www.tcufinancialgroup.com Open in urlscan Pro
198.161.254.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tcufinancialgroup.com/en/personal
Submission: On November 18 via api (November 18th 2023, 5:32:20 pm UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 65 HTTP transactions. The main IP is 198.161.254.176, located in Canada and belongs to TELUS Communications, CA. The main domain is www.tcufinancialgroup.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 4th 2023. Valid for: a year.

This is the only time www.tcufinancialgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25 71	198.161.254.176 198.161.254.176	852 (TELUS Com...) (TELUS Communications)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
65	11

71 198.161.254.176 (Canada) 25 redirects

ASN852 (TELUS Communications, CA)

www.tcufinancialgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	tcufinancialgroup.com 25 redirects www.tcufinancialgroup.com	837 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 157	369 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	264 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	306 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	85 KB
2	gstatic.com fonts.gstatic.com	44 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	261 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
0	licdn.com Failed snap.licdn.com Failed
0	five9.com Failed app.five9.com Failed
65	12

	Domain	Requested by
71	www.tcufinancialgroup.com	25 redirects www.tcufinancialgroup.com
3	analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	www.tcufinancialgroup.com www.googletagmanager.com
2	www.youtube.com	www.tcufinancialgroup.com www.youtube.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
1	www.facebook.com	www.tcufinancialgroup.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.tcufinancialgroup.com
0	snap.licdn.com Failed	www.googletagmanager.com
0	app.five9.com Failed	www.tcufinancialgroup.com
65	12

This site contains links to these domains. Also see Links.

Domain
online.tcufinancialgroup.com
tcu.coconutcalendar.com
apps.apple.com
play.google.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.tcufinancialgroup.com Sectigo RSA Organization Validation Secure Server CA	`2023-10-04` - `2024-10-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.tcufinancialgroup.com/en/personal
Frame ID: C2923C6A3DDFFF09A7CFA6F5D3048114
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal - TCU Financial Group5A73567D-AED4-48CA-9C60-4096ED3F4DDF5A73567D-AED4-48CA-9C60-4096ED3F4DDFic-search-close61E53FA4-9EA5-4CF8-AE34-0252E49684435A73567D-AED4-48CA-9C60-4096ED3F4DDF

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

60 %
HTTPS

90 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

1273 kB
Transfer

2648 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://online.tcufinancialgroup.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://tcu.coconutcalendar.com/s/bR5r5l
Title: Book an Appointment

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/tcu-financial-group/id564363907?l
Title: Download from the Apple Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.celero.tcu
Title: Get it on Google Play

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tcufinancialgroup

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tcu-financial-group/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.tcufinancialgroup.com/Content/default/Scripts/jquery-3.4.1.min.js HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js

Request Chain 4

https://www.tcufinancialgroup.com/Content/default/scripts/Umbraco/owl.carousel.min.js HTTP 301
https://www.tcufinancialgroup.com/not-found/ HTTP 301
https://www.tcufinancialgroup.com/not-found

Request Chain 6

https://www.tcufinancialgroup.com/Content/default/Images/search.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/search.svg

Request Chain 7

https://www.tcufinancialgroup.com/Content/default/Images/ic-search-close.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

Request Chain 11

https://www.tcufinancialgroup.com/Content/theme-2/Images/Questions_blue.svg HTTP 301
https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

Request Chain 20

https://www.tcufinancialgroup.com/content/default/Styles/bootstrap.min.css?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/styles/bootstrap.min.css?cdv=1365669963

Request Chain 22

https://www.tcufinancialgroup.com/content/default/Styles/Custom/Widgets/iTSector_Widget_Richtext.css?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/styles/custom/widgets/itsector_widget_richtext.css?cdv=1365669963

Request Chain 23

https://www.tcufinancialgroup.com/content/default/Styles/Custom/Styles.css?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963

Request Chain 24

https://www.tcufinancialgroup.com/content/default/Scripts/jquery-3.4.1.min.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js?cdv=1365669963

Request Chain 25

https://www.tcufinancialgroup.com/content/default/Scripts/popper.min.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/popper.min.js?cdv=1365669963

Request Chain 26

https://www.tcufinancialgroup.com/content/default/Scripts/bootstrap.min.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/bootstrap.min.js?cdv=1365669963

Request Chain 27

https://www.tcufinancialgroup.com/content/default/Scripts/css-var-ponyfill.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/css-var-ponyfill.js?cdv=1365669963

Request Chain 28

https://www.tcufinancialgroup.com/content/default/Scripts/blazy.min.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/blazy.min.js?cdv=1365669963

Request Chain 29

https://www.tcufinancialgroup.com/content/default/Scripts/iframeResizer.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/iframeresizer.js?cdv=1365669963

