	Document text/html	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash acf1f5d0ca635c795ab3eb26c5d52eb970dc8dd00dfaca2fe05b3371770c0d02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 6434 Content-Type text/html; charset=UTF-8 Date Fri, 05 May 2023 18:29:12 GMT Strict-Transport-Security max-age=31536000 Via 1.1 fra1-bit7 X-Content-Type-Options nosniff X-FRAME-Options SAMEORIGIN
GET H/1.1	200 OK	styles.css www.heafcu.org/_inc/	6 KB 7 KB	101ms 101ms	Stylesheet text/css	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.heafcu.org/_inc/styles.css Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 99857ed4f6edb9e997b9db1fdf497d4a242f17dd6fed06133efeb8f987f12e17 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:48:45 GMT Via 1.1 fra1-bit7 ETag "76b69f483f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 6399
GET H/1.1	200 OK	time.js Show response www.heafcu.org/_inc/	775 B 1 KB	445ms 378ms	Script application/javascript	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.heafcu.org/_inc/time.js Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash f8fb50e6d315bc70e090c87c92dbf32dbf7be01e86bb514ded9b195781f688d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:48:45 GMT Via 1.1 fra1-bit7 ETag "bc79c3483f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 775
GET H/1.1	200 OK	banner_estatements.jpg www.heafcu.org/images/	26 KB 26 KB	100ms 100ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/banner_estatements.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash ff8d3bc842a41869d71f8dabbb1c82c9db052dfa6c6452f92cf874f56af03496 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:48:57 GMT Via 1.1 fra1-bit7 ETag "d25d21503f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 26317
GET H/1.1	200 OK	promo_guy.jpg www.heafcu.org/images/	4 KB 4 KB	99ms 99ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/promo_guy.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash d2b94b7f34e86f6d7902f8030c7edc72a29e036957cf0c5a5c6854ba211a52d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Fri, 14 Sep 2018 16:11:15 GMT Via 1.1 fra1-bit7 ETag "13d11e90454cd41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 3883
GET H/1.1	200 OK	h_line.jpg www.heafcu.org/images/	825 B 1 KB	99ms 99ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/h_line.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash bbcb64242e4ff36240f0c7b9b280408a6e7cb53d8a0a9c44ba88650764024bed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Fri, 14 Sep 2018 16:11:14 GMT Via 1.1 fra1-bit7 ETag "6bfcc88f454cd41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 825
GET H/1.1	200 OK	logo_ncua_ehl2009.gif www.heafcu.org/images/	6 KB 6 KB	99ms 99ms	Image image/gif	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/logo_ncua_ehl2009.gif Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 8add60b2872d17f35106e3ca98d0f515d026b386b3b9ac1d1fba4d5783f70553 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:49:07 GMT Via 1.1 fra1-bit7 ETag "7e54ec553f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 6007
GET H/1.1	200 OK	tethered Show response heafcu-dn.financial-net.com/idp/AF46B630/ Frame F1E2	3 KB 5 KB	519ms 139ms	Document text/html	66.22.19.231 RADWARE-CLOUD-SER...
