www.wecu.com Open in urlscan Pro
2606:4700:7::a29f:862a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wecu.com/disclosures-fees/
Submission: On November 23 via manual (November 23rd 2022, 1:22:26 am UTC) from SG — Scanned from DE

Summary HTTP 71 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 71 HTTP transactions. The main IP is 2606:4700:7::a29f:862a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wecu.com. The Cisco Umbrella rank of the primary domain is 939241.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 19th 2022. Valid for: a year.

This is the only time www.wecu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:7::... 2606:4700:7::a29f:862a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.122.14 18.66.122.14	16509 (AMAZON-02) (AMAZON-02)
1	63.128.130.61 63.128.130.61	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
5	13.225.78.7 13.225.78.7	16509 (AMAZON-02) (AMAZON-02)
1	104.17.179.12 104.17.179.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
1	52.20.78.240 52.20.78.240	14618 (AMAZON-AES) (AMAZON-AES)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:9945	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	35.241.59.180 35.241.59.180	15169 (GOOGLE) (GOOGLE)
1	54.161.241.46 54.161.241.46	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:e0:... 2606:4700:e0::ac40:6824	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.216.203.91 3.216.203.91	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	18.185.197.230 18.185.197.230	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.0.157.121 52.0.157.121	14618 (AMAZON-AES) (AMAZON-AES)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
71	30

8 2606:4700:7::a29f:862a (United States)

ASN13335 (CLOUDFLARENET, US)

www.wecu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-14.fra60.r.cloudfront.net

web.baconpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.128.130.61 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: collector.fraudmap.net

collector.fraudmap.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-7.fra2.r.cloudfront.net

js.poshdevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.179.12 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

online.wecu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

www.five9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

10000290.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9945 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mantl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.59.180 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 180.59.241.35.bc.googleusercontent.com

api.poshdevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.241.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6824 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:970 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.mymarketingreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.216.203.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-203-91.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.197.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-230.eu-central-1.compute.amazonaws.com

86834.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.157.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-157-121.compute-1.amazonaws.com

srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wecu.com www.wecu.com — Cisco Umbrella Rank: 939241 online.wecu.com — Cisco Umbrella Rank: 681100	690 KB
8	poshdevelopment.com js.poshdevelopment.com — Cisco Umbrella Rank: 84481 api.poshdevelopment.com — Cisco Umbrella Rank: 144075	629 KB
7	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2846 srv.stackadapt.com — Cisco Umbrella Rank: 578	9 KB
6	qualtrics.com zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com — Cisco Umbrella Rank: 863178 siteintercept.qualtrics.com — Cisco Umbrella Rank: 981	64 KB
5	doubleclick.net 1 redirects 10000290.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	3 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4753	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	234 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	118 KB
2	mymarketingreports.com scripts.mymarketingreports.com — Cisco Umbrella Rank: 42325	6 KB
2	mantl.com cdn.mantl.com — Cisco Umbrella Rank: 188552
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	154 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	siteimproveanalytics.io 86834.global.siteimproveanalytics.io — Cisco Umbrella Rank: 719606	477 B
1	google.de www.google.de Failed adservice.google.de — Cisco Umbrella Rank: 8709	776 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3205	10 KB
1	bugherd.com www.bugherd.com — Cisco Umbrella Rank: 14070	723 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2887	220 B
1	five9.com www.five9.com — Cisco Umbrella Rank: 192535	20 KB
1	fraudmap.net collector.fraudmap.net — Cisco Umbrella Rank: 147120	269 B
1	baconpay.com web.baconpay.com — Cisco Umbrella Rank: 196881	3 KB
0	simpli.fi Failed tag.simpli.fi Failed
71	23

	Domain	Requested by
8	www.wecu.com	www.wecu.com
6	tags.srv.stackadapt.com	www.wecu.com tags.srv.stackadapt.com
5	siteintercept.qualtrics.com	zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com siteintercept.qualtrics.com
5	js.poshdevelopment.com	www.wecu.com js.poshdevelopment.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	js.poshdevelopment.com
3	www.facebook.com	www.wecu.com
3	api.poshdevelopment.com	js.poshdevelopment.com
3	connect.facebook.net	www.wecu.com connect.facebook.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.wecu.com
2	scripts.mymarketingreports.com	www.googletagmanager.com scripts.mymarketingreports.com
2	cdn.mantl.com	www.wecu.com www.googletagmanager.com
2	10000290.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.wecu.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com	www.wecu.com
1	srv.stackadapt.com	www.wecu.com
1	86834.global.siteimproveanalytics.io	www.wecu.com
1	adservice.google.de	adservice.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.wecu.com
1	www.bugherd.com	www.wecu.com
1	adservice.google.com	10000290.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.ipify.org	www.wecu.com
1	www.five9.com	www.wecu.com
1	online.wecu.com	www.wecu.com
1	collector.fraudmap.net	www.wecu.com
1	web.baconpay.com	www.wecu.com
0	www.google.de Failed	www.wecu.com
0	tag.simpli.fi Failed	www.wecu.com www.googletagmanager.com
71	32

This site contains links to these domains. Also see Links.

Domain
appointments.wecu.com
online.wecu.com
newaccount.wecu.com
twitter.com
www.facebook.com
www.instagram.com
realestate.wecu.com

Subject Issuer	Validity	Valid
wecu.com Cloudflare Inc ECC CA-3	`2022-09-19` - `2023-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
web.baconpay.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.fraudmap.net Thawte RSA CA 2018	`2022-02-23` - `2023-03-26`	a year	crt.sh
*.poshdevelopment.com Amazon	`2022-09-12` - `2023-10-11`	a year	crt.sh
online.wecu.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-03` - `2023-06-03`	a year	crt.sh
*.five9.com R3	`2022-09-27` - `2022-12-26`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mantl.com Cloudflare Inc ECC CA-3	`2022-06-25` - `2023-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.bugherd.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
mymarketingreports.com Cloudflare Inc ECC CA-3	`2022-10-18` - `2023-10-17`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-09-09` - `2023-10-08`	a year	crt.sh
*.stackadapt.com Amazon	`2022-06-07` - `2023-07-05`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.wecu.com/disclosures-fees/
Frame ID: FC360D83923495320AF562C46E5564CA
Requests: 63 HTTP requests in this frame

Frame: https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F
Frame ID: 171CF558933A73EE4358D09B3BF6FF06
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F
Frame ID: ED546D6C7FD570B711F0FEE6E2D72725
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F
Frame ID: ECB3D695452C37F6001D8475CFAF581E
Requests: 1 HTTP requests in this frame

Frame: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html
Frame ID: F6083DBC87DA880C9C73F76F9943C367
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disclosures & Fees | WECUhouse_icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

93 %
HTTPS

59 %
IPv6

23
Domains

32
Subdomains

30
IPs

4
Countries

1955 kB
Transfer

5736 kB
Size

19
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://appointments.wecu.com/service
Title: Book Appointment

Search URL Search Domain Scan URL

URL: https://online.wecu.com/login.aspx
Title: Log In

Search URL Search Domain Scan URL

URL: https://online.wecu.com/ForgotPassword.aspx
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://online.wecu.com/RegistrationDisclosure.aspx
Title: Register for Online Banking

Search URL Search Domain Scan URL

URL: https://online.wecu.com/FAQs.aspx
Title: Login Problems

Search URL Search Domain Scan URL

URL: https://newaccount.wecu.com/products/
Title: Open Account

Search URL Search Domain Scan URL

URL: https://appointments.wecu.com/
Title: Book an Appointment

Search URL Search Domain Scan URL

URL: https://twitter.com/_wecu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WECU-196142123749759/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wecu_1936/

Search URL Search Domain Scan URL

URL: https://realestate.wecu.com/borrower-app/registration/?workFlowId=111555&guestuser=1&dest=/loan-app/&siteId=6468169242
Title: Create Account

Search URL Search Domain Scan URL

URL: https://realestate.wecu.com/loan-app/?siteId=6468169242&lar=coverpa&workFlowId=111555
Title: LOG IN HERE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://10000290.fls.doubleclick.net/activityi;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F HTTP 302
https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F