Request Chain 30

https://www.tcufinancialgroup.com/content/default/Scripts/Custom/scripts.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/custom/scripts.js?cdv=1365669963

Request Chain 31

https://www.tcufinancialgroup.com/content/default/Scripts/Custom/Widgets/iTSector_Widget_Richtext.js?cdv=1365669963 HTTP 301
https://www.tcufinancialgroup.com/content/default/scripts/custom/widgets/itsector_widget_richtext.js?cdv=1365669963

Request Chain 32

https://www.tcufinancialgroup.com/media/css/RTE.css HTTP 301
https://www.tcufinancialgroup.com/media/css/rte.css

Request Chain 33

https://www.tcufinancialgroup.com/Media/css/8908_theme.css HTTP 301
https://www.tcufinancialgroup.com/media/css/8908_theme.css

Request Chain 46

https://www.tcufinancialgroup.com/content/default/Fonts/Inter-Regular.woff HTTP 301
https://www.tcufinancialgroup.com/content/default/fonts/inter-regular.woff

Request Chain 55

https://www.tcufinancialgroup.com/Content/default/Images/search.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/search.svg

Request Chain 56

https://www.tcufinancialgroup.com/Content/default/Images/search.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/search.svg

Request Chain 57

https://www.tcufinancialgroup.com/Content/default/Images/ic-search-close.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

Request Chain 58

https://www.tcufinancialgroup.com/Content/theme-2/Images/Questions_blue.svg HTTP 301
https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

Request Chain 59

https://www.tcufinancialgroup.com/Content/default/Images/search.svg HTTP 301
https://www.tcufinancialgroup.com/content/default/images/search.svg

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request personal Show response
www.tcufinancialgroup.com/en/ 59 KB
61 KB 2250ms
284ms Document
text/html 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

110d83ff18a67341ddd23cba709a51195d0a5a9d37f6b6d111ab5909017e4c31

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 60780
Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Type: text/html; charset=utf-8
Date: Sat, 18 Nov 2023 17:32:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 231ms
81ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&family=Poppins:ital,wght@0,400;0,500;1,400&display=swap

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e56587b4d4df4164cdd16a31aa30960cd86c34309c0eda821b9ac9fd9ce70de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 17:32:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 17:32:11 GMT

GET
H/1.1 200
OK owl.carousel.min.css
www.tcufinancialgroup.com/media/css/ 3 KB
4 KB 320ms
114ms Stylesheet
text/css 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/css/owl.carousel.min.css

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
Last-Modified: Thu, 17 Feb 2022 20:07:36 GMT
ETag: "fd4da113a24d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 3351
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK owl.theme.default.min.css
www.tcufinancialgroup.com/media/css/ 1013 B
2 KB 346ms
129ms Stylesheet
text/css 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/css/owl.theme.default.min.css

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
Last-Modified: Thu, 17 Feb 2022 20:07:14 GMT
ETag: "953edaf43924d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 1013
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

jquery-3.4.1.min.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Scripts/jquery-3.4.1.min.js
https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js

190 KB
63 KB

225ms
225ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

d8aba3861b3f7d8e81f0a3efad43d3d4c81b9e8e29d756b8d9f7035a6a5da0f3

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:10 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 63085
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 200
X-XSS-Protection: 1;mode=block

GET
H/1.1

404
Not Found

not-found
www.tcufinancialgroup.com/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/scripts/Umbraco/owl.carousel.min.js
https://www.tcufinancialgroup.com/not-found/
https://www.tcufinancialgroup.com/not-found

0
0

286ms
285ms

Script
text/html

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/not-found

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 50770
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/not-found
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 166
X-XSS-Protection: 1;mode=block

GET
H/1.1 404
Not Found spinner-1s-200px.gif
www.tcufinancialgroup.com/media/1547/ 1 KB
1 KB 352ms
134ms Image
text/html 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1547/spinner-1s-200px.gif

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 1245
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

search.svg
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/search.svg
https://www.tcufinancialgroup.com/content/default/images/search.svg

2 KB
3 KB

126ms
126ms

Image
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/content/default/images/search.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

8f284ad61d469d487c406c50ecac13bd72ca82e92d5e7aa76342680f6b8dfd13

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1727
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/search.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 190
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

ic-search-close.svg
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/ic-search-close.svg
https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

2 KB
3 KB

116ms
116ms

Image
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

cf6aec4c7d9805ed2220c54581eb84a1a965896554ad7de658203901e99b5b55

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1576
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 199
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu-logo-financial-group.png
www.tcufinancialgroup.com/media/1768/ 6 KB
7 KB 139ms
139ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1768/tcu-logo-financial-group.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

