URL: https://test-my.metcredit.com/
Submission: On August 26 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 199.180.29.50, located in Edmonton, Canada and belongs to 4WEB-, CA. The main domain is test-my.metcredit.com.
TLS certificate: Issued by R10 on August 26th 2024. Valid for: 3 months.
This is the only time test-my.metcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 199.180.29.50 32536 (4WEB-)
1 142.250.80.42 15169 (GOOGLE)
3 151.101.129.229 54113 (FASTLY)
1 142.251.32.99 15169 (GOOGLE)
3 142.250.65.174 15169 (GOOGLE)
1 142.251.32.104 15169 (GOOGLE)
18 7
Apex Domain
Subdomains
Transfer
9 metcredit.com
test-my.metcredit.com
359 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
45 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
93 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
18 6
Domain Requested by
9 test-my.metcredit.com test-my.metcredit.com
3 www.google-analytics.com test-my.metcredit.com
www.google-analytics.com
www.googletagmanager.com
3 cdn.jsdelivr.net test-my.metcredit.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com test-my.metcredit.com
18 6

This site contains links to these domains. Also see Links.

Domain
pages.metcredit.com
my.metcredit.com
www.linkedin.com
metcredit.com
Subject Issuer Validity Valid
test-my.metcredit.com
R10
2024-08-26 -
2024-11-24
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://test-my.metcredit.com/
Frame ID: F0E3EF17ADFE4DF1BF14A841B1A00B8D
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

My.MetCredit

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

570 kB
Transfer

1154 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
test-my.metcredit.com/
12 KB
5 KB
Document
General
Full URL
https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
e770afed8ffbe86cf16f8d3b8cc18bba63f41ec0598cec74cf12b118bd12e00c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Aug 2024 08:07:37 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.30 PleskLin
expires
-1
pragma
no-cache
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=swap
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Aug 2024 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 07:32:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Aug 2024 08:07:37 GMT
style.css
test-my.metcredit.com/assets/
417 KB
142 KB
Stylesheet
General
Full URL
https://test-my.metcredit.com/assets/style.css
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
bff788ead915d1bb54fe63af686e9b77c1249c120488a078458b966c810b7137

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Content-Encoding
br
Last-Modified
Tue, 21 Feb 2023 23:50:19 GMT
Server
nginx
ETag
W/"63f558bb-684ef"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
paying-bills-on-pig.webp
test-my.metcredit.com/images/landing/
58 KB
58 KB
Image
General
Full URL
https://test-my.metcredit.com/images/landing/paying-bills-on-pig.webp
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
0888525c8c3f6b2eb1965f3a33ee007b1fec13a4428be88df04e125044a7c20d

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:23 GMT
Server
nginx
ETag
"62d5db3f-e7f2"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59378
linkedin-cta-img.webp
test-my.metcredit.com/images/landing/
38 KB
38 KB
Image
General
Full URL
https://test-my.metcredit.com/images/landing/linkedin-cta-img.webp
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
02c5e30b224909e1bef5d52d393f7bb7037fc40703c2e5313920f10d0793bd99

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:23 GMT
Server
nginx
ETag
"62d5db3f-96ca"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38602
blog-cta-img.webp
test-my.metcredit.com/images/landing/
51 KB
51 KB
Image
General
Full URL
https://test-my.metcredit.com/images/landing/blog-cta-img.webp
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
a9f0643a0f9fb36668f34b78d4e6301fbf12abc040cac0070592d12568554d34

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:22 GMT
Server
nginx
ETag
"62d5db3e-ca9e"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51870
podcast-cta-img.webp
test-my.metcredit.com/images/landing/
44 KB
45 KB
Image
General
Full URL
https://test-my.metcredit.com/images/landing/podcast-cta-img.webp
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
78de133cfa44f38eef67940c8cb1214072cd3ef107a9052acdf15f07eb5adca2

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:23 GMT
Server
nginx
ETag
"62d5db3f-b19c"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45468
needhelp.png
test-my.metcredit.com/images/
4 KB
4 KB
Image
General
Full URL
https://test-my.metcredit.com/images/needhelp.png
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
8ef137fed2ebcda42c35fe349e8d4183e1f0dcc9861157bd7a9645935c8ca5dd

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:23 GMT
Server
nginx
ETag
"62d5db3f-1068"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4200
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/
87 KB
30 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test-my.metcredit.com/
Origin
https://test-my.metcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Aug 2024 08:07:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
2783589
x-jsd-version
3.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30113
x-served-by
cache-fra-eddf8230088-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
etag
W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.mask.min.js
cdn.jsdelivr.net/npm/jquery-mask-plugin@1.14.16/dist/
8 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery-mask-plugin@1.14.16/dist/jquery.mask.min.js
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test-my.metcredit.com/
Origin
https://test-my.metcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Aug 2024 08:07:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
801999
x-jsd-version
1.14.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3598
x-served-by
cache-fra-etou8220107-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
etag
W/"2087-+5g67NOUDo67/l50yAmc7pIjyVc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/
39 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test-my.metcredit.com/
Origin
https://test-my.metcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Aug 2024 08:07:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
4146597
x-jsd-version
3.4.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11647
x-served-by
cache-fra-etou8220150-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
etag
W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
my-metcredit.umd.js
test-my.metcredit.com/assets/
4 KB
2 KB
Script
General
Full URL
https://test-my.metcredit.com/assets/my-metcredit.umd.js
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
49eac196d0149ef912fe351b7656d4de179d197da89b67a4c17218d7fedf017f