71 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wecu.com/disclosures-fees/ 70 KB
25 KB 607ms
535ms Document
text/html 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ddcc907b761e96867d64377aeb2343c4f8cfeb203be57a8cc9de4f9cf715a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src wss://.wecu.com .google.com .doubleclick.net .callrail.com vimeo.com .qualtrics.com http://.wecu.com .google-analytics.com .wecu.com .silvercloudinc.com cdn.plyr.io .siteimprove.net .siteimprove.com .stackadapt.com poshdevelopment.com api.poshdevelopment.com .poshdevelopment.com 'self'; font-src data: .formstack.com .qualtrics.com fonts.gstatic.com 'self'; frame-src 'self' .oaspapps.com .baconpay.com .poshdevelopment.com .five9.com .doubleclick.net .vimeo.com .qualtrics.com google.com .google.com .wecu.com .podbean.com .fraudmap.net .fraudmap-uat.net 'self' .youtube.com .duosecurity.com .silvercloudinc.com .mortgagewebcenter.com .siteimprove.net .siteimprove.com .wecu-dev.com .appdemostore.com; img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com; media-src 'self' .qualtrics.com youtube.com; object-src .qualtrics.com 'self'; script-src 'unsafe-eval' 'unsafe-inline' .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com .mantl.com .ipify.org .stackadapt.com .oaspapps.com .microsoft.com .baconpay.com .doubleclick.net .mymarketingreports.com .five9.com .callrail.com .googleadservices.com .vimeo.com tagmanager.google.com siteimproveanalytics.com .msecnd.net .qualtrics.com .facebook.net .googletagmanager.com .aspnetcdn.com .wecu.com .youtube.com .cloudflare.com .cloudflare.net .googleapis.com .fraudmap-uat.net .fraudmap.net .siteimprove.net .simpli.fi .siteimprove.net maps.googleapis.com s.ytimg.com 'self' .formstack.com .bugherd.com .google-analytics.com .silvercloudinc.com dni.trumeasure.com connect.facebook.net google.com .google.com gstatic.com .gstatic.com; style-src .wecu.com .stackadapt.com .googletagmanager.com .five9.com .qualtrics.com .callrail.com .googleadservices.com tagmanager.google.com .silvercloudinc.com .googleapis.com 'unsafe-inline' 'self' .formstack.com .cloudflare.net/* .cloudfront.net .cloudfront.com .appdemostore.com .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com cdn.mantl.com mantl.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://screen.cloud
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76e617d5fedd914d-FRA
content-encoding: br
content-security-policy: default-src 'none'; connect-src wss://*.wecu.com *.google.com *.doubleclick.net *.callrail.com vimeo.com *.qualtrics.com http://*.wecu.com *.google-analytics.com *.wecu.com *.silvercloudinc.com cdn.plyr.io *.siteimprove.net *.siteimprove.com *.stackadapt.com poshdevelopment.com api.poshdevelopment.com *.poshdevelopment.com 'self'; font-src data: *.formstack.com *.qualtrics.com fonts.gstatic.com 'self'; frame-src 'self' *.oaspapps.com *.baconpay.com *.poshdevelopment.com *.five9.com *.doubleclick.net *.vimeo.com *.qualtrics.com google.com *.google.com *.wecu.com *.podbean.com *.fraudmap.net *.fraudmap-uat.net 'self' *.youtube.com *.duosecurity.com *.silvercloudinc.com *.mortgagewebcenter.com *.siteimprove.net *.siteimprove.com *.wecu-dev.com *.appdemostore.com; img-src data: *.mantl.com *.simpli.fi *.stackadapt.com *.five9.com google.com *.google.com *.vimeocdn.com *.qualtrics.com *.gstatic.com *.siteimproveanalytics.io *.silvercloudinc.com facebook.com *.facebook.com *.googleusercontent.com *.youtube.com *.ytimg.com *.w.org http://*.wecu.com *.wecu.com *.googleapis.com *.ggpht.com maps.gstatic.com 'self' *.formstack.com *.doubleclick.net *.google-analytics.com; media-src 'self' *.qualtrics.com youtube.com; object-src *.qualtrics.com 'self'; script-src 'unsafe-eval' 'unsafe-inline' *.poshdevelopment.com api.poshdevelopment.com poshdevelopment.com *.mantl.com *.ipify.org *.stackadapt.com *.oaspapps.com *.microsoft.com *.baconpay.com *.doubleclick.net *.mymarketingreports.com *.five9.com *.callrail.com *.googleadservices.com *.vimeo.com tagmanager.google.com siteimproveanalytics.com *.msecnd.net *.qualtrics.com *.facebook.net *.googletagmanager.com *.aspnetcdn.com *.wecu.com *.youtube.com *.cloudflare.com *.cloudflare.net *.googleapis.com *.fraudmap-uat.net *.fraudmap.net *.siteimprove.net *.simpli.fi *.siteimprove.net maps.googleapis.com s.ytimg.com 'self' *.formstack.com *.bugherd.com *.google-analytics.com *.silvercloudinc.com dni.trumeasure.com connect.facebook.net google.com *.google.com gstatic.com *.gstatic.com; style-src *.wecu.com *.stackadapt.com *.googletagmanager.com *.five9.com *.qualtrics.com *.callrail.com *.googleadservices.com tagmanager.google.com *.silvercloudinc.com *.googleapis.com 'unsafe-inline' 'self' *.formstack.com *.cloudflare.net/* *.cloudfront.net *.cloudfront.com *.appdemostore.com *.poshdevelopment.com api.poshdevelopment.com poshdevelopment.com cdn.mantl.com mantl.com
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 01:22:19 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.9
link: <https://www.wecu.com/wp-json/>; rel="https://api.w.org/", <https://www.wecu.com/wp-json/wp/v2/pages/1050>; rel="alternate"; type="application/json", <https://www.wecu.com/?p=1050>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQM9h8wNXgMZv%2FlxknESpav94XOqE2nFWKSi8gbWmljMvtdqHCCIkg5cvgRhr45lWTRRw7bacEgEZDSJaHuTDoiHtm4LSyhdgBy43BfpqPFhaHKiCoLOc5e8%2FBQEps%2FuxSmeji%2FZPDQE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-frame-options: allow-from https://screen.cloud
x-kinsta-cache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
www.wecu.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 485ms
484ms Stylesheet
text/css 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Nov 2022 02:51:35 GMT
server: cloudflare
etag: W/"63745037-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckhOtFqYk4xTOHW2mDWzqWsJOpTTZ29PwuLEz67yMF0%2FmFHH4epFOyZVsFoyamj7PbMHHqlJaymawm64htEJLMI2etiSgm%2BhbT2VXXOM5gWQxm%2FHrlwCSIpjNNixzH0XMVCKbw%2BU%2BK6tgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617d95a6f914d-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www.wecu.com/wp-includes/css/ 217 B
494 B 513ms
513ms Stylesheet
text/css 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Nov 2022 03:29:00 GMT
server: cloudflare
etag: W/"6361e3fc-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjVMsnkkzMZK%2BjoMuluQdxgBzaetYeV%2F6ElqaBrRMs7RhSnqpxmPAr9u954dAS3%2B8u6xeM1G6fiCqPnMtyjqesa5Tfldjw4RacbRad3K3vlFwzWBBBE%2FncOP%2B%2BmIctBOwTgX8RgFA%2BcYWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617d95a70914d-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
77 KB 66ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e58e6da721152ccaad105d50f4d18b7afbf76842b0ced21cf5d705470f1d42cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78418
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Nov 2022 01:22:20 GMT

GET
H3 200 app.min.css
www.wecu.com/wp-content/themes/wecu/assets/css/ 524 KB
111 KB 554ms
554ms Stylesheet
text/css 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-content/themes/wecu/assets/css/app.min.css?ver=1667326039

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fd74096dc7e6ab5ae1aaf0ca47a1211a2d67b15b836e7da90f28a41f94f716e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 18:07:19 GMT
server: cloudflare
etag: W/"63616057-82ec1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKU0wi5w7XL8CcVuAjAeIZrh28OZoxY41p54vU29xkA6jyhAykQOHf73TnL%2Be7ncHZMX%2FOmNO%2F1q35BaqmuNOgB1IgVR8tFG%2F3b9Bq77OKUwFyPA1NxIWwG5yFSSzjbKPWjkUPBYtLiUlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617da3e10bbc2-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fonts.min.css
www.wecu.com/wp-content/themes/wecu/assets/css/ 570 KB
355 KB 538ms
538ms Stylesheet
text/css 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-content/themes/wecu/assets/css/fonts.min.css?ver=1667326039

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de84a89fdf0e4a560be66deb61c77fddcf6ce89a0b68c1fe4057c684a15f3e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 18:07:19 GMT
server: cloudflare
etag: W/"63616057-8e7f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zRdHTJUGUll12gUQl2YcAWDw5AcXG2j9In7IjBqa524h1kb%2BF88pT6BmeFdaGMcpe08Qqr%2BVl%2BbVbBdulqrA%2B1MEwJ%2Bl7C%2B3GlhiEwJStYazJfioYo%2BWFCPvUi4ydZhZi6CEK%2F3wvYjvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617da3e11bbc2-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 5de37b20-6d0a-0136-d31b-06a9ed4ca31b
tag.simpli.fi/sifitag/ 0
0