9d1d85cd95504acc0d1b9846991ca58f00f95e7a333edebab7d56414f1729438

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Fri, 25 Feb 2022 22:49:35 GMT
ETag: "1aa9fbf5992ad81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 6165
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu-wealth-managment-logo.png
www.tcufinancialgroup.com/media/1766/ 4 KB
5 KB 227ms
133ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1766/tcu-wealth-managment-logo.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

a4dc0a77fc818d50eff41db2305497e1aff659d40e27a80b1df783c82dd11893

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Fri, 25 Feb 2022 22:43:52 GMT
ETag: "32377e29992ad81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 3960
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu-logo-design-financial-group-fnl-1.svg
www.tcufinancialgroup.com/media/1627/ 62 KB
63 KB 207ms
116ms Image
image/svg+xml 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1627/tcu-logo-design-financial-group-fnl-1.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

e16377f50536bcb5ca596fdd4aa7dc34787f9b15274d95418f0a34f244a7cf59

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Mon, 19 Dec 2022 23:02:26 GMT
ETag: "23ae41f6fd13d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 63308
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

questions_blue.svg
www.tcufinancialgroup.com/content/theme-2/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/theme-2/Images/Questions_blue.svg
https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

3 KB
2 KB

143ms
115ms

Image
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

046a140c8d127c5744a5557084a5e93f4b26b77c6e9530e375f5bd0b7c4143ed

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:11 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1112
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 198
X-XSS-Protection: 1;mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
76 KB 229ms
86ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2PPJ6F

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

175f7ce2e122842bb0d5c0653f1a22852cd1cb328204c170acf4e47fc4baa362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:32:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77058
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 17:32:12 GMT

GET
H/1.1 200
OK tcu-personal-community.jpg
www.tcufinancialgroup.com/media/1879/ 125 KB
126 KB 131ms
118ms Image
image/jpeg 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1879/tcu-personal-community.jpg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

9895a00af1073571ae4e306cacc32ef27740b8ee6a1778b0ac3b794722756d77

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Sun, 13 Mar 2022 18:43:21 GMT
ETag: "49cbe736a37d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 127766
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK we-know-saskatchuwan.jpg
www.tcufinancialgroup.com/media/1859/ 42 KB
43 KB 251ms
251ms Image
image/jpeg 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1859/we-know-saskatchuwan.jpg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

f1be4a574c6453253d85bde66149785e58be8d7d2c20c62f76a879105d694bc2

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Fri, 11 Mar 2022 23:03:46 GMT
ETag: "b180d7429c35d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 42568
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK membership-success-stories.jpg
www.tcufinancialgroup.com/media/1860/ 50 KB
52 KB 132ms
131ms Image
image/jpeg 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1860/membership-success-stories.jpg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

dd4ccc15ebb065e34e1fd8fab299873715ad2722054e70ee5c586428dea8d455

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Fri, 11 Mar 2022 23:03:48 GMT
ETag: "d9d2a449c35d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 51633
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu-logo-white.png
www.tcufinancialgroup.com/media/1657/ 5 KB
6 KB 120ms
118ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1657/tcu-logo-white.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

7c76507574629ed8964b97cf9781612d9b69ce09d99990b3ff55322f0b2a2573

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Tue, 08 Feb 2022 16:20:41 GMT
ETag: "16d7d5d071dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 4691
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK qtrade_wordmark_white_cmyk-1-ai.png
www.tcufinancialgroup.com/media/2106/ 6 KB
7 KB 130ms
129ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/2106/qtrade_wordmark_white_cmyk-1-ai.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

4e5b4a51c1113f3fa9b4675d8717516fad5b51f34e49c112f38c55778fac0647

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 24 Aug 2022 21:50:06 GMT
ETag: "e55b3e793b8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 6415
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK facebook-icon.png
www.tcufinancialgroup.com/media/1661/ 305 B
1 KB 115ms
114ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1661/facebook-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

ba8b3ed69be0683b34e8f4b708f5577d817687d1993422f47df4928dc9b23afd

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Tue, 08 Feb 2022 17:34:14 GMT
ETag: "9fc64f17121dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 305
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK linkedin-icon.png
www.tcufinancialgroup.com/media/1659/ 355 B
1 KB 116ms
116ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1659/linkedin-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

6da748084eb745fad61a99418b023d8bfe1dc52822c3c1a7725fefa44f08dcc5

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
Last-Modified: Tue, 08 Feb 2022 17:34:14 GMT
ETag: "62531b17121dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 355
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

bootstrap.min.css
www.tcufinancialgroup.com/content/default/styles/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Styles/bootstrap.min.css?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/styles/bootstrap.min.css?cdv=1365669963

156 KB
24 KB

118ms
118ms

Stylesheet
text/css

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/styles/bootstrap.min.css?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:11 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 23669
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/styles/bootstrap.min.css?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 212
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu_theme1182.css
www.tcufinancialgroup.com/media/css/ 36 KB
37 KB 130ms
130ms Stylesheet
text/css 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