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Content-Encoding
br
Last-Modified
Tue, 21 Feb 2023 23:50:19 GMT
Server
nginx
ETag
W/"63f558bb-f09"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test-my.metcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 04:20:13 GMT
x-content-type-options
nosniff
age
272844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Aug 2025 04:20:13 GMT
truncated
/
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
Origin
https://test-my.metcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: test-my.metcredit.com
URL: https://test-my.metcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Aug 2024 08:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
93
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 26 Aug 2024 10:06:04 GMT
collect
www.google-analytics.com/j/
15 B
225 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=155264685&t=pageview&_s=1&dl=https%3A%2F%2Ftest-my.metcredit.com%2F&ul=en-ca&de=UTF-8&dt=My.MetCredit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=862183855&gjid=780333865&cid=854785218.1724659658&tid=UA-19509260-82&_gid=1831318235.1724659658&_r=1&_slc=1&z=1814453380
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
04ecff408bd04c3d4c9d57d11eba38901f6ad7c43b372f54bbd782343aedc410
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 08:07:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://test-my.metcredit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
test-my.metcredit.com/
15 KB
15 KB
Other
General
Full URL
https://test-my.metcredit.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.180.29.50 Edmonton, Canada, ASN32536 (4WEB-, CA),
Reverse DNS
metcredit.4web.ca
Software
nginx / PleskLin
Resource Hash
44c5806a3ae7520da9b0166ab934216c4098b5f29ce7a8cd630de66101659780

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 08:07:37 GMT
Last-Modified
Thu, 15 Jun 2017 02:19:52 GMT
Server
nginx
ETag
"5941eec8-3aee"
X-Powered-By
PleskLin
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15086
js
www.googletagmanager.com/gtag/
262 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EZ58FZ6YNB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.104 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
27a5d5d3ec808161f72c82abc0098e94525a5448bb756fea93d064739cea299f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 08:07:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94495
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Aug 2024 08:07:37 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EZ58FZ6YNB&gtm=45je48l0v9105672649za200&_p=1724659657739&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=854785218.1724659658&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftest-my.metcredit.com%2F&dt=My.MetCredit&sid=1724659658&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1175
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZ58FZ6YNB&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://test-my.metcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 08:07:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://test-my.metcredit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __LANG__ function| $ function| jQuery object| $jscomp string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

6 Cookies

Domain/Path Name / Value
test-my.metcredit.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImVtc3hjdG1xZlZRcVZkWjNwdDZDSnc9PSIsInZhbHVlIjoiNkEvVjZyQkY2ZDBrRmR1Zmt2UE9QYjhRa3A3YzFZZVJIOEIwM1ZrVm5XdlFLa1lOT2I3akk1THUzVFFjWlZVbmQ3UXp6aG43Q2w5L2wySlNoWEJKN0dXWjlLUlFrV29NVzFMdDEvQUFZeTZKcWlNS0tOQmlsM0dZTWs3QndyaSsiLCJtYWMiOiJkOTU5NGYzMDRhYWIzZDZkMjFhNDA5NWNhZWVjYmNjMDUyNTgwMWFlMTZkNjIyNjY3NWEyN2U4ODc0MzI3M2ZmIiwidGFnIjoiIn0%3D
test-my.metcredit.com/ Name: laravel_session
Value: eyJpdiI6Im5nUzJ0WGhWaEZtYTY0NGw5dyt5Y2c9PSIsInZhbHVlIjoieHV3QlUyQmJseFRrY0RlNWEyamFNZ2ZocDFqTkhuMlFDZEJuSTdYYUhiZXU1V0tPVFRaZ2RaSjdrUW1KUFdFem5DUWEwUjR2WHZDaW1SMGFTcE5yblpKNWlPTW5tV3pWQ2tSWlg4MnkrWGh0Z2JvL1BPdjArVlFLK1p4VGZSZmkiLCJtYWMiOiI1Mzc0NzRiNzhlYmJkNTk5YTlmMmRhZTk4MDExMzk3YTg4ZWM3YTE4YzRkOWQ1NDQ2ODYyODRjMzI2OWFlZDVmIiwidGFnIjoiIn0%3D
.metcredit.com/ Name: _ga
Value: GA1.2.854785218.1724659658
.metcredit.com/ Name: _gid
Value: GA1.2.1831318235.1724659658
.metcredit.com/ Name: _gat
Value: 1
.metcredit.com/ Name: _ga_EZ58FZ6YNB
Value: GS1.2.1724659658.1.0.1724659658.0.0.0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://test-my.metcredit.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
test-my.metcredit.com
www.google-analytics.com
www.googletagmanager.com
142.250.65.174
142.250.80.42
142.251.32.104
142.251.32.99
151.101.129.229
199.180.29.50
02c5e30b224909e1bef5d52d393f7bb7037fc40703c2e5313920f10d0793bd99
04ecff408bd04c3d4c9d57d11eba38901f6ad7c43b372f54bbd782343aedc410
0888525c8c3f6b2eb1965f3a33ee007b1fec13a4428be88df04e125044a7c20d
27a5d5d3ec808161f72c82abc0098e94525a5448bb756fea93d064739cea299f
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b
44c5806a3ae7520da9b0166ab934216c4098b5f29ce7a8cd630de66101659780
49eac196d0149ef912fe351b7656d4de179d197da89b67a4c17218d7fedf017f
78de133cfa44f38eef67940c8cb1214072cd3ef107a9052acdf15f07eb5adca2
8ef137fed2ebcda42c35fe349e8d4183e1f0dcc9861157bd7a9645935c8ca5dd
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a9f0643a0f9fb36668f34b78d4e6301fbf12abc040cac0070592d12568554d34
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bff788ead915d1bb54fe63af686e9b77c1249c120488a078458b966c810b7137
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e770afed8ffbe86cf16f8d3b8cc18bba63f41ec0598cec74cf12b118bd12e00c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e