GET
H2 200 embed.js Show response
web.baconpay.com/ 3 KB
3 KB 468ms
401ms Script
application/javascript 18.66.122.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.baconpay.com/embed.js
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-14.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adaa0cc632b294c8bfef0ba389d3a96c1d38832e1ac1337d377004f041abd8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jul 2017 20:47:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "e2d871a59225da3b2293d190f4925c50"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2722
x-amz-cf-id: jXtn477RlMXeH1I1jlY-64WDsPr0o-pn8T07cxQ8DcdPe_-IUShBNA==

GET
H3 200 jquery.min.js Show response
www.wecu.com/wp-content/themes/wecu/assets/js/ 84 KB
32 KB 537ms
536ms Script
application/javascript 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-content/themes/wecu/assets/js/jquery.min.js?ver=1667326039

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fb2f3959b16e7aedb525772d9ba2029ae86c16032054d6d5c8c7e0e026cd5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 18:07:19 GMT
server: cloudflare
etag: W/"63616057-15052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i7CsvGRI5AwxEPzeH09dFr2VXG3IjQDuYPShCup159dYwW2Xc3HsjUjHjbjPpoB1pUMeT55mxY4OH127p2WWRgd%2F2hy5zdUpxXfUV6ggcZAAYHvTbJQaHSAjf9SOXrkr%2BhBCwYsuCe8ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617da3e12bbc2-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 app.min.js Show response
www.wecu.com/wp-content/themes/wecu/assets/js/ 387 KB
128 KB 234ms
233ms Script
application/javascript 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/wp-content/themes/wecu/assets/js/app.min.js?ver=1667326039

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83eb1c335a8c2c85a047a3d5d0de1c0fd80238589f163adc6668085e1c3a4b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/disclosures-fees/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 18:07:19 GMT
server: cloudflare
etag: W/"63616057-60ac5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU%2Fp471LxIsLQ%2BIbD%2Bdqvph%2FybxobTwGYnsyFj%2BQRp0kb%2BUnOrl4OdyfW2Qgiaab03kRCFs%2BHM%2Fd6Anj01rdmlgl2Q1U%2F%2BkXlBdCh7UlgCThYXUgffVAlNMPdVNjWtCyhJrWEjUkBb7bFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 76e617e13e89bbc2-FRA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK validate.js Show response
collector.fraudmap.net/fs/3ab9df45d3db4d8eaf6aa927d940428d/validate_072019/ 0
269 B 665ms
165ms Script
application/javascript 63.128.130.61
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.fraudmap.net/fs/3ab9df45d3db4d8eaf6aa927d940428d/validate_072019/validate.js

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.128.130.61 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

collector.fraudmap.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:20 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Keep-Alive: timeout=5, max=55
Content-Length: 0
X-XSS-Protection: 1

GET
H2 200 entry.js Show response
js.poshdevelopment.com/widget/ 317 KB
68 KB 97ms
18ms Script
application/javascript 13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.poshdevelopment.com/widget/entry.js

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-7.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c36002a9a48ac7fb768c0dcc788cd453e5c9c9630dcc9ff63513bf375bf4c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
date: Tue, 22 Nov 2022 19:01:59 GMT
last-modified: Fri, 18 Nov 2022 18:26:42 GMT
server: AmazonS3
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"cf18a8fcb2ac80e01b43b1b7988d9029"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 22821
x-amz-cf-id: HWcUrkKnYD31Tmmq9uX9I6BesoZE_axF6sTOPY_zex9SRb51FcStAA==

GET
H2 200 five9.css
online.wecu.com/wecu/custom/chat/ 525 B
2 KB 720ms
654ms Stylesheet
text/css 104.17.179.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.wecu.com/wecu/custom/chat/five9.css

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.179.12 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d01329dd9d9f8a7a42505cae7ce5ef5ea62560f17260b7d3fffef160ed9463e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://js.poshdevelopment.com https://cdn.plaid.com https://www.google-analytics.com/analytics.js https://api.ipify.org/ https://mpsnare.iesnare.com https://www.five9.com/ https://us.jsagent.tcell.insight.rapid7.com https://collector.fraudmap.net https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' https://code.jquery.com https://www.gstatic.com https://www.google.com https://cdn.plaid.com https://js.poshdevelopment.com/widget/ https://api.ipify.org https://www.five9.com https://www.google-analytics.com https://www.googletagmanager.com https://collector.fraudmap.net https://us.jsagent.tcell.insight.rapid7.com https://mpsnare.iesnare.com; style-src 'self' 'unsafe-inline' 'report-sample' https://www.wecu.com https://fonts.googleapis.com https://www.five9.com; img-src 'self' blob: data: https://onlinetest.wecu.com https://www.google-analytics.com https://www.five9.com https://www.google.com; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://api.poshdevelopment.com https://stats.g.doubleclick.net https://us.browser.tcell.insight.rapid7.com https://us.agent.tcell.insight.rapid7.com https://www.google-analytics.com; media-src 'self'; object-src 'none'; frame-src 'self' https://cwp411.checkfreeweb.com https://www.google.com https://js.poshdevelopment.com/ https://app.five9.com https://cwp411-cert.checkfreeweb.com/ https://us.browser.tcell.insight.rapid7.com https://cdn.plaid.com; worker-src 'self'; base-uri 'self'; manifest-src 'self'; prefetch-src https://cdn.plaid.com
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://js.poshdevelopment.com https://cdn.plaid.com https://www.google-analytics.com/analytics.js https://api.ipify.org/ https://mpsnare.iesnare.com https://www.five9.com/ https://us.jsagent.tcell.insight.rapid7.com https://collector.fraudmap.net https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' https://code.jquery.com https://www.gstatic.com https://www.google.com https://cdn.plaid.com https://js.poshdevelopment.com/widget/ https://api.ipify.org https://www.five9.com https://www.google-analytics.com https://www.googletagmanager.com https://collector.fraudmap.net https://us.jsagent.tcell.insight.rapid7.com https://mpsnare.iesnare.com; style-src 'self' 'unsafe-inline' 'report-sample' https://www.wecu.com https://fonts.googleapis.com https://www.five9.com; img-src 'self' blob: data: https://onlinetest.wecu.com https://www.google-analytics.com https://www.five9.com https://www.google.com; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://api.poshdevelopment.com https://stats.g.doubleclick.net https://us.browser.tcell.insight.rapid7.com https://us.agent.tcell.insight.rapid7.com https://www.google-analytics.com; media-src 'self'; object-src 'none'; frame-src 'self' https://cwp411.checkfreeweb.com https://www.google.com https://js.poshdevelopment.com/ https://app.five9.com https://cwp411-cert.checkfreeweb.com/ https://us.browser.tcell.insight.rapid7.com https://cdn.plaid.com; worker-src 'self'; base-uri 'self'; manifest-src 'self'; prefetch-src https://cdn.plaid.com
cf-cache-status: DYNAMIC
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 405
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jan 2022 19:43:27 GMT
server: cloudflare
etag: "ff90d1fcec12d81:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache; no-store; must-revalidate; no-transform, private
accept-ranges: bytes
cf-ray: 76e617daa9d99a39-FRA

GET
H2 200 five9-social-widget-custom_2.0.js Show response
www.five9.com/assets/chat/ 81 KB
20 KB 180ms
24ms Script
application/x-javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.five9.com/assets/chat/five9-social-widget-custom_2.0.js

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

62953f07b9209c45b2902f9185e81444ee9322d581734c3ea47901c08ba2ac05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 30, 3, 0, 0
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Wed, 23 Nov 2022 01:22:20 GMT
age: 118562
x-cache: HIT, HIT, MISS, MISS
x-pantheon-styx-hostname: styx-fe1-a-64bdd4bd78-ql7sg
content-length: 19788
x-served-by: cache-chi-klot8100072-CHI, cache-hhn4049-HHN, cache-hhn4067-HHN, cache-hhn4067-HHN
last-modified: Mon, 21 Nov 2022 11:18:25 GMT
server: nginx
x-timer: S1669166540.033236,VS0,VE6
etag: W/"637b5e81-1439c"
vary: Accept-Encoding, orig-host
content-type: application/x-javascript
x-styx-req-id: 39ed0760-69b9-11ed-8539-164245d90d75
cache-control: max-age=31622400
accept-ranges: bytes
expires: Wed, 22 Nov 2023 16:26:18 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 36 B
220 B 364ms
142ms Script
application/javascript 52.20.78.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getClientIP
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-78-240.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 4443d7a14a13ce45404c1c4085bbaede8a8e5f51687c5f1898c496e461331a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:20 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 36
Vary: Origin
Content-Type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7052
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 01:24:49 GMT

GET
H3

200

activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F Show response
10000290.fls.doubleclick.net/ Frame 171C
Redirect Chain

https://10000290.fls.doubleclick.net/activityi;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F?
https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fww...