25c2db7f2d1940ba921b00e1d811a221faadb9c5b71e9e781b16afe85aaddb4c

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 14 Dec 2022 20:19:02 GMT
ETag: "9eb6ed4ef9fd91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 36531
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

itsector_widget_richtext.css
www.tcufinancialgroup.com/content/default/styles/custom/widgets/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Styles/Custom/Widgets/iTSector_Widget_Richtext.css?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/styles/custom/widgets/itsector_widget_richtext.css?cdv=1365669963

467 B
2 KB

134ms
120ms

Stylesheet
text/css

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/styles/custom/widgets/itsector_widget_richtext.css?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

6d673c38f25d4b0ccdb760355e78434622b135ddf5bd82e5a695b8bc02eaaa28

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
ETag: "0b548d3bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 467
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/styles/custom/widgets/itsector_widget_richtext.css?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 238
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

styles.css
www.tcufinancialgroup.com/content/default/styles/custom/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Styles/Custom/Styles.css?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963

29 KB
30 KB

277ms
132ms

Stylesheet
text/css

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

b9a724f3866b5db86bdb0237261b52a9b00fa2175ca12611ade808238d42e7b6

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
ETag: "0b548d3bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 29778
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 212
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

jquery-3.4.1.min.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/jquery-3.4.1.min.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js?cdv=1365669963

190 KB
63 KB

336ms
117ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

d8aba3861b3f7d8e81f0a3efad43d3d4c81b9e8e29d756b8d9f7035a6a5da0f3

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:11 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 63085
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/jquery-3.4.1.min.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 215
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

popper.min.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/popper.min.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/popper.min.js?cdv=1365669963

19 KB
8 KB

128ms
128ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/popper.min.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:13 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 6877
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/popper.min.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 209
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

bootstrap.min.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/bootstrap.min.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/bootstrap.min.js?cdv=1365669963

59 KB
17 KB

116ms
115ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/bootstrap.min.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
Date: Sat, 18 Nov 2023 17:32:13 GMT
ETag: "08817d2bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 15923
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/bootstrap.min.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 212
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

css-var-ponyfill.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/css-var-ponyfill.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/css-var-ponyfill.js?cdv=1365669963

24 KB
9 KB

127ms
126ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/css-var-ponyfill.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

05ead7fbda5e6b4e05104b1b928d813094939519bf5fc21e5d3ed9e99d1737b6

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:12 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 7552
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/css-var-ponyfill.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 215
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

blazy.min.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/blazy.min.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/blazy.min.js?cdv=1365669963

6 KB
3 KB

121ms
120ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/blazy.min.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

ef4deeb0998c340f1493792d037427f21c24aa7c428223429d84e0fe98e6ec7f

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
Date: Sat, 18 Nov 2023 17:32:12 GMT
ETag: "08817d2bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 2135
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/blazy.min.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 208
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

iframeresizer.js Show response
www.tcufinancialgroup.com/content/default/scripts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/iframeResizer.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/iframeresizer.js?cdv=1365669963

32 KB
9 KB

128ms
127ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/iframeresizer.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

5069592dc199e1d5fe1582c43a8d03ea9e1b073cc0e65df6b67b9c839919a9a4

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:12 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 8243
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/iframeresizer.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 212
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

scripts.js Show response
www.tcufinancialgroup.com/content/default/scripts/custom/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/Custom/scripts.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/custom/scripts.js?cdv=1365669963

8 KB
3 KB

114ms
114ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/custom/scripts.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

dd62893a7404f381968f847ef5378a1e1890b87702a69c826b428b7ab85259a2

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
Date: Sat, 18 Nov 2023 17:32:12 GMT
ETag: "08817d2bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 2373
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/custom/scripts.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 213
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

itsector_widget_richtext.js Show response
www.tcufinancialgroup.com/content/default/scripts/custom/widgets/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Scripts/Custom/Widgets/iTSector_Widget_Richtext.js?cdv=1365669963
https://www.tcufinancialgroup.com/content/default/scripts/custom/widgets/itsector_widget_richtext.js?cdv=1365669963

3 B
1 KB

117ms
117ms

Script
application/javascript

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/scripts/custom/widgets/itsector_widget_richtext.js?cdv=1365669963

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 3
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/scripts/custom/widgets/itsector_widget_richtext.js?cdv=1365669963
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 238
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

rte.css
www.tcufinancialgroup.com/media/css/
Redirect Chain

https://www.tcufinancialgroup.com/media/css/RTE.css
https://www.tcufinancialgroup.com/media/css/rte.css

824 B
2 KB

223ms
114ms

Stylesheet
text/css

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/css/rte.css

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

d1f3b5b38fcfa8bf644cc183587dd91d029680513c6a8f348d74c28e783d13fd

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Mon, 23 Aug 2021 21:34:10 GMT
ETag: "5fec09c6698d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 824
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/media/css/rte.css
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 174
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