General Check archive.org Show headers Download Go to Full URL https://heafcu-dn.financial-net.com/idp/AF46B630/tethered? Requested by Host: www.heafcu.org URL: https://www.heafcu.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.22.19.231 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US), Reverse DNS Software / Resource Hash 391480a2bb9828d5313db1a84c5c6fff9bb048a89533748355a8f5dfe8361d33 Security Headers Name Value Content-Security-Policy default-src 'self';script-src 'nonce-W4V8fB8AHBvgl5WpWddI/Kcu' 'strict-dynamic';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' https://www.heafcu.org Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options allow-from https://www.heafcu.org/ X-Xss-Protection 1; mode=block Request headers Referer https://www.heafcu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store,must-revalidate Connection keep-alive Content-Security-Policy default-src 'self';script-src 'nonce-W4V8fB8AHBvgl5WpWddI/Kcu' 'strict-dynamic';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' https://www.heafcu.org Content-Type text/html; charset=utf-8 Date Fri, 05 May 2023 18:29:12 GMT FISV-Conversation-ID E246645CDC44433EB7139A55B2A16752 Pragma no-cache,no-cache Request-ID 80003080-0002-5f00-b63f-84710c7967bb Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options allow-from https://www.heafcu.org/ X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	logo1.jpg www.heafcu.org/images/	2 KB 2 KB	107ms 104ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/logo1.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/_inc/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 6fbb7ede6c72fd82db4e9873cc561a1a74a021585ff8c8ccdb537f9c03dba5b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/_inc/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:49:06 GMT Via 1.1 fra1-bit7 ETag "22bb91553f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 2000
GET H/1.1	200 OK	logo2.jpg www.heafcu.org/images/	7 KB 7 KB	397ms 381ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/logo2.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/_inc/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash db6f05c25ce5155c04459134fe770a1400425dc08b488eca0c31f2021cfe7893 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/_inc/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:49:07 GMT Via 1.1 fra1-bit7 ETag "2a6ac1553f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 6699
GET H/1.1	200 OK	header-bg2.png www.heafcu.org/images/	520 B 843 B	133ms 98ms	Image image/png	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/header-bg2.png Requested by Host: www.heafcu.org URL: https://www.heafcu.org/_inc/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 7024b013de51a0695a21d1d5045a48e86cdb8e7af77707e3ca1a0d1da0447fcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/_inc/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:48:58 GMT Via 1.1 fra1-bit7 ETag "c3196503f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/png Accept-Ranges bytes Content-Length 520
GET H/1.1	200 OK	top3.jpg www.heafcu.org/images/	2 KB 2 KB	455ms 380ms	Image image/jpeg	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/top3.jpg Requested by Host: www.heafcu.org URL: https://www.heafcu.org/_inc/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 3d7c74ab94badc59ce051aaea9ddb18af34db696088a7275178952dacffd718b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/_inc/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:49:12 GMT Via 1.1 fra1-bit7 ETag "224225593f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/jpeg Accept-Ranges bytes Content-Length 1880
GET H/1.1	200 OK	left-nav-btn.png www.heafcu.org/images/	2 KB 2 KB	457ms 378ms	Image image/png	107.162.234.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.heafcu.org/images/left-nav-btn.png Requested by Host: www.heafcu.org URL: https://www.heafcu.org/_inc/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.234.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash a6b6b4fbb122f207ee38d4899bc2ad93d618fc57779c467246e8cd3a2fb67407 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.heafcu.org/_inc/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Fri, 05 May 2023 18:29:12 GMT X-Content-Type-Options nosniff Last-Modified Mon, 10 Sep 2018 19:49:06 GMT Via 1.1 fra1-bit7 ETag "283369553f49d41:0" X-FRAME-Options SAMEORIGIN Content-Type image/png Accept-Ranges bytes Content-Length 1545
GET H/1.1	200 OK	styles heafcu-dn.financial-net.com/idp/ Frame F1E2	6 KB 8 KB	146ms 144ms	Stylesheet text/css	66.22.19.231 RADWARE-CLOUD-SER...
General Check archive.org Show headers Download Go to Full URL https://heafcu-dn.financial-net.com/idp/styles?file=%2Fcss%2Ftethered.less&tenantId=AF46B630 Requested by Host: heafcu-dn.financial-net.com URL: https://heafcu-dn.financial-net.com/idp/AF46B630/tethered? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.22.19.231 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US), Reverse DNS Software / Resource Hash bc3ec2366c0107539c89629219956c54e4751a0b8257420a885030df1e718b3c Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'unsafe-inline';style-src 'nonce-41f8c3b2-d8eb-468a-969a-6d903dd6e24d' 'strict-dynamic';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://heafcu-dn.financial-net.com/idp/AF46B630/tethered? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self'; script-src 'unsafe-inline';style-src 'nonce-41f8c3b2-d8eb-468a-969a-6d903dd6e24d' 'strict-dynamic';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Fri, 05 May 2023 18:29:13 GMT X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/css Vary Accept-Encoding Cache-Control public,max-age=0,must-revalidate FISV-Conversation-ID CFDF6462D2434DF89FCCF53E84FE70BC Connection keep-alive Request-ID 80000a67-1c0b-0700-b63f-84710c7967bb X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	tethered.js Show response heafcu-dn.financial-net.com/idp/scripts/ Frame F1E2	5 KB 6 KB	136ms 135ms	Script application/javascript	66.22.19.231 RADWARE-CLOUD-SER...