497 B
297 B

59ms
27ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

9bd0728660fdf2d433e645669dd015036836b1c21b3d1adf878595076ef69ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wecu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:22:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:22:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/646863910/ 2 KB
1 KB 84ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646863910/?random=1669166540978&cv=11&fst=1669166540978&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&tiba=Disclosures%20%26%20Fees%20%7C%20WECU&auid=1944443233.1669166541&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97260d6ef285ce4bfacbd650e7ca161cbd19adc228fb55d81d2cdfc5b4fc5f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 65ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9LCM4QXCK9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ee6bdd7cd54ff277ff7026a4e682841e7f7935203233680012c679c4aca31eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 01:22:21 GMT

GET
H2 403 wecu-analytics-pixel.js
cdn.mantl.com/assets/wecu/production-scripts/ 0
0 86ms
30ms Image
text/html 2606:4700::6812:9945
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mantl.com/assets/wecu/production-scripts/wecu-analytics-pixel.js?gtmcb=1282369675
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9945 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 59ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zxI/Y5JXT4zx5LpeVYgllHcldvHe5uYc7DG641JL9QTLctObXvnrery2frHdg+hxZGBEKX38SmPm6Q0+Z7HI+A==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 59 KB
59 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64216b7ce943f9a3cdfe5f9349c71c1e7710f3996320fd2c4d7437670497fada

Request headers

Referer
Origin: https://www.wecu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41a3643a4a6f64740593944deee80468017d219bcbee93a56cf79a6ddf3717f

Request headers

Referer
Origin: https://www.wecu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
DATA 200
OK truncated
/ 59 KB
59 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e91d62fc2547c6dc7a15a7b991e3a8186f49e4b659a3dbcc710f818c17e44e47

Request headers

Referer
Origin: https://www.wecu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4653c5e1e8e405b89027f0bc4006136abe8299ac8308fec5d9f4a17521e442

Request headers

Referer
Origin: https://www.wecu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F Show response
adservice.google.com/ddm/fls/i/ Frame ED54 496 B
743 B 101ms
55ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F

Requested by

Host: 10000290.fls.doubleclick.net
URL: https://10000290.fls.doubleclick.net/activityi;dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7853d1f4117410c0966768c9f3aeca876f6642c0af72c0d0f7afde9e1c3eb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10000290.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 275
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:22:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.poshdevelopment.com/api/v1/channel/web/v1/ Frame 0
0 197ms
150ms Preflight 35.241.59.180
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=c2d67b9b-3110-4800-86a6-28a0fd98b5c1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.59.180 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

180.59.241.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-posh-deployment-id
Access-Control-Request-Method: POST
Origin: https://www.wecu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-posh-deployment-id
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: https://www.wecu.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 23 Nov 2022 01:22:21 GMT
referrer-policy
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 graphql Show response
api.poshdevelopment.com/api/v1/channel/web/v1/ 455 B
476 B 211ms
171ms Fetch
application/json 35.241.59.180
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.poshdevelopment.com/api/v1/channel/web/v1/graphql?deploymentID=c2d67b9b-3110-4800-86a6-28a0fd98b5c1

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/entry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.59.180 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

180.59.241.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

e9cff7465867de5699916f01aa76d144bd723aa4188f7fef1d04c683e811a81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
x-posh-deployment-id: c2d67b9b-3110-4800-86a6-28a0fd98b5c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
referrer-policy
x-content-type-options: nosniff
x-powered-by: Express
etag: W/"1c7-wiqYKgjqALkPCInlJCkc4uzCAAg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wecu.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 455

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 18 B
723 B 369ms
127ms Script
text/javascript 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=nqimicezd8owx1deq0kgkq

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

8dd2e54a09b38c31cfc153f973ede5db1e36de8090b1f8841fd264be362ec0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=0; includeSubDomains
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: 66de93f4-372f-4078-8c1d-130ad63539d8
X-Runtime: 0.005032
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Etag: W/"822a1c6d2ce70ae79d2396e9603e7360"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f874fdf77f6f072b8407073ea3f639a462e9fae92c0bac0fc6cc791547ae419

Request headers

Referer
Origin: https://www.wecu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 siteanalyze_86834.js Show response
siteimproveanalytics.com/js/ 27 KB
10 KB 69ms
24ms Script
application/javascript 2606:4700:e0::ac40:6824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_86834.js
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a83de5909622555244679d0accce9a7651908b5dca2d452a160981bd3e3ec9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PKW4DW9DSCXNCQ43
age: 416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
x-amz-id-2: 4fJV9BGhmlf58+4UjRUQzBFZhmssiW+tm8kOXBNPlo1jJCVKNfEg0KDX80soo9kTeqwU9WbtmYc=
last-modified: Wed, 05 Oct 2022 02:04:53 GMT
server: cloudflare
etag: "c235f097acdc4058583bd5d36ac2722d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LKWxWkh0AQJ2l0UeNZcKuKS7sXmwRBkMBDKljHUUat5zWW3CehWmzVyHtFv7NmjJ0LeqxN4lA6iOtiHYamLT0D63RkVGHXgzwvCIOKKO%2Bl7AXrns41ZKST8uCfc45CpsLPD3318zkOdKl5P9LvKnvwjn3OzMr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 76e617e2fba0924d-FRA

GET 9025a4f0-7df5-0139-b0a2-06a60fe5fe77
tag.simpli.fi/sifitag/ 0
0

GET
H2 200 dni.1.0.0.min.js Show response
scripts.mymarketingreports.com/ 15 KB
5 KB 70ms
26ms Script
application/javascript 2606:4700::6812:970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mymarketingreports.com/dni.1.0.0.min.js?nt_id=10118489

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6c98e25f4a03e1b6ccb2f979e88650cc56347a79058fc7de9e3d28bbff4dc87

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
date: Wed, 23 Nov 2022 01:22:21 GMT
strict-transport-security: max-age=15780000;
x-content-type-options: nosniff
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
cf-cache-status: HIT
age: 411
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Jun 2022 15:05:49 GMT
server: cloudflare
etag: W/"3d01-5e078574e8f20-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-nc-id: 1FJEJ3767O7JR62HTI7
cache-control: public, max-age=18000
access-control-allow-credentials: true
permissions-policy: accelerometer=(), usb=()
cf-ray: 76e617e2fd2b6958-FRA
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
expires: Wed, 23 Nov 2022 06:22:21 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 441ms
108ms Script
text/javascript 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: ac1f4a154bcbcee0b6a0d8cb07092ca8c16c757810101233dbe71eb3ddda95d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 01:22:21 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5384
Content-Type: text/javascript

GET
H2 403 wecu-analytics-pixel.js
cdn.mantl.com/assets/wecu/production-scripts/ 0
0 28ms
28ms Script
text/html 2606:4700::6812:9945
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mantl.com/assets/wecu/production-scripts/wecu-analytics-pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PZW3Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9945 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
24ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=60450801&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&ul=en-us&de=UTF-8&dt=Disclosures%20%26%20Fees%20%7C%20WECU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1654830229&gjid=1449714286&cid=1419217795.1669166541&tid=UA-1652471-1&_gid=794073841.1669166541&_r=1&gtm=2wgb90N4PZW3Z&z=1340824609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
22ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=60450801&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&ul=en-us&de=UTF-8&dt=Disclosures%20%26%20Fees%20%7C%20WECU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=562416949&gjid=1137006459&cid=1419217795.1669166541&tid=UA-146651497-5&_gid=794073841.1669166541&_r=1&_slc=1&z=608126903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 52ms
26ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=60450801&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&ul=en-us&de=UTF-8&dt=Disclosures%20%26%20Fees%20%7C%20WECU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=2122658879&gjid=2113143387&cid=1419217795.1669166541&tid=UA-146171377-2&_gid=794073841.1669166541&_r=1&_slc=1&z=65610648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 815307945507570 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 81ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/815307945507570?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b0a2ca48132983cec83781fb71cd273a22decd34e9b47946f84d474369e91b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zL757Ge75VyDH9BpU9at4C8HskOc1iaFHDJtpAgKyQlw16rtlLy92MHGCJQ6b3Cf3BzpLH7ih1YNM4Lp2coCWQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/646863910/ 42 B
548 B 71ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/646863910/?random=1669166540978&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&tiba=Disclosures%20%26%20Fees%20%7C%20WECU&fmt=3&is_vtc=1&random=3064658677&rmt_tld=0&ipr=y