8908_theme.css
www.tcufinancialgroup.com/media/css/
Redirect Chain

https://www.tcufinancialgroup.com/Media/css/8908_theme.css
https://www.tcufinancialgroup.com/media/css/8908_theme.css

10 KB
11 KB

188ms
117ms

Stylesheet
text/css

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/css/8908_theme.css

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

571dd6d13c127e4c20390bc8e686e25b765d54e0c9983269de3a4d8f1cb35a81

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Tue, 26 Apr 2022 20:52:48 GMT
ETag: "d1aa696af59d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 10119
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/media/css/8908_theme.css
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 181
X-XSS-Protection: 1;mode=block

GET five9-socialwidget.min.js
app.five9.com/consoles/SocialWidget/ 0
0

GET
H/1.1 200
OK help-icon.png
www.tcufinancialgroup.com/media/1698/ 576 B
2 KB 172ms
122ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1698/help-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

3ce1ae7951ed96420762fe2f5d494ed646a3fd11bd62a88314ff713a682dd2ac

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 16 Feb 2022 21:51:51 GMT
ETag: "d5575677f23d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 576
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK lock-icon.png
www.tcufinancialgroup.com/media/1699/ 338 B
1 KB 160ms
113ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1699/lock-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

ebdfca6465786a335d58d1a96ee5c3e1ba53ebca712f5f677592d2ffe4fe1436

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 16 Feb 2022 21:56:55 GMT
ETag: "5cccfa1c8023d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 338
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK menu-arrow-icon.png
www.tcufinancialgroup.com/media/1664/ 263 B
1 KB 192ms
139ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1664/menu-arrow-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

ff6e6cfbb4c129bea2c29dcea26b9b363ed9bf057c89ef55dd2eb2e309aef33f

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 09 Feb 2022 17:45:37 GMT
ETag: "2fbf2d9dc1dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 263
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK tcu-logo-line.png
www.tcufinancialgroup.com/media/1656/ 1 KB
2 KB 130ms
117ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1656/tcu-logo-line.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

935f9c3d57b88f779f15426f5e068259d7e7e93ab7e02daed326e7b23b6e847e

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Mon, 07 Feb 2022 21:16:31 GMT
ETag: "93017fa671cd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 1070
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK arrow-icon.png
www.tcufinancialgroup.com/media/1658/ 218 B
1 KB 129ms
128ms Image
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcufinancialgroup.com/media/1658/arrow-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

30e2835e70bdfd45641f20af7f889cdc78b30cc8a2bf075fa562421de01ba945

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/media/css/tcu_theme1182.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
Last-Modified: Tue, 08 Feb 2022 17:19:42 GMT
ETag: "e82d6df101dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 218
X-XSS-Protection: 1;mode=block

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v14/ 36 KB
37 KB 214ms
62ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&family=Poppins:ital,wght@0,400;0,500;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tcufinancialgroup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:11:36 GMT
x-content-type-options: nosniff
age: 224436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37000
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:08:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 03:11:36 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 296ms
145ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&family=Poppins:ital,wght@0,400;0,500;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tcufinancialgroup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:04 GMT
x-content-type-options: nosniff
age: 244748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
94 KB 93ms
91ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PPJ6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61c14398f683bbdef344da4d4790849db04b7ae1423fbc62a3e2778bcba2286c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:32:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 17:32:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
94 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JC1GKL515E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PPJ6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7536080bcb707f6190f29e096d4b64357bf613f100fcda5471ddc819b75cc480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:32:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 17:32:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 200ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PPJ6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 17:32:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uyAZpnDonaGqXJDU6zyxKxNWjhqWyh3w8LQXqlGYXacR4Gu3ma4tFB4/QqJwpnVlVy4LXw0h1ubfWtzBWUuUPQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET
H/1.1

200
OK

inter-regular.woff
www.tcufinancialgroup.com/content/default/fonts/
Redirect Chain

https://www.tcufinancialgroup.com/content/default/Fonts/Inter-Regular.woff
https://www.tcufinancialgroup.com/content/default/fonts/inter-regular.woff

114 KB
115 KB

117ms
116ms

Font
application/x-font-woff

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/fonts/inter-regular.woff

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

64c3218ffd11ddd43442e8ded8cf2bfbdb74324e5f1b38ec86be1be991f144b5

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/content/default/styles/custom/styles.css?cdv=1365669963
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400,public
Accept-Ranges: bytes
Content-Length: 116488
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/fonts/inter-regular.woff
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 197
X-XSS-Protection: 1;mode=block