General Check archive.org Show headers Download Go to Full URL https://heafcu-dn.financial-net.com/idp/scripts/tethered.js Requested by Host: heafcu-dn.financial-net.com URL: https://heafcu-dn.financial-net.com/idp/AF46B630/tethered? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.22.19.231 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US), Reverse DNS Software / Resource Hash ad8d1e028eb67ca0880f4d43851ffb80a7428202ca2f2b78d1e79710c803c9f9 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'unsafe-inline';style-src 'nonce-65ecc18e-81cb-4e27-8d4c-5e788c3a6f32' 'strict-dynamic';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://heafcu-dn.financial-net.com/idp/AF46B630/tethered? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Content-Security-Policy default-src 'self'; script-src 'unsafe-inline';style-src 'nonce-65ecc18e-81cb-4e27-8d4c-5e788c3a6f32' 'strict-dynamic';img-src 'self' data:;font-src 'self' data:;frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Date Fri, 05 May 2023 18:29:12 GMT Transfer-Encoding chunked FISV-Conversation-ID 82AF6D6C43CD4850B8138F5927C11FF8 Connection keep-alive Request-ID 80008f61-0000-5200-b63f-84710c7967bb X-Xss-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 12 Apr 2023 06:00:38 GMT ETag W/"1d96d041abc9450" Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/javascript Cache-Control must-revalidate

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| makeArray function| makeArray0 function| y2k object| months object| days object| today string| day number| date number| month number| year

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.heafcu.org/	1969-12-31 23:59:59	Name: TS01d4e29a Value: 0173f102665d3e6fcba8c1f889770c66e58ac6515a29335fde5c7532183059046704a0a1bfef0563827b882a02e4d5e2f5edba521c

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://heafcu-dn.financial-net.com/idp/AF46B630/tethered?(Line 6) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-W4V8fB8AHBvgl5WpWddI/Kcu' 'strict-dynamic'". Either the 'unsafe-inline' keyword, a hash ('sha256-MoAnEF7+/PugqxXpsH020VtuFgwDzhm1p9ph8RxNzqs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://heafcu-dn.financial-net.com/idp/AF46B630/tethered?(Line 6) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-W4V8fB8AHBvgl5WpWddI/Kcu' 'strict-dynamic'". Either the 'unsafe-inline' keyword, a hash ('sha256-rAtC05pMqBH50elVzK6AHwQF9TAxM6WyTtVeAISmdJk='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

heafcu-dn.financial-net.com
www.heafcu.org
107.162.234.74
66.22.19.231
391480a2bb9828d5313db1a84c5c6fff9bb048a89533748355a8f5dfe8361d33
3d7c74ab94badc59ce051aaea9ddb18af34db696088a7275178952dacffd718b
6fbb7ede6c72fd82db4e9873cc561a1a74a021585ff8c8ccdb537f9c03dba5b9
7024b013de51a0695a21d1d5045a48e86cdb8e7af77707e3ca1a0d1da0447fcd
8add60b2872d17f35106e3ca98d0f515d026b386b3b9ac1d1fba4d5783f70553
99857ed4f6edb9e997b9db1fdf497d4a242f17dd6fed06133efeb8f987f12e17
a6b6b4fbb122f207ee38d4899bc2ad93d618fc57779c467246e8cd3a2fb67407
acf1f5d0ca635c795ab3eb26c5d52eb970dc8dd00dfaca2fe05b3371770c0d02
ad8d1e028eb67ca0880f4d43851ffb80a7428202ca2f2b78d1e79710c803c9f9
bbcb64242e4ff36240f0c7b9b280408a6e7cb53d8a0a9c44ba88650764024bed
bc3ec2366c0107539c89629219956c54e4751a0b8257420a885030df1e718b3c
d2b94b7f34e86f6d7902f8030c7edc72a29e036957cf0c5a5c6854ba211a52d5
db6f05c25ce5155c04459134fe770a1400425dc08b488eca0c31f2021cfe7893
f8fb50e6d315bc70e090c87c92dbf32dbf7be01e86bb514ded9b195781f688d7
ff8d3bc842a41869d71f8dabbb1c82c9db052dfa6c6452f92cf874f56af03496