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/646863910/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
345 B 88ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9LCM4QXCK9&gtm=2oeb90&_p=60450801&_gaz=1&cid=1419217795.1669166541&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669166541&sct=1&seg=0&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&dt=Disclosures%20%26%20Fees%20%7C%20WECU&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9LCM4QXCK9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 102ms
28ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9LCM4QXCK9&cid=1419217795.1669166541&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9LCM4QXCK9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F Show response
adservice.google.de/ddm/fls/i/ Frame ECB3 194 B
776 B 107ms
52ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNy2gfaRw_sCFZTH1Qod7a8Nkw;src=10000290;type=pagev0;cat=allpa0;ord=8476940816545;gtm=2wgb90;auiddc=1944443233.1669166541;~oref=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:22:21 GMT
expires: Wed, 23 Nov 2022 01:22:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 81ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1652471-1&cid=1419217795.1669166541&jid=1654830229&gjid=1449714286&_gid=794073841.1669166541&_u=YEBAAEAAAAAAACAAI~&z=1687656352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 01:22:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wecu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dni_ajax.php Show response
scripts.mymarketingreports.com/dashboard/ 16 B
551 B 152ms
132ms Script
application/javascript 2606:4700::6812:970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mymarketingreports.com/dashboard/dni_ajax.php?ntid=10118489&g=&q=&u_s=&u_c=&u_m=&src=&kw=&h=www.wecu.com&p=/disclosures-fees/&cid=

Requested by

Host: scripts.mymarketingreports.com
URL: https://scripts.mymarketingreports.com/dni.1.0.0.min.js?nt_id=10118489

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777331791362f6551986e25a17e520990bd6e01e986392f16b76f3de7e7d95ac

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
strict-transport-security: max-age=15780000;
x-content-type-options: nosniff
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
x-nc-id: 2DFK4IFJ4JFI3286K
access-control-allow-credentials: true
permissions-policy: accelerometer=(), usb=()
cf-ray: 76e617e34afabbb3-FRA
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;

GET
H2 200 image.aspx
86834.global.siteimproveanalytics.io/ 34 B
477 B 123ms
16ms Image
image/gif 18.185.197.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://86834.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&title=Disclosures%20%26%20Fees%20%7C%20WECU&res=1600x1200&accountid=86834&rt=2230&prev=07f94490-1d07-a170-ad96-aa8c109cc8af&luid=4ecd536b-b364-b64d-325b-eb8c64385d5e&rnd=52146
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.197.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-197-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Nov 2022 01:22:21 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 23 Nov 2022 01:22:21 UTC

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 69ms
35ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1652471-1&cid=1419217795.1669166541&jid=1654830229&_u=YEBAAEAAAAAAACAAI~&z=1602637530

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 01:22:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H3 200 380447202870533 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/380447202870533?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66f95c770bdbd73e62b84611918d458c8e21ef1ec498d3aab1075de10dabcc7a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +l2YqPuNiguhM0RwMVM+jp0WN+X5zHi144HyeP7gNP4TrXY8SlaoBfv12Bk8oMvJ5uHLk24C96/pVsJGqL19lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
16ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815307945507570&ev=PageView&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&rl=&if=false&ts=1669166541386&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669166541385.1781728366&it=1669166541246&coo=false&rqm=GET

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
15ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=380447202870533&ev=PageView&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&rl=&if=false&ts=1669166541441&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669166541385.1781728366&it=1669166541246&coo=false&rqm=GET

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.wecu.com/disclosures-fees/ 70 KB
24 KB 202ms
202ms XHR
text/html 2606:4700:7::a29f:862a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wecu.com/disclosures-fees/

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/wp-content/themes/wecu/assets/js/jquery.min.js?ver=1667326039

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ddcc907b761e96867d64377aeb2343c4f8cfeb203be57a8cc9de4f9cf715a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src wss://.wecu.com .google.com .doubleclick.net .callrail.com vimeo.com .qualtrics.com http://.wecu.com .google-analytics.com .wecu.com .silvercloudinc.com cdn.plyr.io .siteimprove.net .siteimprove.com .stackadapt.com poshdevelopment.com api.poshdevelopment.com .poshdevelopment.com 'self'; font-src data: .formstack.com .qualtrics.com fonts.gstatic.com 'self'; frame-src 'self' .oaspapps.com .baconpay.com .poshdevelopment.com .five9.com .doubleclick.net .vimeo.com .qualtrics.com google.com .google.com .wecu.com .podbean.com .fraudmap.net .fraudmap-uat.net 'self' .youtube.com .duosecurity.com .silvercloudinc.com .mortgagewebcenter.com .siteimprove.net .siteimprove.com .wecu-dev.com .appdemostore.com; img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com; media-src 'self' .qualtrics.com youtube.com; object-src .qualtrics.com 'self'; script-src 'unsafe-eval' 'unsafe-inline' .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com .mantl.com .ipify.org .stackadapt.com .oaspapps.com .microsoft.com .baconpay.com .doubleclick.net .mymarketingreports.com .five9.com .callrail.com .googleadservices.com .vimeo.com tagmanager.google.com siteimproveanalytics.com .msecnd.net .qualtrics.com .facebook.net .googletagmanager.com .aspnetcdn.com .wecu.com .youtube.com .cloudflare.com .cloudflare.net .googleapis.com .fraudmap-uat.net .fraudmap.net .siteimprove.net .simpli.fi .siteimprove.net maps.googleapis.com s.ytimg.com 'self' .formstack.com .bugherd.com .google-analytics.com .silvercloudinc.com dni.trumeasure.com connect.facebook.net google.com .google.com gstatic.com .gstatic.com; style-src .wecu.com .stackadapt.com .googletagmanager.com .five9.com .qualtrics.com .callrail.com .googleadservices.com tagmanager.google.com .silvercloudinc.com .googleapis.com 'unsafe-inline' 'self' .formstack.com .cloudflare.net/* .cloudfront.net .cloudfront.com .appdemostore.com .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com cdn.mantl.com mantl.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://screen.cloud
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.wecu.com/disclosures-fees/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.9
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; connect-src wss://*.wecu.com *.google.com *.doubleclick.net *.callrail.com vimeo.com *.qualtrics.com http://*.wecu.com *.google-analytics.com *.wecu.com *.silvercloudinc.com cdn.plyr.io *.siteimprove.net *.siteimprove.com *.stackadapt.com poshdevelopment.com api.poshdevelopment.com *.poshdevelopment.com 'self'; font-src data: *.formstack.com *.qualtrics.com fonts.gstatic.com 'self'; frame-src 'self' *.oaspapps.com *.baconpay.com *.poshdevelopment.com *.five9.com *.doubleclick.net *.vimeo.com *.qualtrics.com google.com *.google.com *.wecu.com *.podbean.com *.fraudmap.net *.fraudmap-uat.net 'self' *.youtube.com *.duosecurity.com *.silvercloudinc.com *.mortgagewebcenter.com *.siteimprove.net *.siteimprove.com *.wecu-dev.com *.appdemostore.com; img-src data: *.mantl.com *.simpli.fi *.stackadapt.com *.five9.com google.com *.google.com *.vimeocdn.com *.qualtrics.com *.gstatic.com *.siteimproveanalytics.io *.silvercloudinc.com facebook.com *.facebook.com *.googleusercontent.com *.youtube.com *.ytimg.com *.w.org http://*.wecu.com *.wecu.com *.googleapis.com *.ggpht.com maps.gstatic.com 'self' *.formstack.com *.doubleclick.net *.google-analytics.com; media-src 'self' *.qualtrics.com youtube.com; object-src *.qualtrics.com 'self'; script-src 'unsafe-eval' 'unsafe-inline' *.poshdevelopment.com api.poshdevelopment.com poshdevelopment.com *.mantl.com *.ipify.org *.stackadapt.com *.oaspapps.com *.microsoft.com *.baconpay.com *.doubleclick.net *.mymarketingreports.com *.five9.com *.callrail.com *.googleadservices.com *.vimeo.com tagmanager.google.com siteimproveanalytics.com *.msecnd.net *.qualtrics.com *.facebook.net *.googletagmanager.com *.aspnetcdn.com *.wecu.com *.youtube.com *.cloudflare.com *.cloudflare.net *.googleapis.com *.fraudmap-uat.net *.fraudmap.net *.siteimprove.net *.simpli.fi *.siteimprove.net maps.googleapis.com s.ytimg.com 'self' *.formstack.com *.bugherd.com *.google-analytics.com *.silvercloudinc.com dni.trumeasure.com connect.facebook.net google.com *.google.com gstatic.com *.gstatic.com; style-src *.wecu.com *.stackadapt.com *.googletagmanager.com *.five9.com *.qualtrics.com *.callrail.com *.googleadservices.com tagmanager.google.com *.silvercloudinc.com *.googleapis.com 'unsafe-inline' 'self' *.formstack.com *.cloudflare.net/* *.cloudfront.net *.cloudfront.com *.appdemostore.com *.poshdevelopment.com api.poshdevelopment.com poshdevelopment.com cdn.mantl.com mantl.com
content-encoding: br
x-kinsta-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from https://screen.cloud
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tvgpkbK70t98MHTqrUysCaxJbvpeKrWN9T7o62Pk8HsY5LiTZFhG2m2kL2cAtusKlEmeUePBAagm5%2F59GET4RR9oygkRAbyHMCHWNSunEzXZ5I0zJInWdHEKJ2GGhRdc%2BTEAvLdb%2FIoEA%3D%3D"}],"group":"cf-nel","max_age":604800}
ki-cache-type: None
cf-ray: 76e617e45a8abbc2-FRA
link: <https://www.wecu.com/wp-json/>; rel="https://api.w.org/", <https://www.wecu.com/wp-json/wp/v2/pages/1050>; rel="alternate"; type="application/json", <https://www.wecu.com/?p=1050>; rel=shortlink
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 107ms
107ms Stylesheet
text/css 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 47cf058b4e797cdadcdb32102ae6e0f3885fabd808a705e96d6d36cac80a317f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 01:22:21 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 441ms
110ms Fetch
image/jpeg 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 01:22:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 441ms
110ms Fetch
image/jpeg 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 01:22:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK lal
srv.stackadapt.com/ 43 B
491 B 434ms
107ms Image
image/gif 52.0.157.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.stackadapt.com/lal?sid=ebGismSjKRTZEASXQ8yamk&url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&t=Disclosures%20%26%20Fees%20%7C%20WECU&tip=OJdq3dh21_PHQKOn_YN3Rt1P6wg4vOfVHBa6lQMnNZ4
Requested by: Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.157.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-157-121.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:22 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 34ms
15ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815307945507570&ev=Microdata&dl=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&rl=&if=false&ts=1669166541888&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Disclosures%20%26%20Fees%20%7C%20WECU%22%2C%22meta%3Adescription%22%3A%22Access%20digital%20copies%20of%20our%20membership%20agreements%2C%20service%20agreements%2C%20and%20rate%20and%20fee%20schedules.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Disclosures%20%26%20Fees%20%7C%20WECU%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F%22%2C%22og%3Asite_name%22%3A%22WECU%20-%20WECU%22%2C%22og%3Adescription%22%3A%22Access%20digital%20copies%20of%20our%20membership%20agreements%2C%20service%20agreements%2C%20and%20rate%20and%20fee%20schedules.%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669166541385.1781728366&it=1669166541246&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Nov 2022 01:22:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 / Show response
zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 104ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1HP5awOcH7t46y1