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G793GGZM42&gtm=45je3b81v887393228z8849803979&_p=1700328731424&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=670581368.1700328733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700328732&sct=1&seg=0&dl=https%3A%2F%2Fwww.tcufinancialgroup.com%2Fen%2Fpersonal&dt=Personal%20-%20TCU%20Financial%20Group&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3747
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 188ms
66ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G793GGZM42&cid=670581368.1700328733&gtm=45je3b81v887393228z8849803979&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 119ms
47ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JC1GKL515E&gtm=45je3b81v887393228z8849803979&_p=1700328731424&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=670581368.1700328733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700328732&sct=1&seg=0&dl=https%3A%2F%2Fwww.tcufinancialgroup.com%2Fen%2Fpersonal&dt=Personal%20-%20TCU%20Financial%20Group&en=page_view&_fv=1&_ss=1&tfd=3764
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 173ms
67ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JC1GKL515E&cid=670581368.1700328733&gtm=45je3b81v887393228z8849803979&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
261 B 211ms
76ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7JQ6FFPSTQ&gtm=45je3b81v887393228z8849803979&_p=1700328731424&gcd=11l1l1l1l1&dma=0&cid=670581368.1700328733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700328732&sct=1&seg=0&dl=https%3A%2F%2Fwww.tcufinancialgroup.com%2Fen%2Fpersonal&dt=Personal%20-%20TCU%20Financial%20Group&en=page_view&_fv=1&_ss=1&tfd=3771
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 543985729682199 Show response
connect.facebook.net/signals/config/ 116 KB
31 KB 235ms
234ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/543985729682199?v=2.9.138&r=stable&domain=www.tcufinancialgroup.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3796d276ca7228672ed48cf50a48ff349d779ed0b081705f789afb9980c624ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 17:32:13 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: suTfkbIWmBtxetTN7ARxfLj5Izt3IIvwCaS6FGx9CPhk3IhYjT6UaqziDngHhzP+lTG3neaUN3aXQCH9IRAmvA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 199ms
65ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=543985729682199&ev=PageView&dl=https%3A%2F%2Fwww.tcufinancialgroup.com&rl=&if=false&ts=1700328733301&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1700328733299.1024306508&pm=1&hrl=f30203&ler=empty&it=1700328732969&coo=false&tm=1&cs_cc=1&cas=9843375645735962&rqm=GET

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 17:32:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 232ms
93ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/content/default/Scripts/Custom/scripts.js?cdv=1365669963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:32:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 18 Nov 2023 17:32:13 GMT

GET
H/1.1

200
OK

search.svg Show response
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/search.svg
https://www.tcufinancialgroup.com/content/default/images/search.svg

2 KB
3 KB

117ms
115ms

XHR
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/images/search.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

8f284ad61d469d487c406c50ecac13bd72ca82e92d5e7aa76342680f6b8dfd13

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1727
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/search.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 190
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

search.svg Show response
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/search.svg
https://www.tcufinancialgroup.com/content/default/images/search.svg

2 KB
3 KB

112ms
112ms

XHR
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/images/search.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

8f284ad61d469d487c406c50ecac13bd72ca82e92d5e7aa76342680f6b8dfd13

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1727
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/search.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 190
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

ic-search-close.svg Show response
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/ic-search-close.svg
https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

2 KB
3 KB

131ms
129ms

XHR
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

cf6aec4c7d9805ed2220c54581eb84a1a965896554ad7de658203901e99b5b55

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1576
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/ic-search-close.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 199
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

questions_blue.svg Show response
www.tcufinancialgroup.com/content/theme-2/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/theme-2/Images/Questions_blue.svg
https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

3 KB
2 KB

115ms
115ms

XHR
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

046a140c8d127c5744a5557084a5e93f4b26b77c6e9530e375f5bd0b7c4143ed

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 20 Oct 2021 14:14:42 GMT
Date: Sat, 18 Nov 2023 17:32:12 GMT
ETag: "0b548d3bcc5d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1112
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/theme-2/images/questions_blue.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 198
X-XSS-Protection: 1;mode=block

GET
H/1.1

200
OK

search.svg Show response
www.tcufinancialgroup.com/content/default/images/
Redirect Chain

https://www.tcufinancialgroup.com/Content/default/Images/search.svg
https://www.tcufinancialgroup.com/content/default/images/search.svg

2 KB
3 KB

137ms
126ms

XHR
image/svg+xml

198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/content/default/images/search.svg

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/en/personal

Protocol

HTTP/1.1

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

8f284ad61d469d487c406c50ecac13bd72ca82e92d5e7aa76342680f6b8dfd13

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/en/personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
Last-Modified: Wed, 20 Oct 2021 14:14:40 GMT
ETag: "08817d2bcc5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=86400,public
Accept-Ranges: bytes
Content-Length: 1727
X-XSS-Protection: 1;mode=block