Requested by

Host: www.wecu.com
URL: https://www.wecu.com/disclosures-fees/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760cfb002ac09306480b05a4a34518219506e504ea8e11b78b4dd24216ba29d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 160551
cf-polished: origSize=8487
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2127-udByq80a+4Rf4rIjq9Vzt0WqWy8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 76e617e89e5bbbb5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 chatwidget.html Show response
js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/ Frame F608 1 KB
1 KB 17ms
17ms Document
text/html 13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-7.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c44ddad87988c9d3852193d2b1ed80030e611abd76064df323225d5723c01f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.wecu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20851
content-encoding: gzip
content-type: text/html
date: Tue, 22 Nov 2022 19:34:52 GMT
etag: W/"a4400c7c69cc2edd1b6b43e7ef63637c"
last-modified: Fri, 18 Nov 2022 18:26:42 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-id: 7ZeDVETpBKr6MenPAQBdRaogoyRJu9C_QCA1eHcIZV9e72MOhCoN8A==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 160 B
461 B 109ms
109ms XHR
text/plain 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw&is_js=true&landing_url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&t=Disclosures%20%26%20Fees%20%7C%20WECU&tip=OJdq3dh21_PHQKOn_YN3Rt1P6wg4vOfVHBa6lQMnNZ4&host=https://www.wecu.com&sa_conv_data_css_value=%20%220-3dae4027-2804-417a-57a5-bba7e423b1b7%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd95650df2841d642716f6c85231bb6fa57d9409745&sa-user-id-v2=s%253APa5AJygEQXpXpbun5COxt9lAl0U.9X8FDeEtR48IYiYrKAjDdGDLiF4jkmB6OEN1o5pc1ho&sa-user-id=s%253A0-3dae4027-2804-417a-57a5-bba7e423b1b7.AEWEGjqp0jdvbAKDN1N4hKfsV7xIUVKmUNZc%252FmkRLok
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 705a3cfce14ce395adabc38ae495e5f8c7c8ae687867037fae0f19be1ebecd77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:22 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.wecu.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 160

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
394 B 215ms
107ms XHR
text/plain 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=-JocgvUoJszNq5KYVCRDYQ&is_js=true&landing_url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&t=Disclosures%20%26%20Fees%20%7C%20WECU&tip=OJdq3dh21_PHQKOn_YN3Rt1P6wg4vOfVHBa6lQMnNZ4&host=https://www.wecu.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd92965d802dbad475460bbf3ffaa27bedcd9409745&sa-user-id-v2=s%253APa5AJygEQXpXpbun5COxt9lAl0U.9X8FDeEtR48IYiYrKAjDdGDLiF4jkmB6OEN1o5pc1ho&sa-user-id=s%253A0-3dae4027-2804-417a-57a5-bba7e423b1b7.AEWEGjqp0jdvbAKDN1N4hKfsV7xIUVKmUNZc%252FmkRLok
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 01:22:22 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.wecu.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 vendors.css
js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/ Frame F608 321 B
871 B 17ms
17ms Stylesheet
text/css 13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.css

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-7.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8e500f70605799075e111cd8313435a418c9abda245970dcd5702a90c6ce3f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html
Origin: https://js.poshdevelopment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:44:04 GMT
x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-cf-pop: FRA2-C2
age: 20299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 321
last-modified: Fri, 18 Nov 2022 18:26:43 GMT
server: AmazonS3
etag: "7e6767a26da4ac9e9c26e2845ab072c8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 6ydn5MZuO-b6jkEax0pQ0pOQaEU_yUWP5T3m-U7Vhwjl8l7VcMAtiw==

GET
H2 200 vendors.js Show response
js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/ Frame F608 2 MB
456 KB 20ms
19ms Script
application/javascript 13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.js

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-7.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5a1d25d0263fd04eb75257201977fcba0257dfeda03172535d59ddd93dc2c4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html
Origin: https://js.poshdevelopment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:11:43 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 47439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 18:26:42 GMT
server: AmazonS3
etag: W/"df5b67087bece24f19ab6811c73545f8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 8RNT24JBo-oz2AQsI6LOu6v98L_DmSOE0XPcAt7uI3n1GA4nPr6Okg==

GET
H2 200 chatwidget.js Show response
js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/ Frame F608 305 KB
89 KB 18ms
17ms Script
application/javascript 13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.js

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-7.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c2846dc396c8e09b22bd674f1f2d404c9847a798baa8568c92ff4d3fda5a05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/chatwidget.html
Origin: https://js.poshdevelopment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
date: Tue, 22 Nov 2022 19:25:13 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 21430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 18:26:42 GMT
server: AmazonS3
etag: W/"e4a7a2d17fc8569dfd9c4fd1653f4da1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: fmXOAss3EJCROaxTn3139MMxLjCSk4EcTP7_guGVPY8a7FrggCOxrw==

GET
H2 200 css
fonts.googleapis.com/ Frame F608 8 KB
697 B 68ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,300,400,600,700

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c6c74126779488b4b974799681066238e66e4a99539c92b162e7d8744fbd99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.poshdevelopment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 01:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 01:22:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 01:22:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F608 4 KB
970 B 65ms
24ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,400,600,700

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46ef3be857108e3d9d1a12d3c6f7eea561deb7c20641ad610cb09825cde1ddf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.poshdevelopment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 01:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 00:09:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 01:22:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F608 5 KB
652 B 66ms
25ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d7cb31831732cebf33f282f24184034ba3223837d1c295efbacd7843703e131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.poshdevelopment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 01:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 01:09:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 01:22:22 GMT

GET
H2 200 11.6d6c5ef8794769da04fd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 61 KB
19 KB 35ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=www.wecu.com

Requested by

Host: zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com
URL: https://zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1HP5awOcH7t46y1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbd322d5b22764f29e7ff91003f0a7a25af17af76cbee3ff46e95a3d4d80b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85005
cf-polished: origSize=63601
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"f871-1845383cf10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 76e617e8ee90bbb5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H3 200 optimizely Show response
api.poshdevelopment.com/api/v1/channel/web/v1/ Frame F608 15 KB
15 KB 122ms
122ms XHR
text/html 35.241.59.180
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.poshdevelopment.com/api/v1/channel/web/v1/optimizely

Requested by

Host: js.poshdevelopment.com
URL: https://js.poshdevelopment.com/widget/1a0e10839de53812fbfd0b4af0023d6391220971/vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.59.180 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

180.59.241.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

8685a65d24eaba7960e11bd4362565194a556a94cd8695ccb80ab144148b006d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.poshdevelopment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
referrer-policy
x-content-type-options: nosniff
x-powered-by: Express
etag: W/"3a76-jCqpS/drVtnV28rPoVtUGYPs/Mo"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://js.poshdevelopment.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14966

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 148ms
148ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1HP5awOcH7t46y1&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=www.wecu.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671b9504a935dd92a8ff6802ac0a289449cb810e4c89200410eefb46c3a46bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wecu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wecu.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: dc762af0dc016128
cf-ray: 76e617e9df8bbbb5-FRA
timing-allow-origin: *

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ Frame F608 30 KB
31 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://js.poshdevelopment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:44:00 GMT
x-content-type-options: nosniff
age: 589102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 05:44:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 39ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=wecu

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=www.wecu.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ee45b17985faa6172dc3930d47bb56303e3e9f4452e72e2c0feb9d562a081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85004
cf-polished: origSize=105331
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19b73-1845383cf10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 76e617eac8b7bbb5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 4.a5c0de52a5fc4b1cbc4b.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
915 B 40ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=wecu

Requested by

Host: zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com
URL: https://zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1HP5awOcH7t46y1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

656b507a55c361579615069ae025d160099bac360642eaba44bd2331f7fad4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85005
cf-polished: origSize=2539
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9eb-1845383cf10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 76e617eb1906bbb5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.8ce69394dfc154e65174.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 34ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=wecu

Requested by

Host: zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com
URL: https://zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1HP5awOcH7t46y1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ca1ec69de35eb28fcd7f3dfe0215a56127cacf6b15b24780bb8b2478578d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wecu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 85005
cf-polished: origSize=29568
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"7380-1845383cf10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 76e617eb1909bbb5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/5de37b20-6d0a-0136-d31b-06a9ed4ca31b

Domain: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/9025a4f0-7df5-0139-b0a2-06a60fe5fe77

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/646863910/?random=1669166540978&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&tiba=Disclosures%20%26%20Fees%20%7C%20WECU&fmt=3&is_vtc=1&random=3064658677&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LCM4QXCK9&cid=1419217795.1669166541&gtm=2oeb90&aip=1&z=1678593879

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1652471-1&cid=1419217795.1669166541&jid=1654830229&_u=YEBAAEAAAAAAACAAI~&z=1602637530

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online.wecu.com/	1969-12-31 23:59:59	Name: SERVERID Value: web05
.wecu.com/	1970-01-20 07:39:28	Name: __cf_bm Value: HCO.l93dwvKiu.I_4jPV_.FUwJBMITVEvSobMxhiFc8-1669166540-0-AQZuQ486+YUgNFczv73DnGxEVHbnRAW/Xr0KTdxhQdDtBcOd6mVV0Zymsqov0WyvWZ2pto7EMJy0QW28T2T0imw=
.wecu.com/	1970-01-20 09:49:02	Name: _gcl_au Value: 1.1.1944443233.1669166541
.doubleclick.net/	1970-01-20 07:39:27	Name: test_cookie Value: CheckForPermission
.mantl.com/	1970-01-20 07:39:28	Name: __cf_bm Value: USEXCR.64V18BBJJ6dDq1Ll08wddKfRM4gzZNc30Nb8-1669166541-0-AWbCCv4VOca2kv8LYgAuPBLEp4gHC+80z8R7bx0rJ5aqOYc8D3VhaA4h3m4dp8CucLaXXZ82jEWhB+DPSvB6W7Q=
.wecu.com/	1970-01-20 07:40:52	Name: _gid Value: GA1.2.794073841.1669166541
.wecu.com/	1970-01-20 07:39:26	Name: _gat_UA-1652471-1 Value: 1
.wecu.com/	1970-01-20 07:39:26	Name: _gat_individualRollup Value: 1
.wecu.com/	1970-01-20 07:39:26	Name: _gat_allRollup Value: 1
.wecu.com/	1970-01-20 17:15:26	Name: _ga_9LCM4QXCK9 Value: GS1.1.1669166541.1.0.1669166541.60.0.0
.wecu.com/	1970-01-20 17:15:26	Name: _ga Value: GA1.1.1419217795.1669166541
.wecu.com/	1970-01-20 17:15:26	Name: nmstat Value: 07f94490-1d07-a170-ad96-aa8c109cc8af
.wecu.com/	1970-01-20 09:49:02	Name: _fbp Value: fb.1.1669166541385.1781728366
86834.global.siteimproveanalytics.io/	1970-01-20 07:49:31	Name: AWSALBCORS Value: VVwUwX65u+I2qM0yir0sR2D4eGBZs1bkRPHBqO9V0Z+WEFX9qmy8clBev5FXejxnACmMyhvel7gKxdcCUtv/OF0RNQqsMxD695DG4RBrPvWZE8Tu9U0sH/bWNHpQ
tags.srv.stackadapt.com/	1970-01-20 16:25:02	Name: sa-user-id Value: s%3A0-3dae4027-2804-417a-57a5-bba7e423b1b7.AEWEGjqp0jdvbAKDN1N4hKfsV7xIUVKmUNZc%2FmkRLok
www.wecu.com/	1970-01-20 16:25:02	Name: sa-user-id Value: s%253A0-3dae4027-2804-417a-57a5-bba7e423b1b7.AEWEGjqp0jdvbAKDN1N4hKfsV7xIUVKmUNZc%252FmkRLok
www.wecu.com/	1970-01-20 16:25:02	Name: sa-user-id-v2 Value: s%253APa5AJygEQXpXpbun5COxt9lAl0U.9X8FDeEtR48IYiYrKAjDdGDLiF4jkmB6OEN1o5pc1ho
srv.stackadapt.com/	1970-01-20 16:25:02	Name: sa-user-id Value: s%3A0-5292d1e7-473e-45e9-68c0-3f8c7f3688a3.5bKuPIMX3nUcyGF5IpdnoDMNlOC6YdOyQxKCvGGlzE8
.srv.stackadapt.com/	1970-01-20 16:25:02	Name: sa-user-id-v2 Value: s%3AUpLR50c-RelowD-MfzaIo9lAl0U.mEwRJpJ32XFo5J3DGhsrNT2DU1r3qObhUxBsSorWDXQ