Redirect headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www.tcufinancialgroup.com/content/default/images/search.svg
Access-Control-Allow-Origin: *
Cache-Control: private,public
Content-Length: 190
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK facebook-icon.png Show response
www.tcufinancialgroup.com/media/1661/ 305 B
1 KB 123ms
113ms XHR
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/1661/facebook-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/content/default/Scripts/jquery-3.4.1.min.js?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

ba8b3ed69be0683b34e8f4b708f5577d817687d1993422f47df4928dc9b23afd

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.tcufinancialgroup.com/en/personal
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:13 GMT
Last-Modified: Tue, 08 Feb 2022 17:34:14 GMT
ETag: "9fc64f17121dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 305
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK linkedin-icon.png Show response
www.tcufinancialgroup.com/media/1659/ 355 B
1 KB 220ms
112ms XHR
image/png 198.161.254.176
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcufinancialgroup.com/media/1659/linkedin-icon.png

Requested by

Host: www.tcufinancialgroup.com
URL: https://www.tcufinancialgroup.com/content/default/Scripts/jquery-3.4.1.min.js?cdv=1365669963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.161.254.176 , Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

6da748084eb745fad61a99418b023d8bfe1dc52822c3c1a7725fefa44f08dcc5

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.tcufinancialgroup.com/en/personal
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy: font-src 'self' *.gstatic.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cdic.ca *.gstatic.com *.google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com *.googleapis.com *.youtube.com s.ytimg.com tagmanager.google.com *.bing.com *.unblu.com *.unblu-env.com *.unblu.com *.opentok.com *.tokbox.com *.tcufinancialgroup.com; img-src * data:;
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 18 Nov 2023 17:32:12 GMT
Last-Modified: Tue, 08 Feb 2022 17:34:14 GMT
ETag: "62531b17121dd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private,public,max-age=604800,public
Accept-Ranges: bytes
Content-Length: 355
X-XSS-Protection: 1;mode=block

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/190c935f/www-widgetapi.vflset/ 215 KB
67 KB 66ms
62ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68234
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Nov 2024 13:55:41 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 50ms
49ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JC1GKL515E&gtm=45je3b81v887393228z8849803979&_p=1700328731424&gcd=11l1l1l1l1&dma=0&cid=670581368.1700328733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700328732&sct=1&seg=0&dl=https%3A%2F%2Fwww.tcufinancialgroup.com%2Fen%2Fpersonal&dt=Personal%20-%20TCU%20Financial%20Group&en=Scroll_Depth&ep.Scroll=25%20%25&_et=997&tfd=9780
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G793GGZM42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tcufinancialgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 17:32:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tcufinancialgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.five9.com
URL: https://app.five9.com/consoles/SocialWidget/five9-socialwidget.min.js