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tag.simpli.fi/sifitag/5de37b20-6d0a-0136-d31b-06a9ed4ca31b Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.mantl.com/assets/wecu/production-scripts/wecu-analytics-pixel.js?gtmcb=1282369675 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://www.wecu.com/disclosures-fees/ Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/646863910/?random=1669166540978&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wecu.com%2Fdisclosures-fees%2F&tiba=Disclosures%20%26%20Fees%20%7C%20WECU&fmt=3&is_vtc=1&random=3064658677&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com".
security	error	URL: https://www.wecu.com/disclosures-fees/ Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LCM4QXCK9&cid=1419217795.1669166541&gtm=2oeb90&aip=1&z=1678593879' because it violates the following Content Security Policy directive: "img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com".
network	error	URL: https://tag.simpli.fi/sifitag/9025a4f0-7df5-0139-b0a2-06a60fe5fe77 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.mantl.com/assets/wecu/production-scripts/wecu-analytics-pixel.js Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://www.wecu.com/disclosures-fees/ Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1652471-1&cid=1419217795.1669166541&jid=1654830229&_u=YEBAAEAAAAAAACAAI~&z=1602637530' because it violates the following Content Security Policy directive: "img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src wss://.wecu.com .google.com .doubleclick.net .callrail.com vimeo.com .qualtrics.com http://.wecu.com .google-analytics.com .wecu.com .silvercloudinc.com cdn.plyr.io .siteimprove.net .siteimprove.com .stackadapt.com poshdevelopment.com api.poshdevelopment.com .poshdevelopment.com 'self'; font-src data: .formstack.com .qualtrics.com fonts.gstatic.com 'self'; frame-src 'self' .oaspapps.com .baconpay.com .poshdevelopment.com .five9.com .doubleclick.net .vimeo.com .qualtrics.com google.com .google.com .wecu.com .podbean.com .fraudmap.net .fraudmap-uat.net 'self' .youtube.com .duosecurity.com .silvercloudinc.com .mortgagewebcenter.com .siteimprove.net .siteimprove.com .wecu-dev.com .appdemostore.com; img-src data: .mantl.com .simpli.fi .stackadapt.com .five9.com google.com .google.com .vimeocdn.com .qualtrics.com .gstatic.com .siteimproveanalytics.io .silvercloudinc.com facebook.com .facebook.com .googleusercontent.com .youtube.com .ytimg.com .w.org http://.wecu.com .wecu.com .googleapis.com .ggpht.com maps.gstatic.com 'self' .formstack.com .doubleclick.net .google-analytics.com; media-src 'self' .qualtrics.com youtube.com; object-src .qualtrics.com 'self'; script-src 'unsafe-eval' 'unsafe-inline' .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com .mantl.com .ipify.org .stackadapt.com .oaspapps.com .microsoft.com .baconpay.com .doubleclick.net .mymarketingreports.com .five9.com .callrail.com .googleadservices.com .vimeo.com tagmanager.google.com siteimproveanalytics.com .msecnd.net .qualtrics.com .facebook.net .googletagmanager.com .aspnetcdn.com .wecu.com .youtube.com .cloudflare.com .cloudflare.net .googleapis.com .fraudmap-uat.net .fraudmap.net .siteimprove.net .simpli.fi .siteimprove.net maps.googleapis.com s.ytimg.com 'self' .formstack.com .bugherd.com .google-analytics.com .silvercloudinc.com dni.trumeasure.com connect.facebook.net google.com .google.com gstatic.com .gstatic.com; style-src .wecu.com .stackadapt.com .googletagmanager.com .five9.com .qualtrics.com .callrail.com .googleadservices.com tagmanager.google.com .silvercloudinc.com .googleapis.com 'unsafe-inline' 'self' .formstack.com .cloudflare.net/* .cloudfront.net .cloudfront.com .appdemostore.com .poshdevelopment.com api.poshdevelopment.com poshdevelopment.com cdn.mantl.com mantl.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://screen.cloud
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10000290.fls.doubleclick.net
86834.global.siteimproveanalytics.io
adservice.google.com
adservice.google.de
api.ipify.org
api.poshdevelopment.com
cdn.mantl.com
collector.fraudmap.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.poshdevelopment.com
online.wecu.com
region1.analytics.google.com
scripts.mymarketingreports.com
siteimproveanalytics.com
siteintercept.qualtrics.com
srv.stackadapt.com
stats.g.doubleclick.net
tag.simpli.fi
tags.srv.stackadapt.com
web.baconpay.com
www.bugherd.com
www.facebook.com
www.five9.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.wecu.com
zn1hp5awoch7t46y1-wecu.siteintercept.qualtrics.com
tag.simpli.fi
www.google.de
104.17.179.12
104.17.208.240
13.225.78.7
172.217.16.198
18.185.197.230
18.66.122.14
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700:7::a29f:862a
2606:4700::6812:970
2606:4700::6812:9945
2606:4700:e0::ac40:6824
2a00:1450:4001:801::2002
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::645
3.216.203.91
35.241.59.180
52.0.157.121
52.20.78.240
54.161.241.46
63.128.130.61
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0c36002a9a48ac7fb768c0dcc788cd453e5c9c9630dcc9ff63513bf375bf4c18
1d7cb31831732cebf33f282f24184034ba3223837d1c295efbacd7843703e131
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20ee45b17985faa6172dc3930d47bb56303e3e9f4452e72e2c0feb9d562a081d
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2f874fdf77f6f072b8407073ea3f639a462e9fae92c0bac0fc6cc791547ae419
4443d7a14a13ce45404c1c4085bbaede8a8e5f51687c5f1898c496e461331a89
46ef3be857108e3d9d1a12d3c6f7eea561deb7c20641ad610cb09825cde1ddf0
47cf058b4e797cdadcdb32102ae6e0f3885fabd808a705e96d6d36cac80a317f
4c2846dc396c8e09b22bd674f1f2d404c9847a798baa8568c92ff4d3fda5a05b
4fd74096dc7e6ab5ae1aaf0ca47a1211a2d67b15b836e7da90f28a41f94f716e
5a1d25d0263fd04eb75257201977fcba0257dfeda03172535d59ddd93dc2c4da
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b0a2ca48132983cec83781fb71cd273a22decd34e9b47946f84d474369e91b2
5b4653c5e1e8e405b89027f0bc4006136abe8299ac8308fec5d9f4a17521e442
62953f07b9209c45b2902f9185e81444ee9322d581734c3ea47901c08ba2ac05
64216b7ce943f9a3cdfe5f9349c71c1e7710f3996320fd2c4d7437670497fada
656b507a55c361579615069ae025d160099bac360642eaba44bd2331f7fad4c3
66f95c770bdbd73e62b84611918d458c8e21ef1ec498d3aab1075de10dabcc7a
671b9504a935dd92a8ff6802ac0a289449cb810e4c89200410eefb46c3a46bce
6a83de5909622555244679d0accce9a7651908b5dca2d452a160981bd3e3ec9a
705a3cfce14ce395adabc38ae495e5f8c7c8ae687867037fae0f19be1ebecd77
760cfb002ac09306480b05a4a34518219506e504ea8e11b78b4dd24216ba29d4
777331791362f6551986e25a17e520990bd6e01e986392f16b76f3de7e7d95ac
7fb2f3959b16e7aedb525772d9ba2029ae86c16032054d6d5c8c7e0e026cd5e7
83eb1c335a8c2c85a047a3d5d0de1c0fd80238589f163adc6668085e1c3a4b9a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8685a65d24eaba7960e11bd4362565194a556a94cd8695ccb80ab144148b006d
8bbd322d5b22764f29e7ff91003f0a7a25af17af76cbee3ff46e95a3d4d80b4f
8c6c74126779488b4b974799681066238e66e4a99539c92b162e7d8744fbd99b
8dd2e54a09b38c31cfc153f973ede5db1e36de8090b1f8841fd264be362ec0ce
8e500f70605799075e111cd8313435a418c9abda245970dcd5702a90c6ce3f59
8ee6bdd7cd54ff277ff7026a4e682841e7f7935203233680012c679c4aca31eb
90ca1ec69de35eb28fcd7f3dfe0215a56127cacf6b15b24780bb8b2478578d33
97260d6ef285ce4bfacbd650e7ca161cbd19adc228fb55d81d2cdfc5b4fc5f9a
9bd0728660fdf2d433e645669dd015036836b1c21b3d1adf878595076ef69ed5
9d01329dd9d9f8a7a42505cae7ce5ef5ea62560f17260b7d3fffef160ed9463e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7853d1f4117410c0966768c9f3aeca876f6642c0af72c0d0f7afde9e1c3eb7a
ac1f4a154bcbcee0b6a0d8cb07092ca8c16c757810101233dbe71eb3ddda95d1
adaa0cc632b294c8bfef0ba389d3a96c1d38832e1ac1337d377004f041abd8eb
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ddcc907b761e96867d64377aeb2343c4f8cfeb203be57a8cc9de4f9cf715a2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c44ddad87988c9d3852193d2b1ed80030e611abd76064df323225d5723c01f08
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de84a89fdf0e4a560be66deb61c77fddcf6ce89a0b68c1fe4057c684a15f3e24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a3643a4a6f64740593944deee80468017d219bcbee93a56cf79a6ddf3717f
e58e6da721152ccaad105d50f4d18b7afbf76842b0ced21cf5d705470f1d42cb
e6c98e25f4a03e1b6ccb2f979e88650cc56347a79058fc7de9e3d28bbff4dc87
e91d62fc2547c6dc7a15a7b991e3a8186f49e4b659a3dbcc710f818c17e44e47
e9cff7465867de5699916f01aa76d144bd723aa4188f7fef1d04c683e811a81b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.wecu.com Open in urlscan Pro 2606:4700:7::a29f:862a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

93 %HTTPS

59 %IPv6

23 Domains

32 Subdomains

30 IPs

4 Countries

1955 kBTransfer

5736 kBSize

19 Cookies

12 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wecu.com Open in urlscan Pro
2606:4700:7::a29f:862a Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

93 %
HTTPS

59 %
IPv6

23
Domains

32
Subdomains

30
IPs

4
Countries

1955 kB
Transfer

5736 kB
Size

19
Cookies

71 HTTP transactions
5 data transactions