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.tcufinancialgroup.com/	1969-12-31 23:59:59	Name: TS01ad00ad Value: 01fae0737fb4c7d1c90e4aafcb4f793f79938721851597bb7f412c51d859a9cd540d6294f9bf76b3f8979caa3362c58d83aacfb41b
.tcufinancialgroup.com/	1970-01-21 01:54:48	Name: _ga_G793GGZM42 Value: GS1.1.1700328732.1.0.1700328732.60.0.0
.tcufinancialgroup.com/	1970-01-21 01:54:48	Name: _ga Value: GA1.1.670581368.1700328733
.tcufinancialgroup.com/	1970-01-21 01:54:48	Name: _ga_7JQ6FFPSTQ Value: GS1.1.1700328732.1.0.1700328732.0.0.0
.tcufinancialgroup.com/	1970-01-20 18:28:24	Name: _fbp Value: fb.1.1700328733299.1024306508
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: E3n3xyAMYNs
.youtube.com/	1970-01-20 20:38:00	Name: VISITOR_INFO1_LIVE Value: hXYPfjvGPe8
.tcufinancialgroup.com/	1970-01-21 01:54:48	Name: _ga_JC1GKL515E Value: GS1.1.1700328732.1.0.1700328733.59.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tcufinancialgroup.com/media/1547/spinner-1s-200px.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.tcufinancialgroup.com/not-found Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.tcufinancialgroup.com/en/personal Message: Refused to execute script from 'https://www.tcufinancialgroup.com/not-found' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.tcufinancialgroup.com/en/personal Message: Refused to load the script 'https://app.five9.com/consoles/SocialWidget/five9-socialwidget.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PPJ6F(Line 86) Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src 'self' .gstatic.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com data:; style-src 'self' 'unsafe-inline' .google.com .googleapis.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cdic.ca .gstatic.com .google.com googleads.g.doubleclick.net www.googleadservices.com connect.facebook.net www.googletagmanager.com www.google-analytics.com .googleapis.com .youtube.com s.ytimg.com tagmanager.google.com .bing.com .unblu.com .unblu-env.com .unblu.com .opentok.com .tokbox.com .tcufinancialgroup.com; img-src data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.five9.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tcufinancialgroup.com
www.youtube.com
app.five9.com
snap.licdn.com
198.161.254.176
2001:4860:4802:34::181
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2008
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
046a140c8d127c5744a5557084a5e93f4b26b77c6e9530e375f5bd0b7c4143ed
05ead7fbda5e6b4e05104b1b928d813094939519bf5fc21e5d3ed9e99d1737b6
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c
110d83ff18a67341ddd23cba709a51195d0a5a9d37f6b6d111ab5909017e4c31
175f7ce2e122842bb0d5c0653f1a22852cd1cb328204c170acf4e47fc4baa362
25c2db7f2d1940ba921b00e1d811a221faadb9c5b71e9e781b16afe85aaddb4c
30e2835e70bdfd45641f20af7f889cdc78b30cc8a2bf075fa562421de01ba945
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
3796d276ca7228672ed48cf50a48ff349d779ed0b081705f789afb9980c624ea
3ce1ae7951ed96420762fe2f5d494ed646a3fd11bd62a88314ff713a682dd2ac
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4e56587b4d4df4164cdd16a31aa30960cd86c34309c0eda821b9ac9fd9ce70de
4e5b4a51c1113f3fa9b4675d8717516fad5b51f34e49c112f38c55778fac0647
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
5069592dc199e1d5fe1582c43a8d03ea9e1b073cc0e65df6b67b9c839919a9a4
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
571dd6d13c127e4c20390bc8e686e25b765d54e0c9983269de3a4d8f1cb35a81
61c14398f683bbdef344da4d4790849db04b7ae1423fbc62a3e2778bcba2286c
64c3218ffd11ddd43442e8ded8cf2bfbdb74324e5f1b38ec86be1be991f144b5
6d673c38f25d4b0ccdb760355e78434622b135ddf5bd82e5a695b8bc02eaaa28
6da748084eb745fad61a99418b023d8bfe1dc52822c3c1a7725fefa44f08dcc5
747dca702ebf4e0af93d9f328eb715bdfe8b46c4dde12f85801bf9efb6b69711
7536080bcb707f6190f29e096d4b64357bf613f100fcda5471ddc819b75cc480
7c76507574629ed8964b97cf9781612d9b69ce09d99990b3ff55322f0b2a2573
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8f284ad61d469d487c406c50ecac13bd72ca82e92d5e7aa76342680f6b8dfd13
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
935f9c3d57b88f779f15426f5e068259d7e7e93ab7e02daed326e7b23b6e847e
9895a00af1073571ae4e306cacc32ef27740b8ee6a1778b0ac3b794722756d77
9d1d85cd95504acc0d1b9846991ca58f00f95e7a333edebab7d56414f1729438
a4dc0a77fc818d50eff41db2305497e1aff659d40e27a80b1df783c82dd11893
b9a724f3866b5db86bdb0237261b52a9b00fa2175ca12611ade808238d42e7b6
ba8b3ed69be0683b34e8f4b708f5577d817687d1993422f47df4928dc9b23afd
bb12f1b9b6d3171f23ada2b0c61fc393ea0dd63a2fe558efc7530f1565cf53e6
cf6aec4c7d9805ed2220c54581eb84a1a965896554ad7de658203901e99b5b55
d1f3b5b38fcfa8bf644cc183587dd91d029680513c6a8f348d74c28e783d13fd
d8aba3861b3f7d8e81f0a3efad43d3d4c81b9e8e29d756b8d9f7035a6a5da0f3
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd4ccc15ebb065e34e1fd8fab299873715ad2722054e70ee5c586428dea8d455
dd62893a7404f381968f847ef5378a1e1890b87702a69c826b428b7ab85259a2
e16377f50536bcb5ca596fdd4aa7dc34787f9b15274d95418f0a34f244a7cf59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdfca6465786a335d58d1a96ee5c3e1ba53ebca712f5f677592d2ffe4fe1436
ef4deeb0998c340f1493792d037427f21c24aa7c428223429d84e0fe98e6ec7f
f1be4a574c6453253d85bde66149785e58be8d7d2c20c62f76a879105d694bc2
f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46
ff6e6cfbb4c129bea2c29dcea26b9b363ed9bf057c89ef55dd2eb2e309aef33f

www.tcufinancialgroup.com Open in urlscan Pro 198.161.254.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

60 %HTTPS

90 %IPv6

12 Domains

12 Subdomains

11 IPs

2 Countries

1273 kBTransfer

2648 kBSize

8 Cookies

6 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.tcufinancialgroup.com Open in urlscan Pro
198.161.254.176 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

60 %
HTTPS

90 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

1273 kB
Transfer

2648 kB
Size

8
Cookies

65 HTTP transactions
0 data transactions